Updatable encryption in distributed storage systems using key-homomorphic pseudorandom functions

Distributed storage systems DSSs store linear combinations of data across different nodes such that, data lost due to node failures can be restored from surviving nodes. We address key rotation in DSSs: assume that a user wants to remotely change the encryption key of a file stored in a DSS by safely delegating the re-encryption process to the storage network. A problem arises because the data to be re-encrypted is not directly stored in the system only linear combinations are stored. We propose a solution in which a key-homomorphic pseudorandom function KH-PRF is used in counter-mode encryption to make this delegation possible. Our solution requires the homomorphism to be applied several times. Previous constructions of KH-PRFs add noise to their functions which limits the number of times that the homomorphism can be applied. In this paper, we propose the first 'noiseless' key-homomorphic PRFs.

[1]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[2]  Abhishek Banerjee,et al.  New and Improved Key-Homomorphic Pseudorandom Functions , 2014, CRYPTO.

[3]  Craig Costello Fast Formulas for Computing Cryptographic Pairings , 2012 .

[4]  Hugo Krawczyk,et al.  The Order of Encryption and Authentication for Protecting Communications (or: How Secure Is SSL?) , 2001, CRYPTO.

[5]  Joppe W. Bos Low-Latency Elliptic Curve Scalar Multiplication , 2012, International Journal of Parallel Programming.

[6]  Yunnan Wu,et al.  A Survey on Network Codes for Distributed Storage , 2010, Proceedings of the IEEE.

[7]  Bachar El-Hassan,et al.  A Secure Authenticated Key Agreement Protocol For Wireless Security , 2007 .

[8]  Morris J. Dworkin,et al.  SP 800-38A 2001 edition. Recommendation for Block Cipher Modes of Operation: Methods and Techniques , 2001 .

[9]  Dan Boneh,et al.  Homomorphic MACs: MAC-Based Integrity for Network Coding , 2009, ACNS.

[10]  Qi Cheng,et al.  On Partial Lifting and the Elliptic Curve Discrete Logarithm Problem , 2004, ISAAC.

[11]  Terence Chan,et al.  A Noiseless Key-Homomorphic PRF: Application on Distributed Storage Systems , 2016, ACISP.

[12]  Mihir Bellare,et al.  A Note on Negligible Functions , 2002, Journal of Cryptology.

[13]  Yunnan Wu,et al.  Network coding for distributed storage systems , 2010, IEEE Trans. Inf. Theory.

[14]  Craig Gentry,et al.  Graph-Induced Multilinear Maps from Lattices , 2015, TCC.

[15]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2009, JACM.

[16]  M.E. Hellman,et al.  Privacy and authentication: An introduction to cryptography , 1979, Proceedings of the IEEE.

[17]  Masaya Yasuda,et al.  The Elliptic Curve Discrete Logarithm Problems over the p-adic Field and Formal Groups , 2010, ISPEC.

[18]  Matthew Green,et al.  Improved proxy re-encryption schemes with applications to secure distributed storage , 2006, TSEC.

[19]  Christoforos E. Kozyrakis,et al.  Nemesis: Preventing Authentication & Access Control Vulnerabilities in Web Applications , 2009, USENIX Security Symposium.

[20]  Brice Minaud,et al.  Cryptanalysis of the New CLT Multilinear Map over the Integers , 2016, EUROCRYPT.

[21]  Craig Gentry,et al.  Candidate Multilinear Maps from Ideal Lattices , 2013, EUROCRYPT.