Integrity Protection for Revision Control

  • Christian Cachin
  • Martin Geisler
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5536)


Users of online-collaboration tools and network storage services place considerable trust in their providers. This paper presents a novel approach for protecting data integrity in revision control systems hosted by an untrusted provider. It guarantees atomic read and write operations on the shared data when the service is correct and preserves fork-linearizability when the service is faulty. A prototype has been implemented on top of the Subversion revision control system; benchmarks show that the approach is practical.


Hash trees memory checking fork linearizability storage security applied cryptography 


  1. 1.
    Afek, Y., Attiya, H., Dolev, D., Gafni, E., Merritt, M., Shavit, N.: Atomic snapshots of shared memory. Journal of the ACM 40(4), 873–890 (1993)CrossRefzbMATHGoogle Scholar
  2. 2.
    Baker, M., Shah, M., Rosenthal, D.S.H., Roussopoulos, M., Maniatis, P., Giuli, T., Bungale, P.: A fresh look at the reliability of long-term digital storage. In: Proc. 1st European Conference on Computer Systems (EuroSys), pp. 221–234 (2006)Google Scholar
  3. 3.
    Blum, M., Evans, W., Gemmell, P., Kannan, S., Naor, M.: Checking the correctness of memories. Algorithmica 12, 225–244 (1994)MathSciNetCrossRefzbMATHGoogle Scholar
  4. 4.
    Cachin, C., Keidar, I., Shraer, A.: Fail-aware untrusted storage. In: Proc. International Conference on Dependable Systems and Networks (DSN-DCCS) (2009)Google Scholar
  5. 5.
    Cachin, C., Shelat, A., Shraer, A.: Efficient fork-linearizable access to untrusted shared memory. In: Proc. 26th ACM Symposium on Principles of Distributed Computing (PODC), pp. 129–138 (August 2007)Google Scholar
  6. 6.
    Clarke, D., Suh, G.E., Gassend, B., Sudan, A., van Dijk, M., Devadas, S.: Towards constant bandwidth overhead integrity checking of untrusted data. In: Proc. 26th IEEE Symposium on Security & Privacy (2005)Google Scholar
  7. 7.
    CNET News. Red Hat, Fedora servers compromised (August 2008),
  8. 8.
    Goh, E.-J., Shacham, H., Modadugu, N., Boneh, D.: SiRiUS: Securing remote untrusted storage. In: Proc. Network and Distributed Systems Security Symposium (NDSS) (2003)Google Scholar
  9. 9.
    Haber, S., Stornetta, W.S.: How to time-stamp a digital document. Journal of Cryptology 3, 99–111 (1991)CrossRefzbMATHGoogle Scholar
  10. 10.
    Herlihy, M., Shavit, N.: The Art of Multiprocessor Programming. Morgan Kaufmann, San Francisco (2008)Google Scholar
  11. 11.
    Li, J., Krohn, M., Maziéres, D., Shasha, D.: Secure untrusted data repository (SUNDR). In: Proc. 6th Symp. Operating Systems Design and Implementation (OSDI), pp. 121–136 (2004)Google Scholar
  12. 12.
    Maheshwari, U., Vingralek, R., Shapiro, W.: How to build a trusted database system on untrusted storage. In: Proc. 4th Symp. Operating Systems Design and Implementation (OSDI) (2000)Google Scholar
  13. 13.
    Mazières, D., Kaminsky, M., Kaashoek, F., Witchel, E.: Separating key management from file system security. In: Proc. 17th ACM Symposium on Operating System Principles (SOSP) (1999)Google Scholar
  14. 14.
    Mazières, D., Shasha, D.: Building secure file systems out of Byzantine storage. In: Proc. 21st ACM Symposium on Principles of Distributed Computing (PODC) (2002)Google Scholar
  15. 15.
    Merkle, R.C.: Protocols for public-key cryptosystems. In: Proc. IEEE Symposium on Security & Privacy, pp. 122–133 (1980)Google Scholar
  16. 16.
    Mykletun, E., Narasimha, M., Tsudik, G.: Authentication and integrity in outsourced databases. ACM Transactions on Storage 2(2), 107–138 (2006)CrossRefGoogle Scholar
  17. 17.
    Papamanthou, C., Tamassia, R., Triandopoulos, N.: Authenticated hash tables. In: Proc. 15th ACM Conference on Computer and Communications Security (2008)Google Scholar
  18. 18.
    Siong, N.P., Toivonen, H.: M2Crypto Python interface to OpenSSL. Version 0.18.2 (2008),
  19. 19.
    Wright, C.P., Dave, J., Zadok, E.: Cryptographic file systems performance: What you don’t know can hurt you. In: Proc. 2nd International IEEE Security in Storage Workshop (SISW) (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Christian Cachin
    • 1
  • Martin Geisler
    • 2
  1. 1.Zurich Research LaboratoryIBM ResearchSwitzerland
  2. 2.Department of Computer ScienceUniversity of AarhusDenmark

Personalised recommendations