Digital signets: self-enforcing protection of digital information (preliminary version)
STOC '96 Proceedings of the twenty-eighth annual ACM symposium on Theory of computing
Pricing via Processing or Combatting Junk Mail
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
All-or-Nothing Encryption and the Package Transform
FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
Proofs of Work and Bread Pudding Protocols
CMS '99 Proceedings of the IFIP TC6/TC11 Joint Working Conference on Secure Information Networks: Communications and Multimedia Security
Time-lock Puzzles and Timed-release Crypto
Time-lock Puzzles and Timed-release Crypto
Rational secret sharing and multiparty computation: extended abstract
STOC '04 Proceedings of the thirty-sixth annual ACM symposium on Theory of computing
Moderately hard, memory-bound functions
ACM Transactions on Internet Technology (TOIT)
Query execution assurance for outsourced databases
VLDB '05 Proceedings of the 31st international conference on Very large data bases
Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems
Proceedings of the twentieth ACM symposium on Operating systems principles
IEEE Security and Privacy
Algorithmic Game Theory
Pors: proofs of retrievability for large files
Proceedings of the 14th ACM conference on Computer and communications security
Provable data possession at untrusted stores
Proceedings of the 14th ACM conference on Computer and communications security
Rationality and traffic attraction: incentives for honest path announcements in bgp
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Compact Proofs of Retrievability
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Proofs of Retrievability via Hardness Amplification
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Proofs of Storage from Homomorphic Identification Protocols
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Cryptographic primitives enforcing communication and storage complexity
FC'02 Proceedings of the 6th international conference on Financial cryptography
Secure code update for embedded devices via proofs of secure erasure
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Retroactive detection of malware with applications to mobile platforms
HotSec'10 Proceedings of the 5th USENIX conference on Hot topics in security
One-time computable self-erasing functions
TCC'11 Proceedings of the 8th conference on Theory of cryptography
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Verification of data redundancy in cloud storage
Proceedings of the 2013 international workshop on Security in cloud computing
Verifying cloud services: present and future
ACM SIGOPS Operating Systems Review
TerraCheck: verification of dedicated cloud storage
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
Hi-index | 0.00 |
We consider the following challenge: How can a cloud storage provider prove to a tenant that it's encrypting files at rest, when the provider itself holds the corresponding encryption keys? Such proofs demonstrate sound encryption policies and file confidentiality. (Cheating, cost-cutting, or misconfigured providers may bypass the computation/management burdens of encryption and store plaintext only.) To address this problem, we propose hourglass schemes, protocols that prove correct encryption of files at rest by imposing a resource requirement (e.g., time, storage or computation) on the process of translating files from one encoding domain (i.e., plaintext) to a different, target domain (i.e., ciphertext). Our more practical hourglass schemes exploit common cloud infrastructure characteristics, such as limited file-system parallelism and the use of rotational hard drives for at-rest files. For files of modest size, we describe an hourglass scheme that exploits trapdoor one-way permutations to prove correct file encryption whatever the underlying storage medium. We also experimentally validate the practicality of our proposed schemes, the fastest of which incurs minimal overhead beyond the cost of encryption. As we show, hourglass schemes can be used to verify properties other than correct encryption, e.g., embedding of "provenance tags" in files for tracing the source of leaked files. Of course, even if a provider is correctly storing a file as ciphertext, it could also store a plaintext copy to service tenant requests more efficiently. Hourglass schemes cannot guarantee ciphertext-only storage, a problem inherent when the cloud manages keys. By means of experiments in Amazon EC2, however, we demonstrate that hourglass schemes provide strong incentives for economically rational cloud providers against storage of extra plaintext file copies.