1,941 research outputs found
Secure Cooperative Regenerating Codes for Distributed Storage Systems
Regenerating codes enable trading off repair bandwidth for storage in
distributed storage systems (DSS). Due to their distributed nature, these
systems are intrinsically susceptible to attacks, and they may also be subject
to multiple simultaneous node failures. Cooperative regenerating codes allow
bandwidth efficient repair of multiple simultaneous node failures. This paper
analyzes storage systems that employ cooperative regenerating codes that are
robust to (passive) eavesdroppers. The analysis is divided into two parts,
studying both minimum bandwidth and minimum storage cooperative regenerating
scenarios. First, the secrecy capacity for minimum bandwidth cooperative
regenerating codes is characterized. Second, for minimum storage cooperative
regenerating codes, a secure file size upper bound and achievability results
are provided. These results establish the secrecy capacity for the minimum
storage scenario for certain special cases. In all scenarios, the achievability
results correspond to exact repair, and secure file size upper bounds are
obtained using min-cut analyses over a suitable secrecy graph representation of
DSS. The main achievability argument is based on an appropriate pre-coding of
the data to eliminate the information leakage to the eavesdropper
Security in Locally Repairable Storage
In this paper we extend the notion of {\em locally repairable} codes to {\em
secret sharing} schemes. The main problem that we consider is to find optimal
ways to distribute shares of a secret among a set of storage-nodes
(participants) such that the content of each node (share) can be recovered by
using contents of only few other nodes, and at the same time the secret can be
reconstructed by only some allowable subsets of nodes. As a special case, an
eavesdropper observing some set of specific nodes (such as less than certain
number of nodes) does not get any information. In other words, we propose to
study a locally repairable distributed storage system that is secure against a
{\em passive eavesdropper} that can observe some subsets of nodes.
We provide a number of results related to such systems including upper-bounds
and achievability results on the number of bits that can be securely stored
with these constraints.Comment: This paper has been accepted for publication in IEEE Transactions of
Information Theor
Optimal Locally Repairable and Secure Codes for Distributed Storage Systems
This paper aims to go beyond resilience into the study of security and
local-repairability for distributed storage systems (DSS). Security and
local-repairability are both important as features of an efficient storage
system, and this paper aims to understand the trade-offs between resilience,
security, and local-repairability in these systems. In particular, this paper
first investigates security in the presence of colluding eavesdroppers, where
eavesdroppers are assumed to work together in decoding stored information.
Second, the paper focuses on coding schemes that enable optimal local repairs.
It further brings these two concepts together, to develop locally repairable
coding schemes for DSS that are secure against eavesdroppers.
The main results of this paper include: a. An improved bound on the secrecy
capacity for minimum storage regenerating codes, b. secure coding schemes that
achieve the bound for some special cases, c. a new bound on minimum distance
for locally repairable codes, d. code construction for locally repairable codes
that attain the minimum distance bound, and e. repair-bandwidth-efficient
locally repairable codes with and without security constraints.Comment: Submitted to IEEE Transactions on Information Theor
Secure Partial Repair in Wireless Caching Networks with Broadcast Channels
We study security in partial repair in wireless caching networks where parts
of the stored packets in the caching nodes are susceptible to be erased. Let us
denote a caching node that has lost parts of its stored packets as a sick
caching node and a caching node that has not lost any packet as a healthy
caching node. In partial repair, a set of caching nodes (among sick and healthy
caching nodes) broadcast information to other sick caching nodes to recover the
erased packets. The broadcast information from a caching node is assumed to be
received without any error by all other caching nodes. All the sick caching
nodes then are able to recover their erased packets, while using the broadcast
information and the nonerased packets in their storage as side information. In
this setting, if an eavesdropper overhears the broadcast channels, it might
obtain some information about the stored file. We thus study secure partial
repair in the senses of information-theoretically strong and weak security. In
both senses, we investigate the secrecy caching capacity, namely, the maximum
amount of information which can be stored in the caching network such that
there is no leakage of information during a partial repair process. We then
deduce the strong and weak secrecy caching capacities, and also derive the
sufficient finite field sizes for achieving the capacities. Finally, we propose
optimal secure codes for exact partial repair, in which the recovered packets
are exactly the same as erased packets.Comment: To Appear in IEEE Conference on Communication and Network Security
(CNS
Generic Secure Repair for Distributed Storage
This paper studies the problem of repairing secret sharing schemes, i.e.,
schemes that encode a message into shares, assigned to nodes, so that
any nodes can decode the message but any colluding nodes cannot infer
any information about the message. In the event of node failures so that shares
held by the failed nodes are lost, the system needs to be repaired by
reconstructing and reassigning the lost shares to the failed (or replacement)
nodes. This can be achieved trivially by a trustworthy third-party that
receives the shares of the available nodes, recompute and reassign the lost
shares. The interesting question, studied in the paper, is how to repair
without a trustworthy third-party. The main issue that arises is repair
security: how to maintain the requirement that any colluding nodes,
including the failed nodes, cannot learn any information about the message,
during and after the repair process? We solve this secure repair problem from
the perspective of secure multi-party computation. Specifically, we design
generic repair schemes that can securely repair any (scalar or vector) linear
secret sharing schemes. We prove a lower bound on the repair bandwidth of
secure repair schemes and show that the proposed secure repair schemes achieve
the optimal repair bandwidth up to a small constant factor when dominates
, or when the secret sharing scheme being repaired has optimal rate. We
adopt a formal information-theoretic approach in our analysis and bounds. A
main idea in our schemes is to allow a more flexible repair model than the
straightforward one-round repair model implicitly assumed by existing secure
regenerating codes. Particularly, the proposed secure repair schemes are simple
and efficient two-round protocols
- β¦