Paper 2021/666

Secure cloud-of-clouds storage with space-efficient secret sharing

Ahad Niknia, Miguel Correia, and Jaber Karimpour

Abstract

Cloud storage services are top-rated, but there are often concerns about the security of the files there stored. Clouds-of-clouds or multi-clouds are being explored in order to improve that security. The idea is to store the files in several clouds, ensuring integrity and availability. Confidentiality, however, is obtained by encrypting the files with block ciphers that do not provide provable security. Secret sharing allows distributing files among the clouds providing information-theoretic security/secrecy. However, existing secret sharing schemes are space-inefficient (the size of the shares is much larger than the size of the secret) or purely theoretical. In this paper, we propose the first practical space-efficient secret sharing scheme that provides information-theoretic security, which we denominate PRactical Efficient Secret Sharing (PRESS). Moreover, we present the Secure CloUD storage (SCUD) service, a new cloud-of-clouds storage service that leverages PRESS to provide file confidentiality. Additionally, SCUD provides data integrity and availability, leveraging replication.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. Minor revision.Journal of Information Security and Applications
Keywords
secret sharing
Contact author(s)
miguel p correia @ tecnico ulisboa pt
History
2021-05-25: received
Short URL
https://ia.cr/2021/666
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/666,
      author = {Ahad Niknia and Miguel Correia and Jaber Karimpour},
      title = {Secure cloud-of-clouds storage with space-efficient secret sharing},
      howpublished = {Cryptology ePrint Archive, Paper 2021/666},
      year = {2021},
      note = {\url{https://eprint.iacr.org/2021/666}},
      url = {https://eprint.iacr.org/2021/666}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.