More Web Proxy on the site http://driver.im/

short-paper

LINCOS: A Storage System Providing Long-Term Integrity, Authenticity, and Confidentiality

Authors:

Johannes Braun,

Johannes Buchmann,

Denise Demirel,

Matthias Geihs,

Mikio Fujiwara,

Masahide Sasaki,

Atsushi WasedaAuthors Info & Claims

ASIA CCS '17: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security

Pages 461 - 468

https://doi.org/10.1145/3052973.3053043

Published: 02 April 2017 Publication History

Abstract

The amount of digital data that requires long-term protection of integrity, authenticity, and confidentiality grows rapidly. Examples include electronic health records, genome data, and tax data. In this paper we present the secure storage system LINCOS, which provides protection of integrity, authenticity, and confidentiality in the long-term, i.e., for an indefinite time period. It is the first such system. It uses the long-term integrity scheme COPRIS, which is also presented here and is the first such scheme that does not leak any information about the protected data. COPRIS uses information-theoretic hiding commitments for confidentiality-preserving integrity and authenticity protection. LINCOS uses proactive secret sharing for confidential storage of secret data. We also present implementations of COPRIS and LINCOS. A special feature of our LINCOS implementation is the use of quantum key distribution and one-time pad encryption for information-theoretic private channels within the proactive secret sharing protocol. The technological platform for this is the Tokyo QKD Network, which is one of worlds most advanced networks of its kind. Our experimental evaluation establishes the feasibility of LINCOS and shows that in view of the expected progress in quantum communication technology, LINCOS is a promising solution for protecting very sensitive data in the cloud.

References

[1]

C. Adams, P. Cain, D. Pinkas, and R. Zuccherato. Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP). RFC 3161 (Proposed Standard), Aug. 2001. Updated by RFC 5816.

Digital Library

[2]

F. Bahr, M. Boehm, J. Franke, and T. Kleinjung. Factorization of RSA-200. Public announcement on May 9th, 2005.

[3]

M. Bellare and P. Rogaway. Entity authentication and key distribution. In D. R. Stinson, editor, CRYPTO '93, pages 232--249, 1994.

Digital Library

[4]

G. Brassard, C. Crépeau, D. Mayers, and L. Salvail. A brief review on the impossibility of quantum bit commitment. arXiv preprint quant-ph/9712023, 1997.

[5]

J. Braun, J. Buchmann, C. Mullan, and A. Wiesmaier. Long term confidentiality: a survey. Designs, Codes and Cryptography, 71(3):459--478, 2014.

[6]

R. Canetti, L. Cheung, D. K. Kaynar, N. A. Lynch, and O. Pereira. Modeling computational security in long-lived systems. In CONCUR, 2008.

Digital Library

[7]

T. Dierks and E. Rescorla. The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246 (Proposed Standard), Aug. 2008. Updated by RFCs 5746, 5878, 6176, 7465, 7507, 7568, 7627, 7685.

[8]

M. Fujiwara, A. Waseda, R. Nojima, S. Moriai, W. Ogata, and M. Sasaki. Unbreakable distributed storage with quantum key distribution network and password-authenticated secret sharing. Scientific Reports, 6, 2016.

[9]

M. Geihs, D. Demirel, and J. Buchmann. A security analysis of techniques for long-term integrity protection. In Privacy, Security and Trust 2016, 2016.

[10]

O. Goldreich. Foundations of Cryptography -- Volume 1, chapter Perfectly Hiding Commitment Schemes. Cambridge University Press, 2001.

Digital Library

[11]

T. Gondrom, R. Brandner, and U. Pordesch. Evidence Record Syntax (ERS). RFC 4998 (Proposed Standard), Aug. 2007.

[12]

V. H. Gupta and K. Gopinath. $G_its^2$ VSR: An information theoretical secure verifiable secret redistribution protocol for long-term archival storage. In Security in Storage Workshop, 2007.

Digital Library

[13]

S. Haber and W. S. Stornetta. How to time-stamp a digital document. In CRYPTO '90, pages 437--455, 1990.

Digital Library

[14]

A. Herzberg, S. Jarecki, H. Krawczyk, and M. Yung. CRYPTO '95, chapter Proactive Secret Sharing Or: How to Cope With Perpetual Leakage, pages 339--352. Springer Berlin Heidelberg, Berlin, Heidelberg, 1995.

