Plutus: Scalable secure file sharing on untrusted storage

Proceedings of FAST 2003: 2nd USENIX Conference on File and Storage Technologies

Volumn , Issue , 2003, Pages 29-42

  Kallahalla, Mahesh ^a   Riedel, Erik ^a,b   Swaminathan, Ram ^a   Wang, Qian ^a,c   Fu, Kevin ^a,d  

^a HEWLETT PACKARD LABORATORIES   (United States)

^b Segate Technology   (United States)

^c The Pennsylvania State University   (United States)

^d MASSACHUSETTS INSTITUTE OF TECHNOLOGY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

PUBLIC KEY CRYPTOGRAPHY;

CRYPTOGRAPHIC KEY; CRYPTOGRAPHIC PRIMITIVES; MEASUREMENTS OF; NETWORK TRAFFIC; STORAGE SYSTEMS; STRONG SECURITIES; UNTRUSTED SERVER; UNTRUSTED STORAGES;

NETWORK SECURITY;

EID: 85033460636     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (51)

1. A. Adya, W. Bolosky, M. Castro, G. Cermak, R. Chaiken, J. Douceur, J. Howell, J. Lorch, M. Theimer, and R. Wattenhofer. FARSITE: Federated, available, and reliable storage for an incompletely trusted environment. In OSDI, pages 1–14, December 2002.
2. N. Alon, H. Kaplan, M. Krivelevich, D. Malkhi, and J. Stern. Scalable secure storage when half the system is faulty. In ICALP, 2000.
3. T. Anderson. Specification of FCrypt: Encryption for AFS remote procedure calls,. http://www.transarc.ibm.com/~ota/fcrypt-paper.txt.
4. M. Bellare, R. Canetti, and H. Krawczyk. Keying hash functions for message authentication. In CRYPTO, pages 1–15, 1996.
5. M. Blaze. A cryptographic file system for UNIX. In CCS, 1993.
6. D. Boneh. Twenty years of attacks on the RSA cryptosystem. Notices of the AMS, 46, 1999.
7. M. Castro and B. Liskov. Proactive recovery in a Byzantine-fault-tolerant system. In OSDI, pages 273–288, October 2000.
8. G. Cattaneo, G. Persiano, A. Del Sorbo, A. Cozzolino, E. Mauriello, and R. Pisapia. Design and implementation of a transparent cryptographic file system for UNIX. Technical report, University of Salerno, 1997.
9. W. Dai. Crypto++ version 4.2. http://www.eskimo.com/~weidai/cryptlib.html.
10. C. Dalton and T. Choo. Trusted linux: An operating system approach. CACM, 44(2), February 2001.
11. J. R. Douceur and R. P. Wattenhofer. Optimizing file availability in a secure serverless distributed file system. In SRDS, pages 4–13, 2001.
12. P. Druschel and A. Rowstron. Storage management and caching in PAST, a large-scale, persistent peer-to-peer storage utility. In SOSP, 2001.
13. K. Fu. Group sharing and random access in cryptographic storage file systems. Master’s thesis, MIT, June 1999.
14. K. Fu, M. Kallahalla, S. Rajagopalan, and R. Swaminathan. Secure rotation on key sequences. Submitted for publication, 2002.
15. K. Fu, M. Kallahalla, and R. Swaminathan. A simple protocol for maintaining fork consistency. Manuscript, 2002.
16. G. Ganger and M. Kaashoek. Embedded inodes and explicit grouping: Exploiting disk bandwidth for small files. In USENIX Tech. Conf., pages 1–17, 1997.
17. G. Ganger, P. Khosla, M. Bakkaloglu, M. Bigrigg, G. Goodson, S. Oguz, V. Pandurangan, C. Soules, J. Strunk, and J. Wylie. Survivable storage systems. In DARPA Information Survivability Conference and Exposition, IEEE, volume 2, pages 184–195, June 2001.
18. D. Gifford, R. Needham, and M. Schroeder. The Cedar file system. In CACM, pages 288–298, March 1988.
19. H. Gobioff, D. Nagle, and G. Gibson. Embedded security for network-attached storage. Technical Report CMU-CS-99-154, CMU, June 1999.
20. H. Gobioff, D. Nagle, and G. A. Gibson. Integrity and performance in network attached storage. Technical Report CMU-CS-98-182, CMU, December 1998.
21. E. Goh, H. Shacham, N. Modadugu, and D. Boneh. SiRiUS: Securing remote untrusted storage. In NDSS, 2003. To appear.
