Abstract
This paper presents the selective all-or-nothing transform (SAONT). It addresses the needs of users who would like to use inexpensive cloud storage services, but do not trust their providers. Encrypted data are transformed and separated into a small private fragment kept on the user’s device and a large public fragment which can be securely uploaded to a public cloud since decryption of the public fragment is infeasible without the private fragment. Therefore, outsourced data are protected even in a situation of key exposure. SAONT reduces performance overhead by combining block-wise fragmentation of a ciphertext with an application of an all-or-nothing transform only on a subset of the ciphertext.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bacis, E., De Capitani di Vimercati, S., Foresti, S., Paraboschi, S., Rosa, M., Samarati, P.: Mix&Slice: efficient access revocation in the cloud. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS 2016, pp. 217–228. ACM, New York (2016). https://doi.org/10.1145/2976749.2978377
Bessani, A., Correia, M., Quaresma, B., André, F., Sousa, P.: DEPSKY: dependable and secure storage in a cloud-of-clouds. Trans. Storage 9(4), 12:1–12:33 (2013). https://doi.org/10.1145/2535929
Bowers, K.D., Juels, A., Oprea, A.: HAIL: a high-availability and integrity layer for cloud storage. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS 2009, pp. 187–198. ACM, New York (2009). https://doi.org/10.1145/1653662.1653686
Chen, L., Laing, T.M., Martin, K.M.: Revisiting and extending the AONT-RS scheme: a robust computationally secure secret sharing scheme. In: Joye, M., Nitaj, A. (eds.) AFRICACRYPT 2017. LNCS, vol. 10239, pp. 40–57. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-57339-7_3
Cincilla, P., Boudguiga, A., Hadji, M., Kaiser, A.: Light blind: Why encrypt if you can share? In: 2015 12th International Joint Conference on e-Business and Telecommunications (ICETE). vol. 04, pp. 361–368 (July 2015)
Desai, A.: The security of all-or-nothing encryption: protecting against exhaustive key search. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 359–375. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-44598-6_23
Kapusta, K., Memmi, G.: Data protection by means of fragmentation in distributed storage systems. In: International Conference on Protocol Engineering (ICPE) and International Conference on New Technologies of Distributed Systems (NTDS), pp. 1–8, July 2015. https://doi.org/10.1109/NOTERE.2015.7293486
Kapusta, K., Memmi, G.: Enhancing data protection with a structure-wise fragmentation and dispersal of encrypted data. In: The 17th International Joint Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom), August 2018
Kapusta, K., Memmi, G., Noura, H.: Secure and resilient scheme for data protection in unattended wireless sensor networks. In: 2017 1st Cyber Security in Networking Conference (CSNet), pp. 1–8, October 2017. https://doi.org/10.1109/CSNET.2017.8241998
Kapusta, K., Memmi, G., Noura, H.: POSTER: a keyless efficient algorithm for data protection by means of fragmentation. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS 2016, pp. 1745–1747. ACM, New York (2016). https://doi.org/10.1145/2976749.2989043
Karame, G.O., Soriente, C., Lichota, K., Capkun, S.: Securing cloud data under key exposure. IEEE Trans. Cloud Comput., p. 1 (2017). https://doi.org/10.1109/TCC.2017.2670559
Krawczyk, H.: Secret sharing made short. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 136–146. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48329-2_12
Memmi, G., Kapusta, K., Qiu, H.: Data protection: combining fragmentation, encryption, and dispersion. In: 2015 International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (SSIC), pp. 1–9, August 2015. https://doi.org/10.1109/SSIC.2015.7245680
Reed, I.S., Solomon, G.: Polynomial codes over certain finite fields. J. Soc. Ind. Appl. Math. 8(2), 300–304 (1960). https://doi.org/10.1137/0108018
Resch, J.K., Plank, J.S.: AONT-RS: blending security and performance in dispersed storage systems. In: Proceedings of the 9th USENIX Conference on File and Storage Technologies, FAST 2011, p. 14, Berkeley, CA, USA (2011). http://dl.acm.org/citation.cfm?id=1960475.1960489
Rivest, R.L.: All-or-nothing encryption and the package transform. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 210–218. Springer, Heidelberg (1997). https://doi.org/10.1007/BFb0052348
Stinson, D.R.: Something about all or nothing (transforms). Des. Codes Cryptogr. 22(2), 133–138 (2001). https://doi.org/10.1023/A:1008304703074
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Kapusta, K., Memmi, G. (2018). Selective All-Or-Nothing Transform: Protecting Outsourced Data Against Key Exposure. In: Castiglione, A., Pop, F., Ficco, M., Palmieri, F. (eds) Cyberspace Safety and Security. CSS 2018. Lecture Notes in Computer Science(), vol 11161. Springer, Cham. https://doi.org/10.1007/978-3-030-01689-0_15
Download citation
DOI: https://doi.org/10.1007/978-3-030-01689-0_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-01688-3
Online ISBN: 978-3-030-01689-0
eBook Packages: Computer ScienceComputer Science (R0)