Paper 2008/175

Proofs of Retrievability: Theory and Implementation

Kevin D. Bowers, Ari Juels, and Alina Oprea

Abstract

A proof of retrievability (POR) is a compact proof by a file system (prover) to a client (verifier) that a target file F is intact, in the sense that the client can fully recover it. As PORs incur lower communication complexity than transmission of F itself, they are an attractive building block for high-assurance remote storage systems. In this paper, we propose a theoretical framework for the design of PORs. Our framework improves the previously proposed POR constructions of Juels-Kaliski and Shacham-Waters, and also sheds light on the conceptual limitations of previous theoretical models for PORs. It supports a fully Byzantine adversarial model, carrying only the restriction—fundamental to all PORs—that the adversary’s error rate be bounded when the client seeks to extract . Our techniques support efficient protocols across the full possible range of , up to non-negligibly close to 1. We propose a new variant on the Juels-Kaliski protocol and describe a prototype implementation. We demonstrate practical encoding even for files whose size exceeds that of client main memory.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Contact author(s)
ajuels @ rsa com
History
2009-02-23: last of 3 revisions
2008-04-21: received
See all versions
Short URL
https://ia.cr/2008/175
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2008/175,
      author = {Kevin D.  Bowers and Ari Juels and Alina Oprea},
      title = {Proofs of Retrievability: Theory and Implementation},
      howpublished = {Cryptology {ePrint} Archive, Paper 2008/175},
      year = {2008},
      url = {https://eprint.iacr.org/2008/175}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.