Light Blind: Why Encrypt If You Can Share?
Pierpaolo Cincilla, Aymen Boudguiga, Makhlouf Hadji, Arnaud Kaiser
2015
Abstract
The emergence of cloud computing makes the use of remote storage more and more common. Clouds provide cheap and virtually unlimited storage capacity. Moreover, thanks to replication, clouds offer high availability of stored data. The use of public clouds storage make data confidentiality more critical as the user has no control on the physical storage device nor on the communication channel. The common solution is to ensure data confidentiality by encryption. Encryption gives strong confidentiality guarantees but comes with a price. The time needed to encrypt and decrypt data increases with respect to the size of input data, making encryption expensive. Due to its overhead, encryption is not universally used and a non-negligible amount of data is insecurely stored in the cloud. In this paper, we propose a new mechanism, called Light Blind, that allows confidentiality of data stored in the cloud at a lower time overhead than classical cryptographic techniques. The key idea of our work is to partition unencrypted data across multiple clouds in such a way that none of them can reconstruct the original information. In this paper we describe this new approach and we propose a partition algorithm with constant time complexity tailored for modern multi/many-core architectures.
References
- Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Motwani, R., Srivastava, U., Thomas, D., and Xu, Y. (2005). Two can keep a secret: A distributed architecture for secure database services. CIDR 2005.
- Bohli, J.-M., Gruschka, N., Jensen, M., Iacono, L., and Marnau, N. (2013). Security and privacy-enhancing multicloud architectures. Dependable and Secure Computing, IEEE Transactions on, 10(4):212-224.
- Daemen, J. and Rijmen, V. (1998). Aes proposal: Rijndael.
- di Vimercati, S. D. C., Erbacher, R. F., Foresti, S., Jajodia, S., Livraga, G., and Samarati, P. (2014a). Encryption and fragmentation for data confidentiality in the cloud. In Foundations of Security Analysis and Design VII, pages 212-243. Springer.
- di Vimercati, S. D. C., Foresti, S., Paraboschi, S., Pelosi, G., and Samarati, P. (2014b). Protecting access confidentiality with data distribution and swapping.
- Ferguson, N., Schneier, B., and Kohno, T. (2011). Cryptography Engineering: Design Principles and Practical Applications. Wiley.
- Hadji, M. (2015). A mathematical programming approach to multi-cloud storage. In Proceedings of the 5th International Conference on Cloud Computing and Services Science, CLOSER 7815.
- Kamara, S. and Lauter, K. (2010). Cryptographic cloud storage. In Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J., Sako, K., and Seb, F., editors, Financial Cryptography and Data Security, volume 6054 of Lecture Notes in Computer Science, pages 136-149. Springer Berlin Heidelberg.
- Mansouri, Y., Toosi, A. N., and Buyya, R. (2013). Brokering algorithms for optimizing the availability and cost of cloud storage services. In Proceedings of the 2013 IEEE International Conference on Cloud Computing Technology and Science - Volume 01, CLOUDCOM 7813, Washington, DC, USA. IEEE Computer Society.
- Papaioannou, T. G., Bonvin, N., and Aberer, K. (2012). Scalia: An adaptive scheme for efficient multi-cloud storage. In Proceedings of the International Conference on High Performance Computing, Networking, Storage and Analysis, SC 7812, pages 20:1-20:10, Los Alamitos, CA, USA. IEEE Computer Society Press.
- Qu, Y. and Xiong, N. (2012). Rfh: A resilient, fault-tolerant and high-efficient replication algorithm for distributed cloud storage. In Parallel Processing (ICPP), 2012 41st International Conference on, pages 520-529.
- Sachdev, A. and Bhansali, M. (2013). Enhancing cloud computing security using aes algorithm. International Journal of Computer Applications, 67(9):19-23. Full text available.
- Srivastava, S., Gupta, V., Yadav, R., and Kant, K. (2012). Enhanced distributed storage on the cloud. In Computer and Communication Technology (ICCCT), 2012 Third International Conference on, pages 321-325.
- Stefanov, E. and Shi, E. (2013). Multi-cloud oblivious storage. In Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, CCS 7813, New York, NY, USA. ACM.
- Wang, Q., Wang, C., Ren, K., Lou, W., and Li, J. (2011). Enabling public auditability and data dynamics for storage security in cloud computing. Parallel and Distributed Systems, IEEE Transactions on, 22(5).
Paper Citation
in Harvard Style
Cincilla P., Boudguiga A., Hadji M. and Kaiser A. (2015). Light Blind: Why Encrypt If You Can Share? . In Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015) ISBN 978-989-758-117-5, pages 361-368. DOI: 10.5220/0005562203610368
in Bibtex Style
@conference{secrypt15,
author={Pierpaolo Cincilla and Aymen Boudguiga and Makhlouf Hadji and Arnaud Kaiser},
title={Light Blind: Why Encrypt If You Can Share?},
booktitle={Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)},
year={2015},
pages={361-368},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005562203610368},
isbn={978-989-758-117-5},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)
TI - Light Blind: Why Encrypt If You Can Share?
SN - 978-989-758-117-5
AU - Cincilla P.
AU - Boudguiga A.
AU - Hadji M.
AU - Kaiser A.
PY - 2015
SP - 361
EP - 368
DO - 10.5220/0005562203610368