Privacy –Preserving Public Auditing for Data Security in
Cloud Computing
B97201006 林楷軒
Outline
• Overview of this paper
• Motivation and Initialization
• Detailed Mechanism
• Some Comments
• Reference
Overview of this paper
Overview of this paper• In one sentence,
Ensure your data authentication in cloud?
• Properties of cloud storage• Users always have availabe and scalable space
→Need not worry about running out of space• Users need not have real physical storage media
→Need not spend money on equipments
• Data is not near your hand →Data not accessible when network failure→How to make sure the data authentication?
Overview of this paperSome instances threatening your data in cloud
• Cloud Storage Provider deletes your data that you seldom access
• Cloud Storage Provider hides data loss incidnets
• Internal communication error in clusters of computers in Cloud(Amazon 2008,June 20)
Overview of this paperThe solution is:A third party checks you data authentication(Self-checking is too tiring)
Requirements:• Checks authentication while preserving privacy• [Exclusive]First model able to support scalable
and efficient auditing• [Exclusive]Security justified by concrete
experiments• [Mice.]No local copy of data, no more burden to
users
Motivation and Initialization
Motivation and InitilizationMotivation:Check the authentication of data
Nonmenclature Explanation(1):• TPA:Third Party Auditor• User:…• CSP:Cloud Storage Provider
鑑識官鄉民Amazon
Motivation and InitilizationNonmenclature Explanation(2)• Public key: (封裝 ) keys for locking a box• Private key: (開箱 ) keys for unlocking a box• MAC: (檢查碼 ) message authentication code.
Each piece of data has a MAC code, derived from its content
簡單舉例 (MD5)• MD5("The quick brown fox jumps over the lazy
dog")9e107d9d372bb6826bd81d3542a419d6
• MD5("The quick brown fox jumps over the lazy dog.")e4d909c290d0fb1ca068ffaddf22cbd0
Motivation and InitilizationPhase Nonmenclature:• User
KeyGen: generate the keySigGen: gengerate the verification of meta data(MAC)
• CSP:Cloud Storage ProviderGenProof: generate proof of data correctness
• TPA:Third Party AuditorVerifyProof:Audit proof from CSP(Amazon)
Have a little break...
Motivation and InitilizationExample One: Privacy Leaking• 鄉民 :– 生成一把鑰匙,丟給鑑識官– 製造 MAC ,丟給 Amazon– 上傳檔案給 Amazon– 鄉民刪除在自己硬碟上的檔案
• 檢查方式– 鑑識官向 Amazon 要檔案 ( 檔案外洩啦… )– 鑑識官自行生成 MAC ,檢查檔案
Motivation and InitilizationExample Two: Finitely many checking times• 鄉民 :
– 生成 N 把鑰匙,丟給鑑識官– 製造 N 種鑰匙的 MAC ,丟給鑑識官– 上傳檔案給 Amazon– 鄉民刪除在自己硬碟上的檔案
• 檢查方式– 鑑識官給 Amazon 鑰匙,並要求回傳對應 MAC 值– Amazon 回傳對應的 MAC 值給鑑識官– 鑑識官生成一次檢查碼,跟 Amazon 上的 MAC 做比
對
Motivation and InitilizationItem Example 1 Example 2
Number of keys 1 N
Key is given to 鑑識官 鑑識官Mac is stored by … Amazon 鑑識官File is transferred to… Amazon and 鑑識官 Amazon
優缺點分析:1. Example1鑑識官 :擁有鑰匙,所以可以無限次檢查檔案的完整與否Amazon:必須上傳檔案給鑑識官,暴露隱私,也增加工作量
2. Example2鑑識官保護了使用者隱私因為MAC是有限的,所以可以偽造答案
下一步,我們要分析:如先兼顧使用者隱私的同時,也讓鑑識官能無限次檢查檔案?
Detailed Mechanism(?)這份投影片,我採取的策略:以定性敘述,取代定量分析
Detailed Mechanism(?)Algebra:• Michael Artin• Algebra
Essential Parts: Group Theory
Link: Here
Detailed Mechanism(?)Cryptography:• Oded Goldreich• Foundations of Cryptography
Essential Parts: ???Link: Here
Detailed Mechanism(?)User Initilization• 鄉民 :
– 生成解密鑰匙,丟給鑑識官– 生成公開參數,丟給 Amazon– 生成驗證碼丟給 Amazon– 鄉民刪除在自己硬碟上的檔案
• 檢查方式– 鑑識官向 Amazon 要求檢查部分的檔案– Amazon 利用混合的公開參數,對原始檔案 Hash– Amazon 回傳 Hash 值、驗證碼– 鑑識官由解密鑰匙解密 Hash ,與驗證碼做比對
Detailed Mechanism(?)
我很難相信你聽得懂 = =
Detailed Mechanism(?)白話文解釋:• 抽樣檔案• 驗證碼 (stored in amazon)• Amazon 回傳的 Hash Code
關鍵在於:• 單獨 兩者的對應關係,沒有人清楚 ( 亂數生成 )• 但是整體
正確對應關係,只有鑑識官知道 ( 只有他有 private key)
1 2 3 4a a a a
1 1 2 2 3 3 4 4( ) ( ) ( ) ( )f a f a f a f a
1 1 2 2 3 3 4 4( ) ( ) ( ) ( )g a g a g a g a
i if g
1 1 2 2 3 3 4 4 1 1 2 2 3 3 4 4( ) ( ) ( ) ( ) ( ) ( ) ( ) ( )f a f a f a f a g a g a g a g a
Detailed Mechanism(?)其他保證的性質:• Low Burden on Amazon:
Constant large sending block(mathematical analysis…)
• Theoretically, if amazon misses 1% data, TPA only needs to audit for 460, 300 samples with probability more than 99%, 95%
• Support for Batch AuditingMathematical Analysis 1 2 31 2 3.. ...
nn i i i ia a a a a a a a
Detailed Mechanism(?)Mathematical Analysis :• Storage Correctness:
Amazon can not generate valid response toward TPA without faithfully storing the data
• Privacy Perserving Guarantee:TPA can not derive users’data conent from the information collected during the auditing porcess
Detailed Mechanism(?)Performance Analysis(Real Expriments)• Compared with old method(+Privacy)
• Batch Processing
Some Comments
Some Comments美中不足 ( 雞蛋裡挑骨頭 ?)• 過於理想化:
TPA 既不偏坦 CSP 也不偏袒使用者
• 對於動態資料未清楚說明:( 可以套用 [8] 的結果 )
• 只能偵測到問題,無法修復
• 99% 偵錯率夠嗎?
Reference
Reference• Wikipedia:
• Algebra:Michael Artin, 2nd Edition
• Foundations of Cryptography:Oded Goldreich
• Some slides from 陳君明老師
• Privacy Preserving Public Auditing for Data Storage Security in Cloud Computing(including some reference)
Q & A?