Skip to main content
SpringerLink
Log in

Composable and Robust Outsourced Storage

  • Conference paper
  • First Online:
Book cover Topics in Cryptology – CT-RSA 2018 (CT-RSA 2018)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10808))

Included in the following conference series:

Abstract

The security of data outsourcing mechanisms has become a crucial aspect of today’s IT infrastructures and they are the cryptographic foundations of real-world applications. The very fundamental goals are ensuring storage integrity and auditability, confidentiality, and access pattern hiding, as well as combinations of all of them. Despite sharing a common setting, security analyses of these tasks are often performed in a stand-alone fashion expressed in different models, which makes it hard to assess the overall security of a protocol or application involving several security schemes at once. In this work, we fill this gap and propose a composable framework suitable to capture various aspects of outsourced storage security and its applications. We instantiate the basic client-server setting in this model, where the goal of the honest client is to retain security in the presence of a malicious server. Three specific contributions of this paper are:

  1. 1.

    We present a novel definition for secure and robust outsourcing schemes and underline why this is needed in practice. Our definition is stronger than previous definitions for oblivious RAM or software protection in that it assures strong security guarantees against active attacks. Schemes meeting the definition not only assure that an attacker cannot learn the access pattern, but guarantee resilience to errors and the prevention of targeted attacks to specific locations. Unfortunately, several existing schemes cannot achieve this high level of security. For completeness, we provide a protocol based on Path ORAM that showcases that stronger security is actually achievable.

  2. 2.

    We present a novel definition for auditable storage, capturing the guarantee that a successful audit implies that the current server state allows the client to retrieve his data. We develop an audit mechanism, based on secure and robust outsourcing schemes, that is similar to the construction by Cash et al. (Eurocrpyt 2013), but is universally composable and fault-tolerant.

  3. 3.

    We revisit the security claim of a widely-used challenge-response audit mechanism, in which the server has to compute a hash H(F||c) on the file F concatenated with a uniformly random challenge c chosen by the client. Being concerned with composable security, we prove that this audit mechanism is not secure, even in the random oracle model, without additional assumptions. The composable security of this basic audit scheme was implicitly assumed in Ristenpart et al. (Eurocrypt 2011). To complete the picture, we state the additional assumptions for this audit mechanism to be provably secure and discuss the implication on practical security.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    As for proofs of knowledge, the extractor needs the capability to “rewind” the server an efficient number of times and would therefore need special access to the server program, which is not covered by a typical API.

  2. 2.

    We present here the particular instantiation of the construction notion of constructive cryptography that is necessary to understand this work. We refer to the full version for a general definition.

  3. 3.

    Such a direct influence could be modeled in UC along the lines of [3] using an additional incorruptible party.

  4. 4.

    More specifically, at each interface \(\mathsf {C}_i\) of \(\mathbf {L}\), the usual read and write capabilities are available. The server does not have access to this resource.

  5. 5.

    From a statistical point of view, if \(\textsc {flag} = 0\), we have \(t_\text {audit}\) independent samples to estimate the parameter \(\alpha \).

References

  1. Apon, D., Katz, J., Shi, E., Thiruvengadam, A.: Verifiable oblivious storage. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 131–148. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54631-0_8

    Chapter  Google Scholar 

  2. Ateniese, G., Burns, R.C., Curtmola, R., Herring, J., Kissner, L., Peterson, Z.N.J., Song, D.X.: Provable data possession at untrusted stores. In: ACM Conference on Computer and Communications Security, pp. 598–609 (2007)

    Google Scholar 

  3. Ateniese, G., Dagdelen, Ö., Damgård, I., Venturi, D.: Entangled cloud storage. Future Gener. Comput. Syst. 62, 104–118 (2016)

    Article  Google Scholar 

  4. Badertscher, C., Maurer, U.: Composable and robust outsourced storage. Cryptology ePrint Archive, Report 2017/133 (2017). https://eprint.iacr.org/2017/133. Full version of this paper

  5. Blum, M., Evans, W.S., Gemmell, P., Kannan, S., Naor, M.: Checking the correctness of memories. Algorithmica 12(2/3), 225–244 (1994)

    Article  MathSciNet  MATH  Google Scholar 

  6. Camenisch, J., Enderlein, R.R., Maurer, U.: Memory erasability amplification. In: Zikas, V., De Prisco, R. (eds.) SCN 2016. LNCS, vol. 9841, pp. 104–125. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-44618-9_6

