Privacy *Preserving Public Auditing for Data Security in

Report
Privacy –Preserving Public
Auditing for Data Security in
Cloud Computing
B97201006 林楷軒
Outline
• Overview of this paper
• Motivation and Initialization
• Detailed Mechanism
• Some Comments
• Reference
Overview of this paper
Overview of this paper
• In one sentence,
Ensure your data authentication in cloud?
• Properties of cloud storage
• Users always have availabe and scalable space 
→Need not worry about running out of space
• Users need not have real physical storage media 
→Need not spend money on equipments
• Data is not near your hand 
→Data not accessible when network failure
→How to make sure the data authentication?
Overview of this paper
Some instances threatening your data in cloud
• Cloud Storage Provider deletes your data
that you seldom access
• Cloud Storage Provider hides data loss
incidnets
• Internal communication error in clusters
of computers in Cloud(Amazon
2008,June 20)
Overview of this paper
The solution is:
A third party checks you data authentication
(Self-checking is too tiring)
Requirements:
• Checks authentication while preserving privacy
• [Exclusive]First model able to support scalable and
efficient auditing
• [Exclusive]Security justified by concrete experiments
• [Mice.]No local copy of data, no more burden to users
Motivation and Initialization
Motivation and Initilization
Motivation:
Check the authentication of data
Nonmenclature Explanation(1):
• TPA:Third Party Auditor
• User:…
• CSP:Cloud Storage Provider
鑑識官
鄉民
Amazon
Motivation and Initilization
Nonmenclature Explanation(2)
• Public key: (封裝) keys for locking a box
• Private key: (開箱) keys for unlocking a box
• MAC: (檢查碼) message authentication code.
Each piece of data has a MAC code, derived from its
content
簡單舉例(MD5)
MD5("The quick brown fox jumps over the lazy dog")
9e107d9d372bb6826bd81d3542a419d6
• MD5("The quick brown fox jumps over the lazy dog.")
e4d909c290d0fb1ca068ffaddf22cbd0
•
Motivation and Initilization
Phase Nonmenclature:
• User
KeyGen: generate the key
SigGen: gengerate the verification of meta data(MAC)
• CSP:Cloud Storage Provider
GenProof: generate proof of data correctness
• TPA:Third Party Auditor
VerifyProof:Audit proof from CSP(Amazon)
Have a little break...
Motivation and Initilization
Example One: Privacy Leaking
• 鄉民:
–
–
–
–
生成一把鑰匙,丟給鑑識官
製造MAC,丟給Amazon
上傳檔案給Amazon
鄉民刪除在自己硬碟上的檔案
• 檢查方式
– 鑑識官向Amazon要檔案(檔案外洩啦…)
– 鑑識官自行生成MAC,檢查檔案
Motivation and Initilization
Example Two: Finitely many checking times
• 鄉民:
–
–
–
–
生成N把鑰匙,丟給鑑識官
製造N種鑰匙的MAC,丟給鑑識官
上傳檔案給Amazon
鄉民刪除在自己硬碟上的檔案
• 檢查方式
– 鑑識官給Amazon鑰匙,並要求回傳對應MAC值
– Amazon回傳對應的MAC值給鑑識官
– 鑑識官生成一次檢查碼,跟Amazon上的MAC做比對
Motivation and Initilization
Item
Example 1
Example 2
Number of keys
1
N
Key is given to
鑑識官
鑑識官
Mac is stored by …
Amazon
鑑識官
File is transferred to…
Amazon and 鑑識官
Amazon
優缺點分析:
1. Example1
鑑識官:擁有鑰匙,所以可以無限次檢查檔案的完整與否
Amazon:必須上傳檔案給鑑識官,暴露隱私,也增加工作量
2. Example2
鑑識官保護了使用者隱私
因為MAC是有限的,所以可以偽造答案
下一步,我們要分析:
如先兼顧使用者隱私的同時,也讓鑑識官能無限次檢查檔案?
Detailed Mechanism(?)
這份投影片,我採取的策略:
以定性敘述,取代定量分析
Detailed Mechanism(?)
Algebra:
• Michael Artin
• Algebra
Essential Parts:
Group Theory
Link: Here
Detailed Mechanism(?)
Cryptography:
• Oded Goldreich
• Foundations of Cryptography
Essential Parts:
???
Link: Here
Detailed Mechanism(?)
User Initilization
• 鄉民:
–
–
–
–
生成解密鑰匙,丟給鑑識官
生成公開參數,丟給Amazon
生成驗證碼丟給Amazon
鄉民刪除在自己硬碟上的檔案
• 檢查方式
–
–
–
–
鑑識官向Amazon要求檢查部分的檔案
Amazon利用混合的公開參數,對原始檔案Hash
Amazon回傳Hash值、驗證碼
鑑識官由解密鑰匙解密Hash,與驗證碼做比對
Detailed Mechanism(?)
我很難相信你聽得懂 = =
Detailed Mechanism(?)
白話文解釋:
• 抽樣檔案 a1  a 2  a 3  a 4
f ( a ) in amazon)
• 驗證碼 f ( a )  f ( a )  f ( a )  (stored
• Amazon回傳的Hash Code g 1 ( a1 )  g 2 ( a 2 )  g 3 ( a 3 )  g 4 ( a 4 )
1
1
2
2
3
3
4
4
關鍵在於:
i
• 單獨 f i  g兩者的對應關係,沒有人清楚(亂數生成)
• 但是整體
f 1 ( a1 )  f 2 ( a 2 )  f 3 ( a 3 )  f 4 ( a 4 )  g 1 ( a1 )  g 2 ( a 2 )  g 3 ( a 3 )  g 4 ( a 4 )
正確對應關係,只有鑑識官知道(只有他有private key)
Detailed Mechanism(?)
其他保證的性質:
• Low Burden on Amazon:
Constant large sending block(mathematical analysis…)
• Theoretically, if amazon misses 1% data, TPA only needs
to audit for 460, 300 samples with probability more than
99%, 95%
• Support for Batch Auditing
Mathematical Analysis a1 a 2 a 3 ..a n  a i a i a i ...a i
1
2
3
n
Detailed Mechanism(?)
Mathematical Analysis:
• Storage Correctness:
Amazon can not generate valid response toward TPA
without faithfully storing the data
• Privacy Perserving Guarantee:
TPA can not derive users’data conent from the
information collected during the auditing porcess
Detailed Mechanism(?)
Performance Analysis(Real Expriments)
• Compared with old method(+Privacy)
• Batch Processing
Some Comments
Some Comments
美中不足(雞蛋裡挑骨頭?)
• 過於理想化:
TPA既不偏坦CSP也不偏袒使用者
• 對於動態資料未清楚說明:
(可以套用[8]的結果)
• 只能偵測到問題,無法修復
• 99%偵錯率夠嗎?
Reference
Reference
• Wikipedia:
• Algebra:
Michael Artin, 2nd Edition
• Foundations of Cryptography:
Oded Goldreich
• Some slides from 陳君明老師
• Privacy Preserving Public Auditing for Data Storage
Security in Cloud Computing(including some reference)
Q & A?

similar documents