Abstract
In his well-known Information Dispersal Algorithm paper, Rabin showed a way to distribute information among n processors in such a way that recovery of the information is possible in the presence of up to t inactive processors. An enhanced mechanism to enable construction in the presence of malicious faults, which can intentionally modify their shares of the information, was later presented by Krawczyk. Yet, this method assumed that the malicious faults occur only at reconstruction time.
In this paper we address the more general problem of secure storage and retrieval of information (SSRI), and guarantee that also the process of storing the information is correct even when some of the processors fail. Our protocols achieve this while maintaining the (asymptotical) space optimality of the above methods.
We also consider SSRI with the added requirement of confidentiality, by which no party except for the rightful owner of the information is able to learn anything about it. This is achieved through novel applications of cryptographic techniques, such as the distributed generation of receipts, distributed key management via threshold cryptography, and “blinding.” An interesting byproduct of our scheme is the construction of a secret sharing scheme with shorter shares size in the amortized sense. An immediate practical application of our work is a system for the secure deposit of sensitive data.
Preview
Unable to display preview. Download preview PDF.
References
Blahut R., Theory and Practice of Error Control Codes, Addison-Wesley, 1984.
C. Boyd. Digital Multisignatures. In H. Baker and F. Piper, editors, Cryptography and Coding, pages 241–246. Claredon Press, 1986.
Bellare M., Canetti R. and Krawczyk H., “Keying Hash Fonctions for Message Authentication,” Proc. Advances in Cryptology-CRYPTO '96, LNCS Vol. 1109, Springer-Verlag, pp. 1–15, 1996.
Berlekamp E. and Welch L., “Error Correction of Algebraic Block Codes,” US Patent 4,633,470.
D. Chaum, “Blind signatures for untraceable payments,” Proc. CRYPTO 82, pp. 199–203, 1983.
P. Chen, J. Garay, A. Herzberg, and H. Krawczyk. “Design and Implementation of Modular Key Management Protocol and IP Secure Tunnel,” Proc. USENIX Security '95, Salt Lake City, Utah, June 1995.
Chor, B., Goldwasser, S., Micali, S., and Awerbuch, B., “Verifiable Secret Sharing and Achieving Simultaneity in the Presence of Faults,” Proc. 26th Annual IEEE Symposium on the Foundations of Computer Science, pp. 383–395, 1985.
M. Cerecedo, T. Matsumoto, and H. Imai. Efficient and Secure Multiparty Generation of Digital Signatures Based on Discrete Logarithms. IEICE Trans. Fundamentals, E76-A(4):532–545, April 1993. US Patent 4,633,470. [CH89] R. A. Croft and S. P. Harris. Public-key cryptography and re-usable shared secrets. In H. Baker and F. Piper, editors, Cryptography and Coding, pages 189–201. Claredon Press, 1989.
A. De Santis, Y. Desmedt, Y. Frankel, and M. Yung. How to share a function securely. In Proc. 26th ACM Symp. on Theory of Computing, pages 522-533, Santa Fe, 1994. IEEE.
Y. Desmedt. Society and group oriented cryptography: A new concept. In Carl Pomerance, editor, Proc. CRYPTO 87, pages 120-127. Springer-Verlag, 1988. Lecture Notes in Computer Science No. 293.
Y.G. Desmedt. Threshold cryptography. European Transactions on Telecommunications, 5(4):449–457, July 1994.
Y. Desmedt and Y. Frankel. Threshold cryptosystems. In G. Brassard, editor, Proc. CRYPTO 89, pages 307–315. Springer-Verlag, 1990. Lecture Notes in Computer Science No. 435.
Y. Desmedt and Y. Frankel. Shared generation of authenticators and signatures. In J. Feigenbaum, editor, Proc. CRYPTO 91, pages 457–469. Springer, 1992. Lecture Notes in Computer Science No. 576.
“Entrust-Enterprise-Wide Encryption and Digital Signatures,” System Overview and Installation Guide.
Y. Frankel, P. Gemmell, and M. Yung. Witness-based Cryptographic Program Checking and Robust Function Sharing. In Proceedings of the ACM Symposium on Theory of Computing, 1996.
R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin. Robust Threshold DSS Signatures. In Advances in Cryptology-EUROCRYPT'96, Lecture Notes in Computer Science vo1.1070, Springer-Verlag, 1996.
R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin. Robust and Efficient Sharing of RSA Functions. In Advances in Cryptoiogy-CRYPTO'96, Lecture Notes in Computer Science vol. 1109, pp.157-172, Springer-Verlag, 1996.
L. Harn. Group oriented (t,n) digital signature scheme. IEE Proc.-Comput.Digit.Tech, 141(5), Sept 1994.
T. Hardjono and J. Seberry, “Strongboxes for Electronic Commerece,”Proc. 2nd USENIX WOrkshop on Electronic Commerece, pp. 135-145, Oakland, CA, November 1996.
Hickman, K. E. B. Secure Socket Library. Netscape Communications Corp., Feb. 9th, 1995. http://wvw.zcon.com/into/SSL.htal.
Krawcayk H., “Distributed Fingerprints and Secure Information Dispersal,” Proc. 20th Annual ACM Symp. on Principles of Distributed Computing, pp. 207–218, Ithaca, NY, 1993.
Krawczyk H., “Secret sharing made short,” Advances in Cryptology-Crypto '93, Lecture Notes in Computer Science, pp.136–146, Springer-Verlag, 1993.
L. LAMPORT, R.E. SHOSTAK and M. PBASB, The Byzantine generals problem, ACM Trans. Prog. Lang. and Systems, 4:3 (1982), pp. 382–401.
C. Park, and K. Kurosawa. New ElGama1 Type Threshold Digital Signature Scheme. IEICE Trans. Pundamentals, E79-A(1):86–93, January 1996.
Preparata F.P., “Holographic Dispersal and Recovery of Information”, IEEE Trans. on Information Theory, IT-35, No. 5, pp. 1123–1124, 1989
Rabin M., “Efficient Dispersal of Information for Security, Load Balancing, and Fault Tolerance,” Journal of the ACM, Vol. 36(2), pp. 335–348, 1989.
Rivest R., Shamir, A. and L. Adleman “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems,” Communications of the ACM, Vol. 21, pp. 120–126, 1978.
Shamir, A., “How to Share a Secret,” Communications of the ACM, Vol. 22, pp. 612–613, 1979.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1997 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Garay, J.A., Gennaro, R., Jutla, C., Rabin, T. (1997). Secure distributed storage and retrieval. In: Mavronicolas, M., Tsigas, P. (eds) Distributed Algorithms. WDAG 1997. Lecture Notes in Computer Science, vol 1320. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0030690
Download citation
DOI: https://doi.org/10.1007/BFb0030690
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-63575-8
Online ISBN: 978-3-540-69600-1
eBook Packages: Springer Book Archive