Paper 2012/511

Entangled Cloud Storage

Giuseppe Ateniese, Özgür Dagdelen, Ivan Damgard, and Daniele Venturi

Abstract

Entangled cloud storage (Aspnes et al., ESORICS 2004) enables a set of clients to "entangle" their files into a single *clew* to be stored by a (potentially malicious) cloud provider. The entanglement makes it impossible to modify or delete significant part of the clew without affecting *all* files encoded in the clew. A clew keeps the files in it private but still lets each client recover his own data by interacting with the cloud provider; no cooperation from other clients is needed. At the same time, the cloud provider is discouraged from altering or overwriting any significant part of the clew as this will imply that none of the clients can recover their files. We put forward the first simulation-based security definition for entangled cloud storage, in the framework of *universal composability* (Canetti, FOCS 2001). We then construct a protocol satisfying our security definition, relying on an *entangled encoding scheme* based on privacy-preserving polynomial interpolation; entangled encodings were originally proposed by Aspnes et al. as useful tools for the purpose of data entanglement. As a contribution of independent interest we revisit the security notions for entangled encodings, putting forward stronger definitions than previous work (that for instance did not consider collusion between clients and the cloud provider). Protocols for entangled cloud storage find application in the cloud setting, where clients store their files on a remote server and need to be ensured that the cloud provider will not modify or delete their data illegitimately. Current solutions, e.g., based on Provable Data Possession and Proof of Retrievability, require the server to be challenged regularly to provide evidence that the clients' files are stored *at a given time*. Entangled cloud storage provides an alternative approach where any single client operates implicitly on behalf of all others, i.e., as long as one client's files are intact, the entire remote database continues to be safe and unblemished.

Note: Full version published in Future Generation Computer Systems - Special Issue on Cloud Cryptography

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. MAJOR revision.AsiaCCS 2015 (Workshop on Security in Cloud Computing)
Keywords
cloud storagemulti-party computation
Contact author(s)
oezguer dagdelen @ cased de
History
2016-03-10: last of 8 revisions
2012-09-03: received
See all versions
Short URL
https://ia.cr/2012/511
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2012/511,
      author = {Giuseppe Ateniese and Özgür Dagdelen and Ivan Damgard and Daniele Venturi},
      title = {Entangled Cloud Storage},
      howpublished = {Cryptology ePrint Archive, Paper 2012/511},
      year = {2012},
      note = {\url{https://eprint.iacr.org/2012/511}},
      url = {https://eprint.iacr.org/2012/511}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.