Privacy *Preserving Public Auditing for Data Security in
advertisement
Privacy –Preserving Public Auditing for Data Security in Cloud Computing B97201006 林楷軒 Outline • Overview of this paper • Motivation and Initialization • Detailed Mechanism • Some Comments • Reference Overview of this paper Overview of this paper • In one sentence, Ensure your data authentication in cloud? • Properties of cloud storage • Users always have availabe and scalable space →Need not worry about running out of space • Users need not have real physical storage media →Need not spend money on equipments • Data is not near your hand →Data not accessible when network failure →How to make sure the data authentication? Overview of this paper Some instances threatening your data in cloud • Cloud Storage Provider deletes your data that you seldom access • Cloud Storage Provider hides data loss incidnets • Internal communication error in clusters of computers in Cloud(Amazon 2008,June 20) Overview of this paper The solution is: A third party checks you data authentication (Self-checking is too tiring) Requirements: • Checks authentication while preserving privacy • [Exclusive]First model able to support scalable and efficient auditing • [Exclusive]Security justified by concrete experiments • [Mice.]No local copy of data, no more burden to users Motivation and Initialization Motivation and Initilization Motivation: Check the authentication of data Nonmenclature Explanation(1): • TPA:Third Party Auditor • User:… • CSP:Cloud Storage Provider 鑑識官 鄉民 Amazon Motivation and Initilization Nonmenclature Explanation(2) • Public key: (封裝) keys for locking a box • Private key: (開箱) keys for unlocking a box • MAC: (檢查碼) message authentication code. Each piece of data has a MAC code, derived from its content 簡單舉例(MD5) MD5("The quick brown fox jumps over the lazy dog") 9e107d9d372bb6826bd81d3542a419d6 • MD5("The quick brown fox jumps over the lazy dog.") e4d909c290d0fb1ca068ffaddf22cbd0 • Motivation and Initilization Phase Nonmenclature: • User KeyGen: generate the key SigGen: gengerate the verification of meta data(MAC) • CSP:Cloud Storage Provider GenProof: generate proof of data correctness • TPA:Third Party Auditor VerifyProof:Audit proof from CSP(Amazon) Have a little break... Motivation and Initilization Example One: Privacy Leaking • 鄉民: – – – – 生成一把鑰匙,丟給鑑識官 製造MAC,丟給Amazon 上傳檔案給Amazon 鄉民刪除在自己硬碟上的檔案 • 檢查方式 – 鑑識官向Amazon要檔案(檔案外洩啦…) – 鑑識官自行生成MAC,檢查檔案 Motivation and Initilization Example Two: Finitely many checking times • 鄉民: – – – – 生成N把鑰匙,丟給鑑識官 製造N種鑰匙的MAC,丟給鑑識官 上傳檔案給Amazon 鄉民刪除在自己硬碟上的檔案 • 檢查方式 – 鑑識官給Amazon鑰匙,並要求回傳對應MAC值 – Amazon回傳對應的MAC值給鑑識官 – 鑑識官生成一次檢查碼,跟Amazon上的MAC做比對 Motivation and Initilization Item Example 1 Example 2 Number of keys 1 N Key is given to 鑑識官 鑑識官 Mac is stored by … Amazon 鑑識官 File is transferred to… Amazon and 鑑識官 Amazon 優缺點分析: 1. Example1 鑑識官:擁有鑰匙,所以可以無限次檢查檔案的完整與否 Amazon:必須上傳檔案給鑑識官,暴露隱私,也增加工作量 2. Example2 鑑識官保護了使用者隱私 因為MAC是有限的,所以可以偽造答案 下一步,我們要分析: 如先兼顧使用者隱私的同時,也讓鑑識官能無限次檢查檔案? Detailed Mechanism(?) 這份投影片,我採取的策略: 以定性敘述,取代定量分析 Detailed Mechanism(?) Algebra: • Michael Artin • Algebra Essential Parts: Group Theory Link: Here Detailed Mechanism(?) Cryptography: • Oded Goldreich • Foundations of Cryptography Essential Parts: ??? Link: Here Detailed Mechanism(?) User Initilization • 鄉民: – – – – 生成解密鑰匙,丟給鑑識官 生成公開參數,丟給Amazon 生成驗證碼丟給Amazon 鄉民刪除在自己硬碟上的檔案 • 檢查方式 – – – – 鑑識官向Amazon要求檢查部分的檔案 Amazon利用混合的公開參數,對原始檔案Hash Amazon回傳Hash值、驗證碼 鑑識官由解密鑰匙解密Hash,與驗證碼做比對 Detailed Mechanism(?) 我很難相信你聽得懂 = = Detailed Mechanism(?) 白話文解釋: • 抽樣檔案 a1 a 2 a 3 a 4 f ( a ) in amazon) • 驗證碼 f ( a ) f ( a ) f ( a ) (stored • Amazon回傳的Hash Code g 1 ( a1 ) g 2 ( a 2 ) g 3 ( a 3 ) g 4 ( a 4 ) 1 1 2 2 3 3 4 4 關鍵在於: i • 單獨 f i g兩者的對應關係,沒有人清楚(亂數生成) • 但是整體 f 1 ( a1 ) f 2 ( a 2 ) f 3 ( a 3 ) f 4 ( a 4 ) g 1 ( a1 ) g 2 ( a 2 ) g 3 ( a 3 ) g 4 ( a 4 ) 正確對應關係,只有鑑識官知道(只有他有private key) Detailed Mechanism(?) 其他保證的性質: • Low Burden on Amazon: Constant large sending block(mathematical analysis…) • Theoretically, if amazon misses 1% data, TPA only needs to audit for 460, 300 samples with probability more than 99%, 95% • Support for Batch Auditing Mathematical Analysis a1 a 2 a 3 ..a n a i a i a i ...a i 1 2 3 n Detailed Mechanism(?) Mathematical Analysis: • Storage Correctness: Amazon can not generate valid response toward TPA without faithfully storing the data • Privacy Perserving Guarantee: TPA can not derive users’data conent from the information collected during the auditing porcess Detailed Mechanism(?) Performance Analysis(Real Expriments) • Compared with old method(+Privacy) • Batch Processing Some Comments Some Comments 美中不足(雞蛋裡挑骨頭?) • 過於理想化: TPA既不偏坦CSP也不偏袒使用者 • 對於動態資料未清楚說明: (可以套用[8]的結果) • 只能偵測到問題,無法修復 • 99%偵錯率夠嗎? Reference Reference • Wikipedia: • Algebra: Michael Artin, 2nd Edition • Foundations of Cryptography: Oded Goldreich • Some slides from 陳君明老師 • Privacy Preserving Public Auditing for Data Storage Security in Cloud Computing(including some reference) Q & A?
