22-02-2013, 04:48 PM
A Secure Erasure Code-Based Cloud Storage System with Secure Data Forwarding
[attachment=51518]
Abstract
A cloud storage system, consisting of a collection of storage servers, provides long-term storage services over the Internet.
Storing data in a third party’s cloud system causes serious concern over data confidentiality. General encryption schemes protect data
confidentiality, but also limit the functionality of the storage system because a few operations are supported over encrypted data.
Constructing a secure storage system that supports multiple functions is challenging when the storage system is distributed and has no
central authority. We propose a threshold proxy re-encryption scheme and integrate it with a decentralized erasure code such that a
secure distributed storage system is formulated. The distributed storage system not only supports secure and robust data storage and
retrieval, but also lets a user forward his data in the storage servers to another user without retrieving the data back. The main technical
contribution is that the proxy re-encryption scheme supports encoding operations over encrypted messages as well as forwarding
operations over encoded and encrypted messages. Our method fully integrates encrypting, encoding, and forwarding. We analyze and
suggest suitable parameters for the number of copies of a message dispatched to storage servers and the number of storage servers
queried by a key server. These parameters allow more flexible adjustment between the number of storage servers and robustness.
INTRODUCTION
AS high-speed networks and ubiquitous Internet access
become available in recent years, many services are
provided on the Internet such that users can use them from
anywhere at any time. For example, the email service is
probably the most popular one. Cloud computing is a
concept that treats the resources on the Internet as a unified
entity, a cloud. Users just use services without being
concerned about how computation is done and storage is
managed. In this paper, we focus on designing a cloud
storage system for robustness, confidentiality, and functionality.
A cloud storage system is considered as a largescale
distributed storage system that consists of many
independent storage servers.
Proxy Re-Encryption Schemes
Proxy re-encryption schemes are proposed by Mambo and
Okamoto [14] and Blaze et al. [15]. In a proxy re-encryption
scheme, a proxy server can transfer a ciphertext under a
public key PKA to a new one under another public key PKB
by using the re-encryption key RKA!B. The server does not
know the plaintext during transformation. Ateniese et al.
[16] proposed some proxy re-encryption schemes and
applied them to the sharing function of secure storage
systems. In their work, messages are first encrypted by the
owner and then stored in a storage server.
Integrity Checking Functionality
Another important functionality about cloud storage is the
function of integrity checking. After a user stores data into
the storage system, he no longer possesses the data at hand.
The user may want to check whether the data are properly
stored in storage servers. The concept of provable data
possession [20], [21] and the notion of proof of storage [22],
[23], [24] are proposed. Later, public auditability of stored
data is addressed in [25]. Nevertheless all of them consider
the messages in the cleartext form.
SCENARIO
We present the scenario of the storage system, the threat
model that we consider for the confidentiality issue, and a
discussion for a straightforward solution.
A Straightforward Solution
A straightforward solution to supporting the data forwarding
function in a distributed storage system is as follows:
when the owner A wants to forward a message to user B, he
downloads the encrypted message and decrypts it by using
his secret key. He then encrypts the message by using B’s
public key and uploads the new ciphertext. When B wants
to retrieve the forwarded message from A, he downloads
the ciphertext and decrypts it by his secret key. The whole
data forwarding process needs three communication
rounds for A’s downloading and uploading and B’s
downloading. The communication cost is linear in the
length of the forwarded message. The computation cost is
the decryption and encryption for the owner A, and the
decryption for user B.
DISCUSSION AND CONCLUSION
The Computation Cost of Each Algorithm
in Our Secure Cloud Storage System proposed threshold proxy re-encryption scheme and
erasure codes over exponents. The threshold proxy reencryption
scheme supports encoding, forwarding, and
partial decryption operations in a distributed way. To
decrypt a message of k blocks that are encrypted and
encoded to n codeword symbols, each key server only has
to partially decrypt two codeword symbols in our system.
By using the threshold proxy re-encryption scheme, we
present a secure cloud storage system that provides secure
data storage and secure data forwarding functionality in a
decentralized structure. Moreover, each storage server
independently performs encoding and re-encryption and
each key server independently performs partial decryption.
