HAIL: a high-availability and integrity layer for cloud storage

@inproceedings{Bowers2009HAILAH,
  title={HAIL: a high-availability and integrity layer for cloud storage},
  author={Kevin D. Bowers and Ari Juels and Alina Oprea},
  booktitle={CCS},
  year={2009}
}
We introduce HAIL (High-Availability and Integrity Layer), a distributed cryptographic system that allows a set of servers to prove to a client that a stored file is intact and retrievable. HAIL strengthens, formally unifies, and streamlines distinct approaches from the cryptographic and distributed-systems communities. Proofs in HAIL are efficiently computable by servers and highly compact---typically tens or hundreds of bytes, irrespective of file size. HAIL cryptographically verifies and… 

Figures and Tables from this paper

Hy-SAIL: Hyper-Scalability, Availability and Integrity Layer for Cloud Storage Systems
TLDR
It is demonstrated that Hy-SAIL leads to an efficient and scalable cryptographic system that meets near-optimal bounds in terms of communication and storage complexities and a new adversarial model that aggregates the main functionalities of a realistic adversary in cloud computing environments.
Efficient trusted cloud storage using parallel, pipelined hardware
TLDR
This thesis describes a prototype of a trusted cloud storage system that efficiently ensures data integrity and freshness by attaching a piece of high-performance trusted hardware to an untrusted server and proposes a write access control scheme to prevent unauthorized writes and ensure all writes are fresh.
Official Arbitration with Secure Cloud Storage Application
TLDR
It is argued that in such a case, both the client and the server should be able to contact an official court, providing cryptographic proofs, so that the Judge can resolve this dispute, and it is easy to extend the official arbitration protocols for a general case, including dynamic authenticated data structures.
Integrity Verification of Multiple Data Copies over Untrusted Cloud Servers
  • A. Barsoum, M. Hasan
  • Computer Science
    2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012)
  • 2012
TLDR
A pairing-based provable multi-copy data possession (PB-PMDP) scheme, which provides evidence to the customers that all outsourced copies are actually stored and remain intact, and allows authorized users to seamlessly access the file copies stored by the CSP, and supports public verifiability.
CS2: A Searchable Cryptographic Cloud Storage System
TLDR
The CS2 system is presented, a cryptographic cloud storage system that guarantees confidentiality, integrity and verifiability without sacrificing utility, and two cryptographic protocols for cloud storage are proposed which prove secure in the ideal/real-world paradigm.
Survey on Security and Integrity in Cloud Environment
TLDR
This paper addresses the construction of an efficient PDP scheme for distributed cloud storage to support the scalability of service and data migration, in which the existence of multiple cloud service providers is considered to cooperatively store and maintain the clients’ data.
Proofs of ownership in remote storage systems
TLDR
This work identifies attacks that exploit client-side deduplication, allowing an attacker to gain access to arbitrary-size files of other users based on a very small hash signatures of these files, and introduces the notion of proofs-of-ownership (PoWs), which lets a client efficiently prove to a server that that the client holds a file, rather than just some short information about it.
Message-locked proof of ownership and retrievability with remote repairing in cloud
TLDR
A model of message-locked proof of ownership and retrievability with remote repairing is proposed, which provides data confidentiality, secure cross-user deduplication at the client-side, file retrieevability, ownership privacy-preserving, random block accessing, and remote repairing simultaneously.
Towards Efficient Proofs of Retrievability in Cloud Storage
TLDR
A recent construction of constant size polynomial commitment scheme is incorporated into Shacham and Waters scheme, based on Strong Diffie-Hellman Assumption, and the proposed scheme is found to be efficient and practical.
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 48 REFERENCES
Proofs of retrievability: theory and implementation
TLDR
This framework improves the previously proposed POR constructions of Juels-Kaliski and Shacham-Waters, and also sheds light on the conceptual limitations of previous theoretical models for PORs.
Scalable and efficient provable data possession
TLDR
This paper constructs a highly efficient and provably secure PDP technique based entirely on symmetric key cryptography, while not requiring any bulk encryption, and allows outsourcing of dynamic data, i.e, it efficiently supports operations, such as block modification, deletion and append.
Provable data possession at untrusted stores
TLDR
The model generates probabilistic proofs of possession by sampling random sets of blocks from the server, which drastically reduces I/O costs and the overhead at the server is low (or even constant), as opposed to linear in the size of the data.
Store, Forget, and Check: Using Algebraic Signatures to Check Remotely Administered Storage
  • T. Schwarz, E. L. Miller
  • Computer Science
    26th IEEE International Conference on Distributed Computing Systems (ICDCS'06)
  • 2006
TLDR
This work uses m/n erasure-correcting coding to safeguard the stored data and uses algebraic signatures hash functions with algebraic properties for verification to permit the construction of large-scale distributed storage systems in which large amounts of storage can be verified with minimal network bandwidth.
Pors: proofs of retrievability for large files
In this paper, we define and explore proofs of retrievability (PORs). A POR scheme enables an archive or back-up service (prover) to produce a concise proof that a user (verifier) can retrieve a
Proofs of Retrievability via Hardness Amplification
TLDR
The main insight of this work comes from a simple connection between PoR schemes and the notion of hardness amplification, and then building nearly optimal PoR codes using state-of-the-art tools from coding and complexity theory.
The complexity of online memory checking
  • M. Naor, G. Rothblum
  • Computer Science
    46th Annual IEEE Symposium on Foundations of Computer Science (FOCS'05)
  • 2005
TLDR
A tight lower bound on the relationship between s and t when the adversary is not computationally bounded is shown, namely: s /spl times/ t = /spl Omega/(n), where n is the file size.
MR-PDP: Multiple-Replica Provable Data Possession
TLDR
Multiple-replica provable data possession (MR-PDP) is introduced, a provably-secure scheme that allows a client that stores replicas of a file in a storage system to verify through a challenge-response protocol that each unique replica can be produced at the time of the challenge.
Robust remote data checking
TLDR
This work distill the key performance and security requirements for integrating forward error-correcting codes into PDP and describes an encoding scheme and file organization for robust data possession that meets these requirements.
Demonstrating data possession and uncheatable data transfer
TLDR
A protocol based on a certain RSA-based secure hash function is described, which prevents ‘cheating’ in a data transfer transaction, while placing little burden on the trusted third party that oversees the protocol.
...
1
2
3
4
5
...