Abstract
Distributed storage plays an essential role in realizing robust and secure data storage in a network over long periods of time. A distributed storage system consists of a data owner machine, multiple storage servers and channels to link them. In such a system, secret sharing scheme is widely adopted, in which secret data are split into multiple pieces and stored in each server. To reconstruct them, the data owner should gather plural pieces. Shamir’s (k, n)-threshold scheme, in which the data are split into n pieces (shares) for storage and at least k pieces of them must be gathered for reconstruction, furnishes information theoretic security, that is, even if attackers could collect shares of less than the threshold k, they cannot get any information about the data, even with unlimited computing power. Behind this scenario, however, assumed is that data transmission and authentication must be perfectly secure, which is not trivial in practice. Here we propose a totally information theoretically secure distributed storage system based on a user-friendly single-password-authenticated secret sharing scheme and secure transmission using quantum key distribution, and demonstrate it in the Tokyo metropolitan area (≤90 km).
Highlights
Practice, most data storage services adopt an easier way, i.e., password authentication for on-line individual identifications due to its high usability
The Tokyo quantum key distribution (QKD) Network itself consists of five nodes connected by six QKD links
The Gakushuin QKD link uses the Continuous Variable (CV)-QKD23. It is deployed in a link of about 2 km in the NICT premise
Summary
Practice, most data storage services adopt an easier way, i.e., password authentication for on-line individual identifications due to its high usability. Even if only hashed password is stored, a powerful malicious insider who can access a password file in a storage server may guess the password with an off-line dictionary attack. To attain ITS against the malicious insider’s off-line dictionary attacks, different passwords should be used for different storage servers at each time. Password-authenticated SS schemes based on homomorphic encryption use a single password and have high tolerance even against off-line dictionary attacks, they so far offer only computational security. We newly develop and demonstrate an efficient information theoretically secure distributed storage system by combining quantum key distribution and password-authenticated secret sharing. The whole system operates by the interplay between the QKD platform and the application layer on it, in which password-authenticated secret sharing is implemented. We show how the QKD platform is designed in a layer structure for high serviceability and availability of the secure storage system
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