[attachment=51518]
Abstract
A cloud storage system, consisting of a collection of storage servers, provides long-term storage services over the Internet.
Storing data in a third party’s cloud system causes serious concern over data confidentiality. General encryption schemes protect data
confidentiality, but also limit the functionality of the storage system because a few operations are supported over encrypted data.
Constructing a secure storage system that supports multiple functions is challenging when the storage system is distributed and has no
central authority. We propose a threshold proxy re-encryption scheme and integrate it with a decentralized erasure code such that a
secure distributed storage system is formulated. The distributed storage system not only supports secure and robust data storage and
retrieval, but also lets a user forward his data in the storage servers to another user without retrieving the data back. The main technical
contribution is that the proxy re-encryption scheme supports encoding operations over encrypted messages as well as forwarding
operations over encoded and encrypted messages. Our method fully integrates encrypting, encoding, and forwarding. We analyze and
suggest suitable parameters for the number of copies of a message dispatched to storage servers and the number of storage servers
queried by a key server. These parameters allow more flexible adjustment between the number of storage servers and robustness.
INTRODUCTION
AS high-speed networks and ubiquitous Internet access
become available in recent years, many services are
provided on the Internet such that users can use them from
anywhere at any time. For example, the email service is
probably the most popular one. Cloud computing is a
concept that treats the resources on the Internet as a unified
entity, a cloud. Users just use services without being
concerned about how computation is done and storage is
managed. In this paper, we focus on designing a cloud
storage system for robustness, confidentiality, and functionality.
A cloud storage system is considered as a largescale
distributed storage system that consists of many
independent storage servers.
Proxy Re-Encryption Schemes
Proxy re-encryption schemes are proposed by Mambo and
Okamoto [14] and Blaze et al. [15]. In a proxy re-encryption
scheme, a proxy server can transfer a ciphertext under a
public key PKA to a new one under another public key PKB
by using the re-encryption key RKA!B. The server does not
know the plaintext during transformation. Ateniese et al.
[16] proposed some proxy re-encryption schemes and
applied them to the sharing function of secure storage
systems. In their work, messages are first encrypted by the
owner and then stored in a storage server.
Integrity Checking Functionality
Another important functionality about cloud storage is the
function of integrity checking. After a user stores data into
the storage system, he no longer possesses the data at hand.
The user may want to check whether the data are properly
stored in storage servers. The concept of provable data
possession [20], [21] and the notion of proof of storage [22],
[23], [24] are proposed. Later, public auditability of stored
data is addressed in [25]. Nevertheless all of them consider
the messages in the cleartext form.
SCENARIO
We present the scenario of the storage system, the threat
model that we consider for the confidentiality issue, and a
discussion for a straightforward solution.
A Straightforward Solution
A straightforward solution to supporting the data forwarding
function in a distributed storage system is as follows:
when the owner A wants to forward a message to user B, he
downloads the encrypted message and decrypts it by using
his secret key. He then encrypts the message by using B’s
public key and uploads the new ciphertext. When B wants
to retrieve the forwarded message from A, he downloads
the ciphertext and decrypts it by his secret key. The whole
data forwarding process needs three communication
rounds for A’s downloading and uploading and B’s
downloading. The communication cost is linear in the
length of the forwarded message. The computation cost is
the decryption and encryption for the owner A, and the
decryption for user B.
DISCUSSION AND CONCLUSION
The Computation Cost of Each Algorithm
in Our Secure Cloud Storage System proposed threshold proxy re-encryption scheme and
erasure codes over exponents. The threshold proxy reencryption
scheme supports encoding, forwarding, and
partial decryption operations in a distributed way. To
decrypt a message of k blocks that are encrypted and
encoded to n codeword symbols, each key server only has
to partially decrypt two codeword symbols in our system.
By using the threshold proxy re-encryption scheme, we
present a secure cloud storage system that provides secure
data storage and secure data forwarding functionality in a
decentralized structure. Moreover, each storage server
independently performs encoding and re-encryption and
each key server independently performs partial decryption.