    Google Scholar 

  7. Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: Proceedings of the 42nd Symposium on Foundations of Computer Science, pp. 136–145. IEEE (2001)

    Google Scholar 

  8. Cash, D., Küpçü, A., Wichs, D.: Dynamic proofs of retrievability via oblivious RAM. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 279–295. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38348-9_17

    Chapter  Google Scholar 

  9. Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious RAMs. J. ACM (JACM) 43(3), 431–473 (1996)

    Article  MathSciNet  MATH  Google Scholar 

  10. Goodrich, M.T., Mitzenmacher, M.: Privacy-preserving access of outsourced data via oblivious RAM simulation. In: Aceto, L., Henzinger, M., Sgall, J. (eds.) ICALP 2011, Part II. LNCS, vol. 6756, pp. 576–587. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22012-8_46

    Chapter  Google Scholar 

  11. Halevi, S., Harnik, D., Pinkas, B., Shulman-Peleg, A.: Proofs of ownership in remote storage systems. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 491–500. ACM (2011)

    Google Scholar 

  12. Hofheinz, D., Matt, C., Maurer, U.: Idealizing identity-based encryption. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015, Part I. LNCS, vol. 9452, pp. 495–520. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48797-6_21

    Chapter  Google Scholar 

  13. Juels, A., Kaliski, B.S.: PORs: proofs of retrievability for large files. In: ACM Conference on Computer and Communications Security, pp. 584–597 (2007)

    Google Scholar 

  14. Keelveedhi, S., Bellare, M., Ristenpart, T.: DupLESS: server-aided encryption for deduplicated storage. Presented as Part of the 22nd USENIX Security Symposium (USENIX Security 2013), pp. 179–194 (2013)

    Google Scholar 

  15. Maurer, U.: Indistinguishability of random systems. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 110–132. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-46035-7_8

    Chapter  Google Scholar 

  16. Maurer, U.: Constructive cryptography – a new paradigm for security definitions and proofs. In: Mödersheim, S., Palamidessi, C. (eds.) TOSCA 2011. LNCS, vol. 6993, pp. 33–56. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-27375-9_3

    Chapter  Google Scholar 

  17. Maurer, U., Renner, R.: Abstract cryptography. In: Innovations in Theoretical Computer Science, pp. 1–21 (2011)

    Google Scholar 

  18. Maurer, U., Renner, R.: From indifferentiability to constructive cryptography (and back). In: Hirt, M., Smith, A. (eds.) TCC 2016-B. LNCS, vol. 9985, pp. 3–24. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53641-4_1

    Chapter  Google Scholar 

  19. Naor, M., Rothblum, G.N.: The complexity of online memory checking. J. ACM 56(1), 2:1–2:46 (2009)

    Article  MathSciNet  MATH  Google Scholar 

  20. Ristenpart, T., Shacham, H., Shrimpton, T.: Careful with composition: limitations of the indifferentiability framework. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 487–506. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20465-4_27

    Chapter  Google Scholar 

  21. Stefanov, E., Shi, E., Song, D.X.: Towards practical oblivious RAM. In: 19th Annual Network and Distributed System Security Symposium, NDSS 2012, San Diego, California, USA, 5–8 February 2012 (2012)

    Google Scholar 

  22. Stefanov, E., Van Dijk, M., Shi, E., Fletcher, C., Ren, L., Yu, X., Devadas, S.: Path ORAM: an extremely simple oblivious RAM protocol. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, pp. 299–310. ACM (2013)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, ETH Zürich, Zürich, Switzerland

    Christian Badertscher & Ueli Maurer

Authors
  1. Christian Badertscher
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ueli Maurer
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Christian Badertscher .

Editor information

Editors and Affiliations

  1. KU Leuven , Leuven, Belgium

    Nigel P. Smart

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG, part of Springer Nature

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Badertscher, C., Maurer, U. (2018). Composable and Robust Outsourced Storage. In: Smart, N. (eds) Topics in Cryptology – CT-RSA 2018. CT-RSA 2018. Lecture Notes in Computer Science(), vol 10808. Springer, Cham. https://doi.org/10.1007/978-3-319-76953-0_19

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-76953-0_19

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-76952-3

  • Online ISBN: 978-3-319-76953-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation