Separating key management from file system security
Proceedings of the seventeenth ACM symposium on Operating systems principles
Fast and secure distributed read-only file system
ACM Transactions on Computer Systems (TOCS)
Building secure file systems out of byzantine storage
Proceedings of the twenty-first annual symposium on Principles of distributed computing
Universal classes of hash functions (Extended Abstract)
STOC '77 Proceedings of the ninth annual ACM symposium on Theory of computing
Farsite: federated, available, and reliable storage for an incompletely trusted environment
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
High Efficiency Counter Mode Security Architecture via Prediction and Precomputation
Proceedings of the 32nd annual international symposium on Computer Architecture
Plutus: Scalable Secure File Sharing on Untrusted Storage
FAST '03 Proceedings of the 2nd USENIX Conference on File and Storage Technologies
Secure untrusted data repository (SUNDR)
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Cryptographic Security for a High-Performance Distributed File System
MSST '07 Proceedings of the 24th IEEE Conference on Mass Storage Systems and Technologies
Integrity checking in cryptographic file systems with constant trusted storage
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
New classes and applications of hash functions
SFCS '79 Proceedings of the 20th Annual Symposium on Foundations of Computer Science
The Poly1305-AES message-authentication code
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Stronger security bounds for wegman-carter-shoup authenticators
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Security notions for disk encryption
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Secure cloud storage: available infrastructures and architectures review and evaluation
TrustBus'11 Proceedings of the 8th international conference on Trust, privacy and security in digital business
OAuth and ABE based authorization in semi-trusted cloud computing: aauth
Proceedings of the second international workshop on Data intensive computing in the clouds
A cloud provider-agnostic secure storage protocol
CRITIS'10 Proceedings of the 5th international conference on Critical Information Infrastructures Security
Efficient and secure data storage operations for mobile cloud computing
Proceedings of the 8th International Conference on Network and Service Management
Hi-index | 0.00 |
A cryptographic network file system has to guarantee confidentiality and integrity of its files, and also it has to support random access. For this purpose, existing designs mainly rely on(often ad-hoc) combination of Merkle hash tree with a block cipher mode of encryption. In this paper, we propose a new design based on a MAC tree construction which uses a universal-hash based stateful MAC. This new design enables standard model security proof and also better performance compared with Merkle hash tree. We formally define the security notions for file encryption and prove that our scheme provides both confidentiality and integrity. We implement our scheme in coreFS, a user-level network file system, and evaluate the performance in comparison with the standard design. Experimental results confirm that our construction provides integrity protection at a smaller cost.