Contributing Partners

AIT, TUDA

Executive Summary

Secure distributed storage solutions and their derivatives are of increasing importance in every-day life and a very vibrant eld of research. PRISMACLOUD tries to address confidentiality, integrity, and high availability of distributed data in the cloud-computing context. In particular, the secure outsourcing of data into the cloud without a single point of failure is a non-trivial task. In deliverable D4.1 [DDH+16], we consider this problem, give a state-of-the-art overview, and identify the research gaps.

In this deliverable (D4.2), we document our work on closing these gaps identified in D4.1 and deal with advancements in distributed-storage protocols. In particular (and following D4.1), we focus on secret sharing, which is a powerful tool in the distributed-storage context. We describe four scientic results that signicantly improve the state-of-the-art within the domain of distributed storage based on secret sharing.

- As a first result, we propose the first batch-veriable secret sharing scheme with a significant security property, namely that of unconditional privacy. Unconditional private distributed storage schemes ensure the confidentiality of the distributed data in a long-term sense and, hence, it is of compelling importance within the distributed data setting. This work is going to be published in [KLS17].

- As a second result, we provide a framework for dynamic secret sharing, which allows to add and remove shareholders, to renew shares, and to modify the conditions for accessing the distributed data, without reconstructing it. In addition, we present the first dynamic hierarchical secret sharing scheme and show how it can be made verifiable. This work was published in [TDB16b].

- As a third result, we provide a solution for distributed storage systems based on secret sharing that ensures the condfientiality and the retrievability of the distributed data. More precisely, our scheme is resilient against unreliable storage servers because adaptive social secret sharing is used and a suitable trust system is designed. This work was published in [TDHB16].

- As a fourth result, we consider third-party auditing. Especially when storing critical data into the cloud, one often further requires efficient means to check whether the data is actually stored correctly on these servers. In the best case, such an auditing could itself be outsourced to a third party which does not need to be trusted by the data owner. This work was published in [DKLT16].