D4.2 Progress Report on Efficient Sharing Based Storage Protocols

Contributing Partners


Executive Summary

Secure distributed storage solutions and their derivatives are of increasing importance in every-day life and a very vibrant eld of research. PRISMACLOUD tries to address con fidentiality, integrity, and high availability of distributed data in the cloud-computing context. In particular, the secure outsourcing of data into the cloud without a single point of failure is a non-trivial task. In deliverable D4.1 [DDH+16], we consider this problem, give a state-of-the-art overview, and identify the research gaps.

In this deliverable (D4.2), we document our work on closing these gaps identi fied in D4.1 and deal with advancements in distributed-storage protocols. In particular (and following D4.1), we focus on secret sharing, which is a powerful tool in the distributed-storage context. We describe four scienti c results that signi cantly improve the state-of-the-art within the domain of distributed storage based on secret sharing.

- As a first result, we propose the fi rst batch-veri able secret sharing scheme with a signi ficant security property, namely that of unconditional privacy. Unconditional private distributed storage schemes ensure the con fidentiality of the distributed data in a long-term sense and, hence, it is of compelling importance within the distributed data setting. This work is going to be published in [KLS17].

- As a second result, we provide a framework for dynamic secret sharing, which allows to add and remove shareholders, to renew shares, and to modify the conditions for accessing the distributed data, without reconstructing it. In addition, we present the first dynamic hierarchical secret sharing scheme and show how it can be made verifi able. This work was published in [TDB16b].

- As a third result, we provide a solution for distributed storage systems based on secret sharing that ensures the con dfientiality and the retrievability of the distributed data. More precisely, our scheme is resilient against unreliable storage servers because adaptive social secret sharing is used and a suitable trust system is designed. This work was published in [TDHB16].

- As a fourth result, we consider third-party auditing. Especially when storing critical data into the cloud, one often further requires efficient means to check whether the data is actually stored correctly on these servers. In the best case, such an auditing could itself be outsourced to a third party which does not need to be trusted by the data owner. This work was published in [DKLT16].