nc-audit: auditing for network coding storage

NC-Audit: Auditing for Network Coding Storage

Anh Le and Athina MarkopoulouUniversity of California, Irvine

NC-Audit: Auditing for NC Storage 2

Outline

1. Background

2. Related Work

3. Key Techniques

4. NC-Audit

5. Evaluation

6. Conclusion

Le and Markopoulou (UC Irvine)


• Key ideas:- Sub-packetization- Mixing when repair

NC-Based Distributed Storage


[Dimakis, 2011]


The Auditing Problem

Data

AuditAudit

Security Message



• Storage node hides data corruption

Threat Model

• TPA acquires data from the auditing



Desired Properties of NC-Audit

• Data correctness guarantee

• Privacy-preserving auditing

• Support for repair and data dynamics

• Low overhead



Related Work

Integrity Checking for Remote Data

• Proof of Retrievability[Juels ’07], [Shacham ’08]

• Proof of Data Posession[Ateniese ’07]

• Support for Data Dynamics[Ateniese ’08], [Erway ’09][Wang ’09]

• Privacy Preserving Auditing[Shah ’06], [Wang ’10]


For NC Storage

• Error Detection[Dikaliotis ’10]

• Proof of Retrievability[Chen ’10]


Outline

1. Background

2. Related Work

3. Key Techniques

4. NC-Audit

5. Evaluation

6. Conclusion


9

ei ti

The Naïve Scheme

t1e1

tMeM

… tkek

k

tkek

Le and Markopoulou (UC Irvine) NC-Audit: Auditing for NC Storage

HMAC HMAC

• Inefficient

• Does not support repair

• Violate privacy

c t

• SpaceMac- Homomorphic MAC

• NCrypt- CPA-secure encryption

tkekc t tΣαiei

10

ei ti

Key Techniques of NC-Audit

t1e1

tMeM

…k1, .., kn

tkek

Le and Markopoulou (UC Irvine) NC-Audit: Auditing for NC Storage

HMAC HMACSpaceMac SpaceMac

k

Σαiei cNCrypt

tΣαiei


SpaceMac [Le, NetCod 10]

Homomorphic Message Authentication Codes



NCryptRandom Linear CPA-Secure Encryption



Outline

1. Background

2. Related Work

3. Key Techniques

4. NC-Audit

5. Evaluation

6. Conclusion


1. Homomorphic MAC: SpaceMac

2. Random Linear Encryption: NCrypt

e t

14

c t

e

e t

c c t

e t

NC-Audit: Auditing for NC StorageLe and Markopoulou (UC Irvine)

NC-Audit = SpaceMac + NCrypt

NC-Audit: Auditing for NC Storage 15Le and Markopoulou

Repairing with Regular Schemet1e1

t3e3

t4e4

t2e2

t5e5

t6e6

Node 1

Node 2

Node 3

t7e7

t8e8

Node 4 Node 4

α5e5 + α6e6

α3e3 + α4e4

α1e1 + α2e2

t'7e’7

t'8e'8

t'7e’7

t'8e'8

High cost

NC-Audit: Auditing for NC Storage 16Le and Markopoulou

Repairing with NC-Auditt1e1

t3e3

t4e4

t2e2

t5e5

t6e6

Node 1

Node 2

Node 3

t7e7

t8e8

Node 4 Node 4

α5 t5 + α6 t6α5e5 + α6e6

α3 t3 + α4 t4α3e3 + α4e4

α1 t1 + α2 t2α1e1 + α2e2

t'7e’7

t'8e'8

17NC-Audit: Auditing for NC StorageLe and Markopoulou (UC Irvine)

Security Guarantees of NC-Audit

Data Posession

Privacy


Outline

1. Background

2. Related Work

3. Key Techniques

4. NC-Audit

5. Evaluation

6. Conclusion



Performance Evaluation


Implementation:• Java:

- javax.crypto

• 80-bit security:

- q = 28, l = 10- 4 KB block

Comparisons:

• [Wang et al., ESORICS ’09]

• [Wang et al., INFOCOM ’10]

• [Chen et al., CCSW ’10]


Performance Evaluation



Conclusion


NC-Audit: Auditing scheme for NC storage

• Data correctness guarantee- SpaceMac

• Privacy-preserving auditing- NCrypt

• Support for repair and data dynamics

• Low overhead

This work is supported by NSF and AFOSR

http://www.ics.uci.edu/~anhml/software.html

nc-audit: auditing for network coding storage

Documents