10-11-2012, 06:01 PM
A Secure Erasure Code-Based Cloud Storage System with Secure Data Forwarding
A Secure Erasure Code-Based Cloud Storage.pdf (Size: 700.28 KB / Downloads: 67)
INTRODUCTION
AS high-speed networks and ubiquitous Internet access
become available in recent years, many services are
provided on the Internet such that users can use them from
anywhere at any time. For example, the email service is
probably the most popular one. Cloud computing is a
concept that treats the resources on the Internet as a unified
entity, a cloud. Users just use services without being
concerned about how computation is done and storage is
managed. In this paper, we focus on designing a cloud
storage system for robustness, confidentiality, and functionality.
A cloud storage system is considered as a largescale
distributed storage system that consists of many
independent storage servers.
Data robustness is a major requirement for storage
systems. There have been many proposals of storing data
over storage servers [1], [2], [3], [4], [5]. One way to provide
data robustness is to replicate a message such that each
storage server stores a copy of the message. It is very robust
because the message can be retrieved as long as one storage
server survives. Another way is to encode a message of k
symbols into a codeword of n symbols by erasure coding. To
store a message, each of its codeword symbols is stored in a
different storage server.
Proxy Re-Encryption Schemes
Proxy re-encryption schemes are proposed by Mambo and
Okamoto [14] and Blaze et al. [15]. In a proxy re-encryption
scheme, a proxy server can transfer a ciphertext under a
public key PKA to a new one under another public key PKB
by using the re-encryption key RKA!B. The server does not
know the plaintext during transformation. Ateniese et al.
[16] proposed some proxy re-encryption schemes and
applied them to the sharing function of secure storage
systems. In their work, messages are first encrypted by the
owner and then stored in a storage server.
Integrity Checking Functionality
Another important functionality about cloud storage is the
function of integrity checking. After a user stores data into
the storage system, he no longer possesses the data at hand.
The user may want to check whether the data are properly
stored in storage servers. The concept of provable data
possession [20], [21] and the notion of proof of storage [22],
[23], [24] are proposed. Later, public auditability of stored
data is addressed in [25]. Nevertheless all of them consider
the messages in the cleartext form.
CONSTRUCTION OF SECURE CLOUD STORAGE SYSTEMS
Before presenting our storage system, we briefly introduce
the algebraic setting, the hardness assumption, an erasure
code over exponents, and our approach.
Bilinear map. Let GG1 and GG2 be cyclic multiplicative
groups2 with a prime order p and g 2 GG1 be a generator. A
map ~e : GG1 GG1 ! GG2 is a bilinear map if it is efficiently
computable and has the properties of bilinearity and
nondegeneracy: for any x; y 2 ZZ
p ; ~eðgx; gyÞ ¼ ~eðg; gÞxy and
~eðg; gÞ is not the identity element in GG2. Let Genð1Þ be an
algorithm generating ðg; ~e;GG1;GG2; pÞ, where is the length
of p. Let x 2R X denote that x is randomly chosen from the
set X.
A Straightforward Solution
A straightforward solution to supporting the data forwarding
function in a distributed storage system is as follows:
when the owner A wants to forward a message to user B, he
downloads the encrypted message and decrypts it by using
his secret key. He then encrypts the message by using B’s
public key and uploads the new ciphertext. When B wants
to retrieve the forwarded message from A, he downloads
the ciphertext and decrypts it by his secret key. The whole
data forwarding process needs three communication
rounds for A’s downloading and uploading and B’s
downloading. The communication cost is linear in the
length of the forwarded message. The computation cost is
the decryption and encryption for the owner A, and the
decryption for user B.
DISCUSSION AND CONCLUSION
In this paper, we consider a cloud storage system consists of
storage servers and key servers. We integrate a newly
LIN AND TZENG: A SECURE ERASURE CODE-BASED CLOUD STORAGE SYSTEM WITH SECURE DATA FORWARDING 1001
TABLE 1
The Computation Cost of Each Algorithm
in Our Secure Cloud Storage System
proposed threshold proxy re-encryption scheme and
erasure codes over exponents. The threshold proxy reencryption
scheme supports encoding, forwarding, and
partial decryption operations in a distributed way. To
decrypt a message of k blocks that are encrypted and
encoded to n codeword symbols, each key server only has
to partially decrypt two codeword symbols in our system.
By using the threshold proxy re-encryption scheme, we
present a secure cloud storage system that provides secure
data storage and secure data forwarding functionality in a
decentralized structure. Moreover, each storage server
independently performs encoding and re-encryption and
each key server independently performs partial decryption.
Our storage system and some newly proposed content
addressable file systems and storage system [27], [28], [29]
are highly compatible. Our storage servers act as storage
nodes in a content addressable storage system for storing
content addressable blocks. Our key servers act as access
nodes for providing a front-end layer such as a traditional
file system interface. Further study on detailed cooperation
is required.