22. J. Howard, M. Kazar, S. Menees, D. Nichols, M. Satyanarayanan, R. Sidebotham, and M. West. Scale and performance in a distributed file system. ACM TOCS, 6(1), February 1988.
23. K. Kaukonen and R.Thayer. A stream cipher encryption algorithm “Arcfour”. http://www.mozilla.org/projects/security/pki/nss/draftkaukonen-cipher-arcfour-03.txt.
24. S. Kent and R. Atkinson. Security architecture for the Internet Protocol. Technical report, RFC 2401, November 1998.
25. J. Kubiatowicz, D. Bindel, Y. Chen, S. Czerwinski, P. Eaton, D. Geels, R. Gummadi, S. Rhea, H. Weatherspoon, W. Weimer, C. Wells, and B. Zhao. Oceanstore: An architecture for global-scale persistent storage. In ASPLOS, December 2000.
26. L. Lamport. How to make a multiprocessor computer that correctly executes multiprocessor programs. IEEE Trans. on Computers, C-28(9):690–691, 1979.
27. L. Lamport. Password authentication with insecure communication. CACM, 24(11):770–772, 1981.
28. H. Lenstra. Divisors in residue classes. Mathematics of computation, pages 331–340, 1984.
29. H. Levy. Capability Based Computer Systems. Digital Press, 1984.
30. D. Mazières, M. Kaminsky, M. Kaashoek, and E. Witchel. Separating key management from file system security. In SOSP, pages 124–139, December 1999.
31. D. Mazières and D. Shasha. Don’t trust your file server. In HotOS, pages 113–118, May 2001.
32. D. Mazières and D. Shasha. Building secure file systems out of byzantine storage. In PODC, pages 1–15, 2002.
33. A. Menezes, P. van Oorschot, and S. Vanstone. Handbook of applied cryptography. CRC press, 1997.
34. R. C. Merkle. A digital signature based on a conventional encryption function. In CRYPTO, volume 293, pages 369–378, 1987.
35. E. Miller, D. Long, W. Freeman, and B. Reed. Strong security for distributed file systems. In FAST, pages 1–13, January 2002.
36. A. Muthitacharoen, R. Morris, T. Gil, and B. Chen. Ivy: A read/write peer-to-peer file system. In OSDI, December 2002.
37. OpenAFS. http://www.openafs.org/.
38. S. Quinlan and S. Dorward. Venti: A new approach to archival data storage. In FAST, pages 89–102, January 2002.
39. M. Rabin. Efficient dispersal of information for security, load balancing and fault tolerance. JACM, 36(2):335–348, 1989.
40. E. Riedel, M. Kallahalla, and R. Swaminathan. A framework for evalauting storage system security. In FAST, pages 15–30, January 2002.
41. D. Santry, M. Feeley, N. Hutchinson, A. Veitch, R. Carton, and J. Ofir. Deciding when to forget in the elephant file system. In SOSP, pages 110–123, December 1999.
42. J. Satran, D. Smith, K. Meth, C. Sapuntzakis, R. Haagens, E. Zeidner, P. Von Stamwitz, and L. Dalle Ore. iSCSI draft standard. Technical report, IETF, January 2002.
43. M. Satyanarayanan, J. Howard, D. Nichols, R. Sidebotham, A. Spector, and M. West. The ITC distributed file system: principles and design. In SOSP, pages 35–50, 1985.
44. F. Schneider. Implementing fault-tolerant services using the state machine approach: A tutorial. ACM Computing Surveys, 22(4):299–319, December 1990.
45. B. Schneier. Applied Cryptography. John Wiley & Sons, second edition, 1996.
46. V. Shoup. A proposal for an ISO standard for public key encryption (version 2.1). http://www.shoup.net/iso_2_1.ps.Z.
47. J. Strunk, G. Goodson, M. Scheinholtz, C. Soules, and G. Ganger. Self-securing storage: protecting data in compromised systems. In OSDI, October 2000.
48. Trusted computing platform alliance (TCPA). http://www.trustedcomputing.org/.
49. D. Tygar and M. Herlihy. How to make replicated data secure. In CRYPTO, pages 379–391, 1987.
50. VMware GSX server. http://www.vmware.com/.
51. E. Zadok, I. Badulescu, and A. Shender. Cryptfs: A stackable vnode level encryption file system. Technical Report CUCS-021-98, University of California at Los Angeles, 1998.