SAFE: A Secure and Efficient Long-Term Distributed Storage System

Proceedings of the 8th International Workshop on Security in Blockchain and Cloud Computing Pub Date : 2020-10-06 DOI:10.1145/3384942.3406868

J. Buchmann, Ghada Dessouky, Tommaso Frassetto, Ágnes Kiss, A. Sadeghi, T. Schneider, Giulia Traverso, Shaza Zeitouni

{"title":"SAFE: A Secure and Efficient Long-Term Distributed Storage System","authors":"J. Buchmann, Ghada Dessouky, Tommaso Frassetto, Ágnes Kiss, A. Sadeghi, T. Schneider, Giulia Traverso, Shaza Zeitouni","doi":"10.1145/3384942.3406868","DOIUrl":null,"url":null,"abstract":"Secret sharing-based distributed storage systems are one approach to provide long-term protection of data even against quantum computing. Confidentiality is provided because the shares of data are renewed periodically while integrity is provided by commitment schemes. However, this solution is prohibitively costly and impractical: share renewal requires an information-theoretically secure channel between any two nodes and long-term confidential commitment schemes are computationally impractical for large files. In this paper, we present SAFE, a secret sharing-based long-term secure distributed storage system that leverages a Trusted Execution Environment (TEE) to overcome the above limitations. Share generation and renewal are performed inside the TEE and the shares are securely distributed to the storage servers. We prototype SAFE protocols using a TEE instantiation, and show their efficiency, even for large files, compared to existing schemes.","PeriodicalId":312816,"journal":{"name":"Proceedings of the 8th International Workshop on Security in Blockchain and Cloud Computing","volume":"92 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-10-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 8th International Workshop on Security in Blockchain and Cloud Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3384942.3406868","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

Abstract

Secret sharing-based distributed storage systems are one approach to provide long-term protection of data even against quantum computing. Confidentiality is provided because the shares of data are renewed periodically while integrity is provided by commitment schemes. However, this solution is prohibitively costly and impractical: share renewal requires an information-theoretically secure channel between any two nodes and long-term confidential commitment schemes are computationally impractical for large files. In this paper, we present SAFE, a secret sharing-based long-term secure distributed storage system that leverages a Trusted Execution Environment (TEE) to overcome the above limitations. Share generation and renewal are performed inside the TEE and the shares are securely distributed to the storage servers. We prototype SAFE protocols using a TEE instantiation, and show their efficiency, even for large files, compared to existing schemes.

查看原文本刊更多论文

SAFE:安全高效的长期分布式存储系统

基于秘密共享的分布式存储系统是提供数据长期保护的一种方法，即使是针对量子计算。保密性是由于数据共享定期更新，而完整性是由承诺方案提供的。然而，这种解决方案的成本过高且不切实际:共享更新需要在任意两个节点之间建立理论上的信息安全通道，而长期保密承诺方案对于大文件来说在计算上不切实际。在本文中，我们提出了SAFE，一个基于秘密共享的长期安全分布式存储系统，它利用可信执行环境(TEE)来克服上述限制。共享生成和更新在TEE内执行，共享被安全地分发到存储服务器。我们使用TEE实例化对SAFE协议进行原型化，并与现有方案相比，展示了它们的效率，即使对于大文件也是如此。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 8th International Workshop on Security in Blockchain and Cloud Computing

自引率

0.00%

发文量