CRUST: Cryptographic Remote Untrusted Storage without Public Keys

This paper presents CRUST, a stackablefile system layer designed to provide secure file sharing over remote untrusted storage systems. CRUST is intended to be layered over insecure network file systems without changing the existing systems. In our approach, data at rest is kept encrypted, and data integrity and access control are provided by cryptographic means. Our design completely avoids public-key cryptography operations and uses more efficient symmetric-key alternatives to achieve improved performance. As a generic and self-contained system, CRUST includes its own in-band key distribution mechanism and does not rely on any special capabilities of the server or the clients. We have implemented CRUST as a Linux file system and shown that it performs comparably with typical underlying file systems, while providing significantly stronger security.

[1]  Silvio Micali,et al.  Secret-Key Agreement without Public-Key Cryptography , 1993, CRYPTO.

[2]  Erez Zadok,et al.  Proceedings of the General Track: 2003 Usenix Annual Technical Conference Ncryptfs: a Secure and Convenient Cryptographic File System , 2022 .

[3]  Steve R. Kleiman,et al.  Vnodes: An Architecture for Multiple File System Types in Sun UNIX , 1986, USENIX Summer.

[4]  Frederic P. Miller,et al.  Advanced Encryption Standard , 2009 .

[5]  Morris J. Dworkin,et al.  SP 800-38A 2001 edition. Recommendation for Block Cipher Modes of Operation: Methods and Techniques , 2001 .

[6]  Hovav Shacham,et al.  SiRiUS: Securing Remote Untrusted Storage , 2003, NDSS.

[7]  Howard Gobioff,et al.  Security for Network Attached Storage Devices (CMU-CS-97-185) , 1997 .

[8]  Miguel Castro,et al.  Farsite: federated, available, and reliable storage for an incompletely trusted environment , 2002, OPSR.

[9]  David Mazières,et al.  Separating key management from file system security , 1999, SOSP.

[10]  Giuseppe Cattaneo,et al.  Design and Implementation of a Transparent Cryptographic File System for Unix , 2007 .

[11]  Kevin Fu,et al.  Key Regression: Enabling Efficient Key Distribution for Secure Distributed Storage , 2006, NDSS.

[12]  John Black,et al.  Side-Channel Attacks on Symmetric Encryption Schemes: The Case for Authenticated Encryption , 2002, USENIX Security Symposium.

[13]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[14]  Yongdae Kim,et al.  Securing distributed storage: challenges, techniques, and systems , 2005, StorageSS '05.

[15]  Erez Zadok,et al.  Cryptfs: A Stackable Vnode Level Encryption File System , 1998 .

[16]  Darrell D. E. Long,et al.  Strong Security for Network-Attached Storage , 2002, FAST.

[17]  Qian Wang,et al.  Plutus: Scalable Secure File Sharing on Untrusted Storage , 2003, FAST.

[18]  Shirley M. Radack,et al.  Federal Information Processing Standard (FIPS) 199, Standards for Security | NIST , 2004 .

[19]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[20]  John S. Heidemann,et al.  File-system development with stackable layers , 1994, TOCS.

[21]  B. Clifford Neuman,et al.  Kerberos: An Authentication Service for Open Network Systems , 1988, USENIX Winter.

[22]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[23]  Avishai Wool,et al.  Toward securing untrusted storage without public-key operations , 2005, StorageSS '05.

[24]  Dennis Shasha,et al.  Secure Untrusted Data Repository (SUNDR) , 2004, OSDI.

[25]  Dennis Shasha,et al.  Don't trust your file server , 2001, Proceedings Eighth Workshop on Hot Topics in Operating Systems.

[26]  Matt Blaze,et al.  A cryptographic file system for UNIX , 1993, CCS '93.

[27]  Ben Y. Zhao,et al.  OceanStore: an architecture for global-scale persistent storage , 2000, SIGP.

[28]  Markus Jakobsson,et al.  Fractal hash sequence representation and traversal , 2002, Proceedings IEEE International Symposium on Information Theory,.

[29]  Michael Backes,et al.  Secure Key-Updating for Lazy Revocation , 2006, ESORICS.

[30]  Paul Stanton Securing Data in Storage: A Review of Current Research , 2004, ArXiv.

[31]  Erik Riedel,et al.  A Framework for Evaluating Storage System Security , 2002, FAST.

[32]  Howard Gobioff,et al.  Security for Network Attached Storage Devices , 1997 .