Secure distributed storage and retrieval

Abstract

In his well-known Information Dispersal Algorithm paper, Rabin showed a way to distribute information among n processors in such a way that recovery of the information is possible in the presence of up to t inactive processors. An enhanced mechanism to enable construction in the presence of malicious faults, which can intentionally modify their shares of the information, was later presented by Krawczyk. Yet, this method assumed that the malicious faults occur only at reconstruction time.In this paper we address the more general problem of secure storage and retrieval of information (SSRI), and guarantee that also the process of storing the information is correct even when some of the processors fail. Our protocols achieve this while maintaining the (asymptotical) space optimality of the above methods.We also consider SSRI with the added requirement of confidentiality, by which no party except for the rightful owner of the information is able to learn anything about it. This is achieved through novel applications of cryptographic techniques, such as the distributed generation of receipts, distributed key management via threshold cryptography, and “blinding.” An interesting byproduct of our scheme is the construction of a secret sharing scheme with shorter shares size in the amortized sense. An immediate practical application of our work is a system for the secure deposit of sensitive data.KeywordsSecret SharingCertification AuthoritySecret Sharing SchemeCorrect ServerSymmetric Encryption SchemeThese keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.