End-to-Same-End Encryption: Modularly Augmenting an App with an Efficient, Portable, and Blind Cloud Storage

Abstract

The cloud has become pervasive, and we ask: how can we protect cloud data against the cloud itself? For secure user-to-user communication via a cloud server, End-to-End encryption has been formally studied, building on existing TLS channels without requiring new primitives. However, enabling user-to-same-user secure outsourced data storage - solving the analogous problem of “privacy from the server” while (1) relying on existing infrastructure and (2) supporting user mobility, remains open. Existing proposals, like password-protected secret sharing, target the same goal but are incompatible with existing cloud storage services. Specifically, they lack the simplicity needed to directly utilize existing cloud storage without requiring changes on the cloud side. Here, we propose a novel system for securely storing private data in existing cloud storage with the help of a key server (necessary given the requirements). In our system, user data is secure against threats from the cloud server, the key server, and illegitimate users. Only the legitimate user can access the data on any device using a correct passphrase. Most importantly, our system does not require the storage server to support any newly programmable operations. Moreover, leveraging the existing App login, our system requires only one passphrase, which never leaves the user’s device and remains hidden from both servers. The security is proved under formal models, and its efficiency is demonstrated by experiments conducted on Amazon S3. Notably, a preliminary variant, based on our principles, was deployed by Snapchat in their My Eyes Only module, serving hundreds of millions of users!