Presentation is loading. Please wait.

Presentation is loading. Please wait.

HAIL (High-Availability and Integrity Layer) for Cloud Storage Alina Oprea Joint with Kevin Bowers and Ari Juels RSA Laboratories.

Similar presentations


Presentation on theme: "HAIL (High-Availability and Integrity Layer) for Cloud Storage Alina Oprea Joint with Kevin Bowers and Ari Juels RSA Laboratories."— Presentation transcript:

1 HAIL (High-Availability and Integrity Layer) for Cloud Storage Alina Oprea Joint with Kevin Bowers and Ari Juels RSA Laboratories

2 2 Cloud Storage Provider Client Mostly static data: Back-up Archival Is my data available ? Storage server Web server Cloud storage

3 3 Proofs of Retrievability (PORs) Cloud Storage Provider Client F Encoding k Corrects small corruption

4 4 Proofs of Retrievability (PORs) Cloud Storage Provider Client F Challenge F k Response Requires integrity checks on server or client Detects large corruption

5 5 When PORs fail Cloud Storage Provider Client F F k ChallengeResponse decoder Unrecoverable

6 6 HAIL Goals Resilience against cloud provider failure or temporary unavailability –Amazon S3 went down several times, once for 8 hours –Linkup lost 45% of its customer data Use multiple cloud providers to construct a reliable cloud storage service out of unreliable components –RAID (Reliable Array of Inexpensive Disks) for cloud storage Provide clients verification capabilities –Efficient proofs of file availability by interacting with cloud providers

7 7 Replicate across multiple providers Amazon S3 GoogleEMC Atmos Client F Sample and check consistency across providers FF F Naïve approach

8 8 Roadmap Adversarial model for HAIL Small-corruption attack on replication scheme Encoding layer for each replica individually Reduce storage overhead by dispersal Increasing file lifetime with secret keys

9 9 Adversarial model Static: corrupts a fixed number b of the n total providers over time –Create enough redundancy in the file to handle this (b+1 replicas) –Is this realistic? Mobile (proactive): corrupts b out of n providers in each epoch –Separate each server into code base and storage base –At the beginning of an epoch code base of all servers is cleaned (through reboot, for instance) –All servers might have residual data corruption –Reactive design: check integrity and redistribute

10 10 Attack on replication scheme Amazon S3 GoogleEMC Atmos Client FFF The probability that client samples the corrupted block is low File can not be recovered after [n/b] epochs F F F

11 11 Replication with POR Amazon S3 GoogleEMC Atmos Client F F FF ECC POR Cons: requires integrity checks for each replica

12 12 Replication with POR Amazon S3 GoogleEMC Atmos Client Sample and check consistency across providers F FFF

13 13 Replication with POR Amazon S3 GoogleEMC Atmos Client F FFF Large storage overhead due to replication File lifetime still limited by [n/b] (є c / є d ) - є c correction threshold of POR encoding - є d detection threshold of POR єdєd єdєd >єc>єc >єc>єc Sample and check consistency across providers єdєd >єc>єc

14 14 Reduce storage overhead Client F dispersal F (n,m) decode n fragments m fragments

15 15 Dispersal code Client F dispersal (n,m) P1P1 P2P2 P3P3 P4P4 P5P5 F Dispersal code parity blocks

16 16 Dispersal code Client P1P1 P2P2 P3P3 P4P4 P5P5 Stripe Check that stripe is a codeword in dispersal code POR encoding to correct small corruption Dispersal code parity POR encoding F Dispersal code parity blocks How to increase file lifetime?

17 17 Increasing file lifetime with MACs Client P1P1 P2P2 P3P3 P4P4 P5P5 MAC Can we reduce storage overhead?

18 18 Integrity-protected dispersal code Client P1P1 P2P2 P3P3 P4P4 P5P5 Reed-Solomon dispersal code m h k 1 (m) UHF h k 2 (m) PRF +

19 19 Integrity-protected dispersal code Client P1P1 P2P2 P3P3 P4P4 P5P5 MACs embedded into parity symbols m PRF+

20 20 Current work and open problems Proofs of Retrievability –Lower bounds akin to Naor and Rothblum’s lower bounds for memory checking –What is the cost of file updates? HAIL –K. Bowers, A. Juels and A. Oprea – “HAIL (High-Availability and Integrity Layer) for Cloud Storage”, CCS 2009 –Different adversarial models –Investigate alternative constructions –Supporting file updates

21 21 Proofs of Retrievability (PORs) Cloud Storage Provider Client F Challenge F k A Response Requires integrity checks on server or client Detects large corruption

22 22 POR requirements Cloud Service Provider Client F F k Efficient file encoding Low storage overhead Low bandwidth for challenge and response Efficient proof construction and verification Efficient file recoverability [Juels, Kaliski 07] [Shacham, Waters 08] [Dodis et al. 09]

23 23 HAIL Client P1P1 P2P2 P3P3 P4P4 P5P5 F Reed-Solomon parity blocks Protects static files availability against mobile adversary POR encoding protects against small corruption

24 24 HAIL Client P1P1 P2P2 P3P3 P4P4 P5P5 Aggregates stripes for efficient integrity checking MACs embedded into parity symbols Periodic checking and reconstruction upon failure


Download ppt "HAIL (High-Availability and Integrity Layer) for Cloud Storage Alina Oprea Joint with Kevin Bowers and Ari Juels RSA Laboratories."

Similar presentations


Ads by Google