Paper 2026/434

Secure Cloud Storage: Modularization, Network Adversaries and Adaptive Corruptions

Jonas Janneck, Ruhr University Bochum
Doreen Riepel, Helmholtz Center for Information Security
Abstract

End-to-end cloud storage solutions are deployed at large scale, yet recent works have demonstrated severe attacks against their confidentiality and integrity. Motivated by this, a first formal treatment of secure cloud storage was given at CRYPTO 2024 by Backendal, Davis, Günther, Haller and Paterson (BDGHP). They define syntax and security notions, capturing client-to-client security of cloud storage schemes with respect to a password distribution. They also give an efficient construction using the Two-Hash Diffie-Hellman (2HDH) OPRF and standard cryptographic building blocks, which they prove secure under selective corruptions in the random oracle model. However, several aspects of practical security guarantees remain open. We extend and refine the work of BDGHP along multiple dimensions, advancing the analysis of secure cloud storage schemes. First, we prove that their construction can be proven secure against adaptive corruptions (with a slight modification), circumventing technical challenges posed by file sharing. Second, we modularize the scheme further by introducing an abstraction for the authentication procedure. This allows us to identify the concrete role of 2HDH and alternative instantiations. Third, we introduce a weaker model that captures adversaries who can arbitrarily control the network, except during registration. This allows us to prove concrete guarantees about online password guessing attacks, whereas the stronger model inherently allows for offline guessing. Finally, we formalize and prove explicit authentication, relying on the security of our new authentication abstraction and the MAC scheme, where the latter was previously not used in the security analysis.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
A major revision of an IACR publication in EUROCRYPT 2026
Contact author(s)
jonas janneck @ rub de
riepel @ cispa de
History
2026-05-12: revised
2026-03-03: received
See all versions
Short URL
https://ia.cr/2026/434
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2026/434,
      author = {Jonas Janneck and Doreen Riepel},
      title = {Secure Cloud Storage: Modularization, Network Adversaries and Adaptive Corruptions},
      howpublished = {Cryptology {ePrint} Archive, Paper 2026/434},
      year = {2026},
      url = {https://eprint.iacr.org/2026/434}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.