A Secure and Efficient Distributed Storage Scheme SAONT-RS Based on an Improved AONT and Erasure Coding

Distributed storage has been widely used by enterprises in big data and cloud computing. However, the open nature of distributed storage and the geographical restrictions have constrained distributed storage development. People have put forward higher requirements on the security of node data, especially focusing on confidentiality, recoverability, and integrity. In this paper, we find that there are four security vulnerabilities in AONT-RS and RAONT-RS. In addition, we propose an improved AONT called SAONT in which a canary is not used. After that, we present a secure and efficient distributed storage scheme called SAONT-RS based on SAONT and erasure coding. Finally, the security analysis is given from the four aspects of confidentiality, recoverability, integrity, and anti-short plaintext attack. The experiments show that SAONT-RS has high security and efficiency of node data in distributed storage.

[1]  Li Hui,et al.  Secure and Privacy-Preserving Data Storage Service in Public Cloud , 2014 .

[2]  Marco Baldi,et al.  AONT-LT: A data protection scheme for Cloud and cooperative storage systems , 2014, 2014 International Conference on High Performance Computing & Simulation (HPCS).

[3]  Liqun Chen,et al.  Revisiting and Extending the AONT-RS Scheme: A Robust Computationally Secure Secret Sharing Scheme , 2017, AFRICACRYPT.

[4]  Cong Wang,et al.  Toward Secure and Dependable Storage Services in Cloud Computing , 2012, IEEE Transactions on Services Computing.

[5]  James S. Plank,et al.  AONT-RS: Blending Security and Performance in Dispersed Storage Systems , 2011, FAST.

[6]  Luo Xianghong and Shu Jiwu Summary of Research for Erasure Code in Storage System , 2012 .

[7]  Maryam Amirmazlaghani,et al.  Computationally secure secret image sharing , 2017, 2017 Iranian Conference on Electrical Engineering (ICEE).

[8]  Long Fei,et al.  Key distribution and recovery algorithm based on Shamir's secret sharing , 2015 .

[9]  Xin Wang,et al.  Cloud-of-Clouds Storage Made Efficient: A Pipeline-Based Approach , 2016, 2016 IEEE International Conference on Web Services (ICWS).

[10]  Li Xiaoyong,et al.  Key Technologies of Distributed Storage for Cloud Computing , 2012 .

[12]  Jin Li,et al.  Convergent Dispersal: Toward Storage-Efficient Security in a Cloud-of-Clouds , 2014, HotCloud.

[13]  Bart Preneel,et al.  Cryptographic hash functions , 2010, Eur. Trans. Telecommun..

[14]  Hugo Krawczyk,et al.  Secret Sharing Made Short , 1994, CRYPTO.

[15]  Cheng Wei,et al.  Threshold Secret Sharing Scheme Based on Multidimensional Sphere for Cloud Storage , 2016 .

[16]  Sriram Vishwanath,et al.  Optimal Locally Repairable and Secure Codes for Distributed Storage Systems , 2012, IEEE Transactions on Information Theory.

[17]  Feng Chao Techniques of Secure Storage for Cloud Data , 2015 .

[18]  Yongdae Kim,et al.  Securing distributed storage: challenges, techniques, and systems , 2005, StorageSS '05.

[19]  Michael O. Rabin,et al.  Efficient dispersal of information for security, load balancing, and fault tolerance , 1989, JACM.

[20]  Kheng Kok Mar,et al.  Securing cloud data using information dispersal , 2016, 2016 14th Annual Conference on Privacy, Security and Trust (PST).

[21]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[22]  Marcos K. Aguilera,et al.  Transaction chains: achieving serializability with low latency in geo-distributed storage systems , 2013, SOSP.

[23]  F. Moore,et al.  Polynomial Codes Over Certain Finite Fields , 2017 .

[24]  Wei-Ho Chung,et al.  An Efficient (n, k) Information Dispersal Algorithm for High Code Rate System over Fermat Fields , 2012, IEEE Communications Letters.

[25]  Ronny Seiger,et al.  SecCSIE: A Secure Cloud Storage Integrator for Enterprises , 2011, 2011 IEEE 13th Conference on Commerce and Enterprise Computing.

[26]  Shao Bilin Security Structure of Cloud Storage Based on Dispersal , 2011 .

[27]  Wilson C. Hsieh,et al.  Bigtable: A Distributed Storage System for Structured Data , 2006, TOCS.

[28]  Mihir Bellare,et al.  Robust computational secret sharing and a unified account of classical secret-sharing goals , 2007, CCS '07.

[29]  Xianhui Lu,et al.  An Efficient Dispersal Storage Scheme Based on Ring-LWE and NTT , 2017, 2017 12th Asia Joint Conference on Information Security (AsiaJCIS).

[30]  Pei Li,et al.  Cooperative Recovery of Distributed Storage Systems from Multiple Losses with Network Coding , 2010, IEEE Journal on Selected Areas in Communications.

[32]  Nigel Atkins,et al.  Chaos-based image encryption using an AONT mode of operation , 2015, 2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA).

[33]  Ronald L. Rivest,et al.  All-or-Nothing Encryption and the Package Transform , 1997, FSE.

[34]  Alexandros G. Dimakis,et al.  Network Coding for Distributed Storage Systems , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[35]  Mingqiang Li,et al.  CDStore: Toward Reliable, Secure, and Cost-Efficient Cloud Storage via Convergent Dispersal , 2015, IEEE Internet Computing.

[36]  B. Preneel 1 CRYPTOGRAPHIC HASH FUNCTIONS : AN OVERVIEW , 2022 .