On Consistency of Encrypted Files

In this paper we address the problem of consistency for cryptographic file systems. A cryptographic file system protects the users' data from the file server, which is possibly untrusted and might exhibit Byzantine behavior, by encrypting the data before sending it to the server. The consistency of the encrypted file objects that implement a cryptographic file system relies on the consistency of the two components used to implement them: the file storage protocol and the key distribution protocol. We first define two generic classes of consistency conditions that extend and generalize existing consistency conditions. We then formally define consistency for encrypted file objects in a generic way: for any consistency conditions for the key and file objects belonging to one of the two classes of consistency conditions considered, we define a corresponding consistency condition for encrypted file objects. We finally provide, in our main result, necessary and sufficient conditions for the consistency of the key distribution and file storage protocols under which the encrypted storage is consistent. Our framework allows the composition of existing key distribution and file storage protocols to build consistent encrypted file objects and simplifies complex proofs for showing the consistency of encrypted storage.

[1]  Erik Riedel,et al.  A Framework for Evaluating Storage System Security , 2002, FAST.

[2]  Rida A. Bazzi,et al.  The power of processor consistency , 1993, SPAA '93.

[3]  Rainer Hoch,et al.  From paper to office document standard representation , 1992, Computer.

[4]  Maurice Herlihy,et al.  Linearizability: a correctness condition for concurrent objects , 1990, TOPL.

[5]  Dennis Shasha,et al.  Building secure file systems out of byzantine storage , 2002, PODC '02.

[6]  Christian Cachin,et al.  Secure INtrusion-Tolerant Replication on the Internet , 2002, Proceedings International Conference on Dependable Systems and Networks.

[7]  E. Miller,et al.  Strong security for distributed file systems , 2001, Conference Proceedings of the 2001 IEEE International Performance, Computing, and Communications Conference (Cat. No.01CH37210).

[8]  Hovav Shacham,et al.  SiRiUS: Securing Remote Untrusted Storage , 2003, NDSS.

[9]  David Mazières,et al.  Separating key management from file system security , 1999, SOSP.

[10]  Giuseppe Cattaneo,et al.  Design and Implementation of a Transparent Cryptographic File System for Unix , 2007 .

[11]  Michel Raynal,et al.  Timed consistency for shared distributed objects , 1999, PODC '99.

[12]  Michel Dubois,et al.  Synchronization, coherence, and event ordering in multiprocessors , 1988, Computer.

[13]  Anoop Gupta,et al.  Memory consistency and event ordering in scalable shared-memory multiprocessors , 1990, ISCA '90.

[14]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[15]  Amin Vahdat,et al.  Design and evaluation of a conit-based continuous consistency model for replicated services , 2002, TOCS.

[16]  Dennis Shasha,et al.  Secure Untrusted Data Repository (SUNDR) , 2004, OSDI.

[17]  Fred B. Schneider,et al.  Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.

[18]  Leslie Lamport,et al.  How to Make a Multiprocessor Computer That Correctly Executes Multiprocess Programs , 2016, IEEE Transactions on Computers.

[19]  Miguel Castro,et al.  Farsite: federated, available, and reliable storage for an incompletely trusted environment , 2002, OPSR.

[20]  James R. Goodman,et al.  Cache Consistency and Sequential Consistency , 1991 .

[21]  Roy Friedman,et al.  On the Locality of Consistency Conditions , 2003, DISC.

[22]  Anoop Gupta,et al.  The Stanford Dash multiprocessor , 1992, Computer.

[23]  Kevin Fu,et al.  Group Sharing and Random Access in Cryptographic Storage File Systems , 1999 .

[24]  Qian Wang,et al.  Plutus: Scalable Secure File Sharing on Untrusted Storage , 2003, FAST.

[25]  Brian N. Bershad,et al.  The Midway distributed shared memory system , 1993, Digest of Papers. Compcon Spring.

[26]  Roy Friedman,et al.  On the composability of consistency conditions , 2003, Inf. Process. Lett..

[27]  Matt Blaze,et al.  A cryptographic file system for UNIX , 1993, CCS '93.

[28]  Anoop Gupta,et al.  Memory consistency and event ordering in scalable shared-memory multiprocessors , 1990, [1990] Proceedings. The 17th Annual International Symposium on Computer Architecture.

[29]  Gil Neiger,et al.  Causal memory: definitions, implementation, and programming , 1995, Distributed Computing.

[30]  Michael K. Reiter,et al.  Fault-scalable Byzantine fault-tolerant services , 2005, SOSP '05.

[31]  Hagit Attiya,et al.  Sequential consistency versus linearizability , 1994, TOCS.

[32]  Michael Backes,et al.  Secure Key-Updating for Lazy Revocation , 2006, ESORICS.

[33]  H. Venkateswaran,et al.  A secure and highly available distributed store for meeting diverse data storage needs , 2001, 2001 International Conference on Dependable Systems and Networks.