privacy –preserving public auditing for data security in cloud computing
DESCRIPTION
Privacy –Preserving Public Auditing for Data Security in Cloud Computing. B97201006 林楷軒. Outline. Overview of this paper Motivation and Initialization Detailed Mechanism Some Comments Reference. Overview of this paper. Overview of this paper. - PowerPoint PPT PresentationTRANSCRIPT
Privacy –Preserving Public Auditing for Data Security in
Cloud Computing
B97201006 林楷軒
Outline
• Overview of this paper
• Motivation and Initialization
• Detailed Mechanism
• Some Comments
• Reference
Overview of this paper
Overview of this paper• In one sentence,
Ensure your data authentication in cloud?
• Properties of cloud storage• Users always have availabe and scalable space
→Need not worry about running out of space• Users need not have real physical storage media
→Need not spend money on equipments
• Data is not near your hand →Data not accessible when network failure→How to make sure the data authentication?
Overview of this paperSome instances threatening your data in cloud
• Cloud Storage Provider deletes your data that you seldom access
• Cloud Storage Provider hides data loss incidnets
• Internal communication error in clusters of computers in Cloud(Amazon 2008,June 20)
Overview of this paperThe solution is:A third party checks you data authentication(Self-checking is too tiring)
Requirements:• Checks authentication while preserving privacy• [Exclusive]First model able to support scalable
and efficient auditing• [Exclusive]Security justified by concrete
experiments• [Mice.]No local copy of data, no more burden to
users
Motivation and Initialization
Motivation and InitilizationMotivation:Check the authentication of data
Nonmenclature Explanation(1):• TPA:Third Party Auditor• User:…• CSP:Cloud Storage Provider
鑑識官鄉民Amazon
Motivation and InitilizationNonmenclature Explanation(2)• Public key: (封裝 ) keys for locking a box• Private key: (開箱 ) keys for unlocking a box• MAC: (檢查碼 ) message authentication code.
Each piece of data has a MAC code, derived from its content
簡單舉例 (MD5)• MD5("The quick brown fox jumps over the lazy
dog")9e107d9d372bb6826bd81d3542a419d6
• MD5("The quick brown fox jumps over the lazy dog.")e4d909c290d0fb1ca068ffaddf22cbd0
Motivation and InitilizationPhase Nonmenclature:• User
KeyGen: generate the keySigGen: gengerate the verification of meta data(MAC)
• CSP:Cloud Storage ProviderGenProof: generate proof of data correctness
• TPA:Third Party AuditorVerifyProof:Audit proof from CSP(Amazon)
Have a little break...
Motivation and InitilizationExample One: Privacy Leaking• 鄉民 :– 生成一把鑰匙,丟給鑑識官– 製造 MAC ,丟給 Amazon– 上傳檔案給 Amazon– 鄉民刪除在自己硬碟上的檔案
• 檢查方式– 鑑識官向 Amazon 要檔案 ( 檔案外洩啦… )– 鑑識官自行生成 MAC ,檢查檔案
Motivation and InitilizationExample Two: Finitely many checking times• 鄉民 :
– 生成 N 把鑰匙,丟給鑑識官– 製造 N 種鑰匙的 MAC ,丟給鑑識官– 上傳檔案給 Amazon– 鄉民刪除在自己硬碟上的檔案
• 檢查方式– 鑑識官給 Amazon 鑰匙,並要求回傳對應 MAC 值– Amazon 回傳對應的 MAC 值給鑑識官– 鑑識官生成一次檢查碼,跟 Amazon 上的 MAC 做比
對
Motivation and InitilizationItem Example 1 Example 2
Number of keys 1 N
Key is given to 鑑識官 鑑識官Mac is stored by … Amazon 鑑識官File is transferred to… Amazon and 鑑識官 Amazon
優缺點分析:1. Example1鑑識官 :擁有鑰匙,所以可以無限次檢查檔案的完整與否Amazon:必須上傳檔案給鑑識官,暴露隱私,也增加工作量
2. Example2鑑識官保護了使用者隱私因為MAC是有限的,所以可以偽造答案
下一步,我們要分析:如先兼顧使用者隱私的同時,也讓鑑識官能無限次檢查檔案?
Detailed Mechanism(?)這份投影片,我採取的策略:以定性敘述,取代定量分析
Detailed Mechanism(?)Algebra:• Michael Artin• Algebra
Essential Parts: Group Theory
Link: Here
Detailed Mechanism(?)Cryptography:• Oded Goldreich• Foundations of Cryptography
Essential Parts: ???Link: Here
Detailed Mechanism(?)User Initilization• 鄉民 :
– 生成解密鑰匙,丟給鑑識官– 生成公開參數,丟給 Amazon– 生成驗證碼丟給 Amazon– 鄉民刪除在自己硬碟上的檔案
• 檢查方式– 鑑識官向 Amazon 要求檢查部分的檔案– Amazon 利用混合的公開參數,對原始檔案 Hash– Amazon 回傳 Hash 值、驗證碼– 鑑識官由解密鑰匙解密 Hash ,與驗證碼做比對
Detailed Mechanism(?)
我很難相信你聽得懂 = =
Detailed Mechanism(?)白話文解釋:• 抽樣檔案• 驗證碼 (stored in amazon)• Amazon 回傳的 Hash Code
關鍵在於:• 單獨 兩者的對應關係,沒有人清楚 ( 亂數生成 )• 但是整體
正確對應關係,只有鑑識官知道 ( 只有他有 private key)
1 2 3 4a a a a
1 1 2 2 3 3 4 4( ) ( ) ( ) ( )f a f a f a f a
1 1 2 2 3 3 4 4( ) ( ) ( ) ( )g a g a g a g a
i if g
1 1 2 2 3 3 4 4 1 1 2 2 3 3 4 4( ) ( ) ( ) ( ) ( ) ( ) ( ) ( )f a f a f a f a g a g a g a g a
Detailed Mechanism(?)其他保證的性質:• Low Burden on Amazon:
Constant large sending block(mathematical analysis…)
• Theoretically, if amazon misses 1% data, TPA only needs to audit for 460, 300 samples with probability more than 99%, 95%
• Support for Batch AuditingMathematical Analysis 1 2 31 2 3.. ...
nn i i i ia a a a a a a a
Detailed Mechanism(?)Mathematical Analysis :• Storage Correctness:
Amazon can not generate valid response toward TPA without faithfully storing the data
• Privacy Perserving Guarantee:TPA can not derive users’data conent from the information collected during the auditing porcess
Detailed Mechanism(?)Performance Analysis(Real Expriments)• Compared with old method(+Privacy)
• Batch Processing
Some Comments
Some Comments美中不足 ( 雞蛋裡挑骨頭 ?)• 過於理想化:
TPA 既不偏坦 CSP 也不偏袒使用者
• 對於動態資料未清楚說明:( 可以套用 [8] 的結果 )
• 只能偵測到問題,無法修復
• 99% 偵錯率夠嗎?
Reference
Reference• Wikipedia:
• Algebra:Michael Artin, 2nd Edition
• Foundations of Cryptography:Oded Goldreich
• Some slides from 陳君明老師
• Privacy Preserving Public Auditing for Data Storage Security in Cloud Computing(including some reference)
Q & A?