Digital Library

[15]

https://www.keylength.com. Cryptographic key length recommendation, 2016.

[16]

D. Hühnlein, U. Korte, L. Langer, and A. Wiesmaier. A comprehensive reference architecture for trustworthy long-term archiving of sensitive data. In Conference on New Technologies, Mobility and Security, pages 1--5, Dec 2009.

Digital Library

[17]

T. Kuroda et al. Simulating cloud environment for HIS backup using secret sharing. Studies in health technology and informatics, 192:171--174, 2012.

[18]

A. K. Lenstra. Key lengths. In The Handbook of Information Security. Wiley, 2004.

[19]

T. Loruenser, A. Happe, and D. Slamanig. Archistar: Towards secure and robust cloud based data sharing. In CloudCom 2015, pages 371--378, Nov 2015.

Digital Library

[20]

T. P. Pedersen. Non-interactive and information-theoretic secure verifiable secret sharing. In CRYPTO '91, 1992.

Digital Library

[21]

T. A. Ramos, N. da Silva, L. C. Lung, J. G. Kohler, and R. F. Custódio. An infrastructure for long-term archiving of authenticated and sensitive electronic documents. In EuroPKI, pages 193--207, 2010.

Digital Library

[22]

R. L. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM, 21(2):120--126, Feb. 1978.

Digital Library

[23]

M. Sasaki et al. Field test of quantum key distribution in the tokyo qkd network. Opt. Express, 19(11):10387--10409, May 2011.

[24]

V. Scarani et al. The security of practical quantum key distribution. Rev. Mod. Phys., 81:1301--1350, Sep 2009.

[25]

A. Shamir. How to share a secret. Commun. ACM, 22(11):612--613, Nov. 1979.

Digital Library

[26]

C. E. Shannon. Communication theory of secrecy systems. The Bell System Technical Journal, 28(4):656--715, Oct 1949.

[27]

M. A. G. Vigil, J. A. Buchmann, D. Cabarcas, C. Weinert, and A. Wiesmaier. Integrity, authenticity, non-repudiation, and proof of existence for long-term archiving: A survey. Computers & Security, 50:16--32, 2015.

Digital Library

Cited By

Smith CTabassum MDaruru SKulhare GWang AMiller EZadok E(2024)Secure Archival is Hard... Really HardProceedings of the 16th ACM Workshop on Hot Topics in Storage and File Systems10.1145/3655038.3666093(38-46)Online publication date: 8-Jul-2024
https://dl.acm.org/doi/10.1145/3655038.3666093
Felisberto Mde Oliveira JMohr ECeluppi IZanotto Wdos Santos RScandolara Ddos Santos Fantonelli MCunha CHammes JWazlawick RDalmarco E(2024)Digital signatures in electronic health records: a scoping reviewHealth and Technology10.1007/s12553-024-00906-y14:6(1083-1096)Online publication date: 20-Sep-2024
https://doi.org/10.1007/s12553-024-00906-y
Hu GLiu CTuo JZhang M(2024)Efficient and Secure Count Queries on Encrypted Genomic DataFrontiers in Cyber Security10.1007/978-981-99-9331-4_16(240-251)Online publication date: 4-Jan-2024
https://doi.org/10.1007/978-981-99-9331-4_16
Show More Cited By

Index Terms

LINCOS: A Storage System Providing Long-Term Integrity, Authenticity, and Confidentiality
1. Security and privacy

Recommendations

PROPYLA: Privacy Preserving Long-Term Secure Storage
SCC '18: Proceedings of the 6th International Workshop on Security in Cloud Computing

The amount of electronically stored information increases rapidly. Sensitive information requires integrity and confidentiality protection, sometimes for decades or even centuries (e.g., health records or governmental documents). Commonly used ...
Long-Term Secure Deniable Group Key Establishment
Innovative Security Solutions for Information Technology and Communications
Abstract
In this paper we present a long-term secure deniable group key establishment protocol. Long-term security provides resistance again-st an adversary, even if some underlying hardness assumptions become invalid later, after completion of the ...
A fine-grained access control and revocation scheme on clouds

In recent years, more and more companies outsource their data to the cloud service provider to greatly reduce the cost. However, it also raises underlying security and privacy issues for the significant corporate data. Therefore, a natural way to keep ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

