The Bastion Scheme for Securing Data under Key Revelation
DOI:
https://doi.org/10.26438/ijcse/v6i9.4245Keywords:
Moderndayspresent, ciphertextAbstract
Moderndayspresent a prevailingmugger which breaks records discretionat some stage in acquiring cryptographic keys by means ofoppression or backdoors in a cryptographic software program. Once the encryption key is uncovered, the most effective possible degree to keep information confidentiality is to limit the attackers can allow accessing the ciphertext. This perhaps executed, for example, by sharing the ciphertext blocks to servers in compound executive domain names subsequently conceited that the attacker cannot reunion all of them. Nevertheless, if records are encrypted with existing schemes, an adversary geared up with the encryption key, can still compromise a single server and decrypt the ciphertext blocks saved therein. In this paper, we look at statistics confidentiality in opposition to an adversary which is aware of the encryption key and has to allow to a huge fraction of the ciphertext blocks. In this case, we endorse Bastion, a unique and efficient scheme that guarantees records confidentiality although the encryption key is leaked and the adversary allow to almost all ciphertext blocks. We examine the security of Bastion, and we evaluate its performance by means of a prototype implementation. We also discuss sensible insights with admire to the combination of Bastion in industrial dispersed storage structures. Our assessment outcomes recommend that Bastion is nicely-appropriate for integration in present systems because it incurs much less than five% overhead as compared to existing semantically at ease encryption modes.
References
[1] M. Abd-El-Malek, G. R. Ganger, G. R. Goodson, M. K. Reiter, and J. J. Wylie, “Fault-Scalable Byzantine Fault-Tolerant Services,” in ACM Symposium on Operating Systems Principles (SOSP), 2005, pp. 59–74.
[2] M. K. Aguilera, R. Janakiraman, and L. Xu, “Using Erasure Codes Efficiently for Storage in a Distributed System,” in International Conference on Dependable Systems and Networks (DSN), 2005, pp. 336–345.
[3] W. Aiello, M. Bellare, G. D. Crescenzo, and R. Venkatesan, “Security amplification by composition: The case of doublyiterated, ideal ciphers,” in Advances in Cryptology (CRYPTO), 1998, pp. 390–407.
[4] C. Basescu, C. Cachin, I. Eyal, R. Haas, and M. Vukolic, “Robust Data Sharing with Key-value Stores,” in ACM SIGACTSIGOPS Symposium on Principles of Distributed Computing (PODC), 2011, pp. 221–222.
[5] A. Beimel, “Secret-sharing schemes: A survey,” in International Workshop on Coding and Cryptology (IWCC), 2011, pp. 11–46.
[6] A. Bessani, M. Correia, B. Quaresma, F. André, and P. Sousa, “DepSky: Dependable and Secure Storage in a Cloud-ofclouds,” in Sixth Conference on Computer Systems (EuroSys), 2011, pp. 31–46.
[7] G. R. Blakley and C. Meadows, “Security of ramp schemes,” in Advances in Cryptology (CRYPTO), 1984, pp. 242–268.
[8] V. Boyko, “On the Security Properties of OAEP as an Allor-nothing Transform,” in Advances in Cryptology (CRYPTO), 1999, pp. 503–518.
[9] R. Canetti, C. Dwork, M. Naor, and R. Ostrovsky, “Deniable Encryption,” in Proceedings of CRYPTO, 1997.
[10] Cavalry, “Encryption Engine Dongle,” http://www. cavalrystorage.com/en2010.aspx/.
[11] C. Charnes, J. Pieprzyk, and R. Safavi-Naini, “Conditionally secure secret sharing schemes with disenrollment capability,” in ACM Conference on Computer and Communications Security (CCS), 1994, pp. 89–95.
[12] A. Desai, “The security of all-or-nothing encryption: Protecting against exhaustive key search,” in Advances in Cryptology (CRYPTO), 2000, pp. 359–375.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors contributing to this journal agree to publish their articles under the Creative Commons Attribution 4.0 International License, allowing third parties to share their work (copy, distribute, transmit) and to adapt it, under the condition that the authors are given credit and that in the event of reuse or distribution, the terms of this license are made clear.
