CRUST: cryptographic remote untrusted storage without public keys

This paper presents CRUST, a stackable file system layer designed to provide secure file sharing over remote untrusted storage systems. CRUST is intended to be layered over insecure network file systems without changing the existing systems. In our approach, data at rest is kept encrypted, and data integrity and access control are provided by cryptographic means. Our design completely avoids public-key cryptography operations and uses more efficient symmetric-key alternatives to achieve improved performance. As a generic and self-contained system, CRUST includes its own in-band key distribution mechanism and does not rely on any special capabilities of the server or the clients. We have implemented CRUST as a Linux file system and shown that it performs comparably with typical underlying file systems, while providing significantly stronger security.

[1]  Yongdae Kim,et al.  SGFS : Secure , Efficient and Policy-based Global File Sharing , 2006 .

[2]  Erez Zadok,et al.  Proceedings of the General Track: 2003 Usenix Annual Technical Conference Ncryptfs: a Secure and Convenient Cryptographic File System , 2022 .

[3]  Steve R. Kleiman,et al.  Vnodes: An Architecture for Multiple File System Types in Sun UNIX , 1986, USENIX Summer.

[4]  Avishai Wool,et al.  Toward securing untrusted storage without public-key operations , 2005, StorageSS '05.

[5]  James H. Burrows,et al.  Secure Hash Standard , 1995 .

[6]  Erez Zadok,et al.  Cryptfs: A Stackable Vnode Level Encryption File System , 1998 .

[7]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[8]  Qian Wang,et al.  Plutus: Scalable Secure File Sharing on Untrusted Storage , 2003, FAST.

[9]  Morris J. Dworkin,et al.  Recommendation for Block Cipher Modes of Operation: Methods and Techniques , 2001 .

[10]  Michael Backes,et al.  Secure Key-Updating for Lazy Revocation , 2006, ESORICS.

[11]  Jeffrey I. Schiller,et al.  An Authentication Service for Open Network Systems. In , 1998 .

[12]  Markus Jakobsson,et al.  Fractal hash sequence representation and traversal , 2002, Proceedings IEEE International Symposium on Information Theory,.

[13]  Ben Y. Zhao,et al.  OceanStore: an architecture for global-scale persistent storage , 2000, SIGP.

[14]  Kevin Fu,et al.  Key Regression: Enabling Efficient Key Distribution for Secure Distributed Storage , 2006, NDSS.

[15]  Brian A. Carter,et al.  Advanced Encryption Standard , 2007 .

[16]  John Black,et al.  Side-Channel Attacks on Symmetric Encryption Schemes: The Case for Authenticated Encryption , 2002, USENIX Security Symposium.

[17]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[18]  Yongdae Kim,et al.  Securing distributed storage: challenges, techniques, and systems , 2005, StorageSS '05.

[19]  Miguel Castro,et al.  Farsite: federated, available, and reliable storage for an incompletely trusted environment , 2002, OPSR.

[20]  Howard Gobioff,et al.  Security for Network Attached Storage Devices (CMU-CS-97-185) , 1997 .

[21]  Darrell D. E. Long,et al.  Strong Security for Network-Attached Storage , 2002, FAST.

[22]  Hovav Shacham,et al.  SiRiUS: Securing Remote Untrusted Storage , 2003, NDSS.

[23]  David Mazières,et al.  Separating key management from file system security , 1999, SOSP.

[24]  Morris J. Dworkin,et al.  Recommendation for Block Cipher Modes of Operation: The CCM Mode for Authentication and Confidentiality [including updates through 7/20/2007] , 2004 .

[25]  Giuseppe Cattaneo,et al.  Design and Implementation of a Transparent Cryptographic File System for Unix , 2007 .

[26]  Matt Blaze,et al.  A cryptographic file system for UNIX , 1993, CCS '93.

[27]  Dennis Shasha,et al.  Secure Untrusted Data Repository (SUNDR) , 2004, OSDI.

[28]  Dennis Shasha,et al.  Don't trust your file server , 2001, Proceedings Eighth Workshop on Hot Topics in Operating Systems.

[29]  Silvio Micali,et al.  Secret-Key Agreement without Public-Key Cryptography , 1993, CRYPTO.

[30]  Paul Stanton Securing Data in Storage: A Review of Current Research , 2004, ArXiv.

[31]  Erik Riedel,et al.  A Framework for Evaluating Storage System Security , 2002, FAST.

[32]  Howard Gobioff,et al.  Security for Network Attached Storage Devices , 1997 .

[33]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[34]  John S. Heidemann,et al.  File-system development with stackable layers , 1994, TOCS.

[35]  Morris J. Dworkin,et al.  SP 800-38A 2001 edition. Recommendation for Block Cipher Modes of Operation: Methods and Techniques , 2001 .

[36]  Shirley M. Radack,et al.  Federal Information Processing Standard (FIPS) 199, Standards for Security | NIST , 2004 .