679 research outputs found
Generic Secure Repair for Distributed Storage
This paper studies the problem of repairing secret sharing schemes, i.e.,
schemes that encode a message into shares, assigned to nodes, so that
any nodes can decode the message but any colluding nodes cannot infer
any information about the message. In the event of node failures so that shares
held by the failed nodes are lost, the system needs to be repaired by
reconstructing and reassigning the lost shares to the failed (or replacement)
nodes. This can be achieved trivially by a trustworthy third-party that
receives the shares of the available nodes, recompute and reassign the lost
shares. The interesting question, studied in the paper, is how to repair
without a trustworthy third-party. The main issue that arises is repair
security: how to maintain the requirement that any colluding nodes,
including the failed nodes, cannot learn any information about the message,
during and after the repair process? We solve this secure repair problem from
the perspective of secure multi-party computation. Specifically, we design
generic repair schemes that can securely repair any (scalar or vector) linear
secret sharing schemes. We prove a lower bound on the repair bandwidth of
secure repair schemes and show that the proposed secure repair schemes achieve
the optimal repair bandwidth up to a small constant factor when dominates
, or when the secret sharing scheme being repaired has optimal rate. We
adopt a formal information-theoretic approach in our analysis and bounds. A
main idea in our schemes is to allow a more flexible repair model than the
straightforward one-round repair model implicitly assumed by existing secure
regenerating codes. Particularly, the proposed secure repair schemes are simple
and efficient two-round protocols
Communication Efficient Secret Sharing
A secret sharing scheme is a method to store information securely and
reliably. Particularly, in a threshold secret sharing scheme, a secret is
encoded into shares, such that any set of at least shares suffice to
decode the secret, and any set of at most shares reveal no
information about the secret. Assuming that each party holds a share and a user
wishes to decode the secret by receiving information from a set of parties; the
question we study is how to minimize the amount of communication between the
user and the parties. We show that the necessary amount of communication,
termed "decoding bandwidth", decreases as the number of parties that
participate in decoding increases. We prove a tight lower bound on the decoding
bandwidth, and construct secret sharing schemes achieving the bound.
Particularly, we design a scheme that achieves the optimal decoding bandwidth
when parties participate in decoding, universally for all . The scheme is based on Shamir's secret sharing scheme and preserves its
simplicity and efficiency. In addition, we consider secure distributed storage
where the proposed communication efficient secret sharing schemes further
improve disk access complexity during decoding.Comment: submitted to the IEEE Transactions on Information Theory. New
references and a new construction adde
Security in Locally Repairable Storage
In this paper we extend the notion of {\em locally repairable} codes to {\em
secret sharing} schemes. The main problem that we consider is to find optimal
ways to distribute shares of a secret among a set of storage-nodes
(participants) such that the content of each node (share) can be recovered by
using contents of only few other nodes, and at the same time the secret can be
reconstructed by only some allowable subsets of nodes. As a special case, an
eavesdropper observing some set of specific nodes (such as less than certain
number of nodes) does not get any information. In other words, we propose to
study a locally repairable distributed storage system that is secure against a
{\em passive eavesdropper} that can observe some subsets of nodes.
We provide a number of results related to such systems including upper-bounds
and achievability results on the number of bits that can be securely stored
with these constraints.Comment: This paper has been accepted for publication in IEEE Transactions of
Information Theor
Storage Codes with Flexible Number of Nodes
This paper presents flexible storage codes, a class of error-correcting codes
that can recover information from a flexible number of storage nodes. As a
result, one can make a better use of the available storage nodes in the
presence of unpredictable node failures and reduce the data access latency. Let
us assume a storage system encodes information symbols over a finite
field into nodes, each of size symbols. The code is
parameterized by a set of tuples ,
satisfying and , such that the information symbols can be reconstructed from any
nodes, each node accessing symbols. In other words, the code
allows a flexible number of nodes for decoding to accommodate the variance in
the data access time of the nodes. Code constructions are presented for
different storage scenarios, including LRC (locally recoverable) codes, PMDS
(partial MDS) codes, and MSR (minimum storage regenerating) codes. We analyze
the latency of accessing information and perform simulations on Amazon clusters
to show the efficiency of presented codes
Optimal Locally Repairable and Secure Codes for Distributed Storage Systems
This paper aims to go beyond resilience into the study of security and
local-repairability for distributed storage systems (DSS). Security and
local-repairability are both important as features of an efficient storage
system, and this paper aims to understand the trade-offs between resilience,
security, and local-repairability in these systems. In particular, this paper
first investigates security in the presence of colluding eavesdroppers, where
eavesdroppers are assumed to work together in decoding stored information.
Second, the paper focuses on coding schemes that enable optimal local repairs.
It further brings these two concepts together, to develop locally repairable
coding schemes for DSS that are secure against eavesdroppers.
The main results of this paper include: a. An improved bound on the secrecy
capacity for minimum storage regenerating codes, b. secure coding schemes that
achieve the bound for some special cases, c. a new bound on minimum distance
for locally repairable codes, d. code construction for locally repairable codes
that attain the minimum distance bound, and e. repair-bandwidth-efficient
locally repairable codes with and without security constraints.Comment: Submitted to IEEE Transactions on Information Theor
- β¦