ASIA CCS '17: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security

April 2017

952 pages

ISBN:9781450349444

DOI:10.1145/3052973

General Chairs:
Ramesh Karri
New York University, New York, USA
,
Ozgur Sinanoglu
New York University Abu Dhabi, UAE
,
Program Chairs:
Ahmad-Reza Sadeghi
Technische Universität Darmstadt, Germany
,
Xun Yi
RMIT University, Australia

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 April 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Conference

ASIA CCS '17

Sponsor:

SIGSAC

ASIA CCS '17: ACM Asia Conference on Computer and Communications Security

April 2 - 6, 2017

Abu Dhabi, United Arab Emirates

Acceptance Rates

ASIA CCS '17 Paper Acceptance Rate 67 of 359 submissions, 19%;

Overall Acceptance Rate 418 of 2,322 submissions, 18%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

19
Total Citations
View Citations
365
Total Downloads

Downloads (Last 12 months)31
Downloads (Last 6 weeks)4

Reflects downloads up to 01 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Smith CTabassum MDaruru SKulhare GWang AMiller EZadok E(2024)Secure Archival is Hard... Really HardProceedings of the 16th ACM Workshop on Hot Topics in Storage and File Systems10.1145/3655038.3666093(38-46)Online publication date: 8-Jul-2024
https://dl.acm.org/doi/10.1145/3655038.3666093
Felisberto Mde Oliveira JMohr ECeluppi IZanotto Wdos Santos RScandolara Ddos Santos Fantonelli MCunha CHammes JWazlawick RDalmarco E(2024)Digital signatures in electronic health records: a scoping reviewHealth and Technology10.1007/s12553-024-00906-y14:6(1083-1096)Online publication date: 20-Sep-2024
https://doi.org/10.1007/s12553-024-00906-y
Hu GLiu CTuo JZhang M(2024)Efficient and Secure Count Queries on Encrypted Genomic DataFrontiers in Cyber Security10.1007/978-981-99-9331-4_16(240-251)Online publication date: 4-Jan-2024
https://doi.org/10.1007/978-981-99-9331-4_16
Sehrawat VYeo FVassilyev D(2023)Star-Specific Key-Homomorphic PRFs From Learning With Linear RegressionIEEE Access10.1109/ACCESS.2023.329484411(73235-73267)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3294844
Sabry MSamavi R(2022)ArchiveSafe LT: Secure Long-term Archiving SystemProceedings of the 38th Annual Computer Security Applications Conference10.1145/3564625.3564635(936-948)Online publication date: 5-Dec-2022
https://dl.acm.org/doi/10.1145/3564625.3564635
Fujiwara MNojima RTsurumaru TMoriai STakeoka MSasaki M(2022)Long-Term Secure Distributed Storage Using Quantum Key Distribution Network With Third-Party VerificationIEEE Transactions on Quantum Engineering10.1109/TQE.2021.31350773(1-11)Online publication date: 2022
https://doi.org/10.1109/TQE.2021.3135077
Ntanos AZavitsanos DGiannoulis GAvramopoulos H(2022)Satellite Assisted QKD Key EncapsulationICC 2022 - IEEE International Conference on Communications10.1109/ICC45855.2022.9839144(3251-3256)Online publication date: 16-May-2022
https://doi.org/10.1109/ICC45855.2022.9839144
Zhang RHummelgård MÖrtegren JAndersson HBlomquist NPhadatare MPatil RRastabi SAn SBalliu EOlin H(2022)Triboelectric biometric signatureNano Energy10.1016/j.nanoen.2022.107496100(107496)Online publication date: Sep-2022
https://doi.org/10.1016/j.nanoen.2022.107496
Poulter ACox S(2021)An Assessment of the Performance of the Secure Remote Update Protocol in Simulated Real-World ConditionsIoT10.3390/iot20400282:4(549-563)Online publication date: 23-Sep-2021
https://doi.org/10.3390/iot2040028
Geihs MNikiforov ODemirel DSauer AButin DGunther FAlber GWalther TBuchmann J(2021)The Status of Quantum-Key-Distribution-Based Long-Term Secure Internet CommunicationIEEE Transactions on Sustainable Computing10.1109/TSUSC.2019.29139486:1(19-29)Online publication date: 1-Jan-2021
https://doi.org/10.1109/TSUSC.2019.2913948
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents