store forget check using algebraic signatures to check
play

Store, Forget & Check: Using Algebraic Signatures to Check - PowerPoint PPT Presentation

Mar 26, 2024 •308 likes •759 views

Store, Forget & Check: Using Algebraic Signatures to Check Remotely Administered Storage Ethan L. Miller & Thomas J. E. Schwarz Storage Systems Research Center University of California, Santa Cruz Whats the problem? Systems

  1. Store, Forget & Check: Using Algebraic Signatures to Check Remotely Administered Storage Ethan L. Miller & Thomas J. E. Schwarz Storage Systems Research Center University of California, Santa Cruz

  2. What’s the problem? • Systems store data on remote nodes • Remote nodes may not be trustworthy • Data owner must check to ensure that data is really stored • Two current approaches: • Read data from multiple sites and check for consistency • Generate checksum remotely and compare to checksum of local data • We developed an efficient algorithm that does not require keeping a local copy of the data 2

  3. Internet storage: backup • Participants in the scheme offer limited storage on their machine in exchange for storing their own data • Data protected using parity or redundancy • Extra blocks calculated using m/n redundancy codes • Generate n blocks • Require any m of the blocks to rebuild the data • Many known mechanisms for m/n codes • Linear interpolation • XOR and Galois field-based • Participants need to be able to verify that other nodes are doing their part... 3

  4. Storage Service Providers • Storage utility provides remotely managed storage • Client sends data to the SSP • Client retrieves data as needed • Trust issue: how can client tell if SSP is doing its job? • Read data, check (public key-based) signature • Read data, decrypt, check secure hash and object ID • SafeStore does something like this • Other approaches that don’t use network bandwidth? 4

  5. Peer-to-peer file systems • Farsite: uses free space on workstations within an organization • Freehaven: anonymity of storer • OceanStore • “Billions of users” • Byzantine fault tolerance, k-availability through erasure- codes • PAST • Users can store files up to their quota • Provides k-availability through replication • CFS, Intermemory, Ivy, Starfish, … 5

  6. Common challenges • Storage nodes cannot be trusted • Storage nodes might lack high uplink bandwidth • Storage nodes might have low availability • Free Rider problem • Node pretends to store data • In reality, uses replicas (or protection against unavailability mechanism) to fetch requested file from elsewhere • Gains the benefits of participation without providing storage 6

  7. Terribly naïve algorithm • Maintain local copy of data • Periodically request blocks of data and compare to the local copy • Problems • Very bandwidth-intensive • Can’t check much data • Need to keep the original! 7

  8. Terribly naïve algorithm • Maintain local copy of data • Periodically request blocks of data and compare to the local copy • Problems • Very bandwidth-intensive • Can’t check much data • Need to keep the original! 7

  9. Terribly naïve algorithm • Maintain local copy of data • Periodically request blocks of data and compare to the local copy • Problems • Very bandwidth-intensive • Can’t check much data • Need to keep the original! ≟ 7

  10. Verification: existing algorithm • Periodically, verify random blocks • Compute function across the blocks ( m/n coding) • Alternative: verify keyed hash stored with the block • Problems: • Need to transfer entire block • Taxes network with diagnostic data • Peers often have asymmetric Internet connections • Leaks information heavily 8

  11. Verification: existing algorithm • Periodically, verify random blocks • Compute function across the blocks ( m/n coding) • Alternative: verify keyed hash stored with the block • Problems: • Need to transfer entire block • Taxes network with diagnostic data • Peers often have asymmetric Internet connections • Leaks information heavily 8

  12. Verification: existing algorithm • Periodically, verify random blocks • Compute function across the blocks ( m/n coding) • Alternative: verify keyed hash stored with the block • Problems: • Need to transfer entire block • Taxes network with diagnostic data • Peers often have asymmetric Internet connections • Leaks information heavily ⊕ ⊕ 8

  13. Verification: existing algorithm • Periodically, verify random blocks • Compute function across the blocks ( m/n coding) • Alternative: verify keyed hash stored with the block • Problems: • Need to transfer entire block • Taxes network with diagnostic data • Peers often have asymmetric Internet connections • Leaks information heavily ≟ ⊕ ⊕ 8

  14. Verification using algebraic signatures • Solution: use checksums? • Cryptographic checksums (like SHA-1) won’t work for randomly selected ranges • Requires original data for comparison • Our scheme • Uses small challenges and responses • Allows unpredictable tests • Free rider can’t just store the answer to all possible challenges (with any storage benefit) • Verifies that all remote chunks are consistent with each other • Requires that parity is calculated with an XOR code, a linear m/n code, or a convolutional code • Examples: X-code, EvenOdd, row-diagonal parity, linear codes over a Galois field 9

  15. What is a Galois field? • Simple answer: • Calculations on a set of symbols • A field called GF(2 n ) uses n -bit symbols • Two kinds of operations • Addition (done by XOR) • Multiplication (more complex, done by tables) • Complex answer: • Galois fields are math done using the coefficients of polynomial equations • Often, coefficients are represented in base-2 • Galois field using polynomials with maximum degree n and base-2 coefficients are called GF(2 n ) • This answer explains how the addition and multiplication tables are generated 10

  16. What is an algebraic signature? • Digital hash with algebraic properties • Important properties: • Small changes in data result in complete change of signature • Signature of parity is parity of signatures D 1 D 2 D 3 D m P 1 P 2 P 3 P k ••• ••• (sig(D 1 ),sig(D 2 ),sig(D 3 ), … sig(D m ), sig(P 1 ),sig(P 2 ),sig(P 3 )…sig(P k )) is a codeword! 11

  17. Algebraic signatures • Defined over same Galois field as the linear m/n code • Use “primitive” element a • All non-zero elements are powers of a • Consists of n coordinates • Additional properties if a i = a i • Coordinate signature defined by 12

  18. Algebraic signatures • Algebraic properties • Assume that X and Y are large data objects: • sig(X ⊕ Y) = sig(X) ⊕ sig(Y) • sig( β ⋅ X) = β ⋅ sig(X) • Multiplication is in the Galois field of the signature calculation • Signatures and parity formation commute • Signatures can be updated from the old signature and the signature of the delta (XOR) between old and new data • Signature calculation is fast ! • Hundreds of megabytes per second on a modern CPU • Speed limited by disk bandwidth 13

  19. Our algorithm D 1 D 2 D 3 P • Store data across distributed system • Challenge sites to prove that they hold the data • Sites respond with the signatures of requested data • Sites reveal tiny amount of information: size of signature • Challenger verifies that the signatures are consistent 14

  20. Our algorithm D 1 D 2 D 3 P • Store data across distributed system • Challenge sites to prove that they hold the data • Sites respond with the signatures of requested data • Sites reveal tiny amount of information: size of signature • Challenger verifies that the Calculate signature of 32 byte signatures are consistent ranges at 4+ i × 71, i = 5,…,20 14

  21. Our algorithm D 1 D 2 D 3 P • Store data across distributed system • Challenge sites to prove that they hold the data • Sites respond with the signatures of requested data • Sites reveal tiny amount of information: size of signature • Challenger verifies that the Calculate signature of 32 byte signatures are consistent ranges at 4+ i × 71, i = 5,…,20 14

  22. Our algorithm D 1 D 2 D 3 P • Store data across distributed system • Challenge sites to prove that they hold the data • Sites respond with the signatures of requested sig 1 data • Sites reveal tiny amount of information: size of signature • Challenger verifies that the Calculate signature of 32 byte signatures are consistent ranges at 4+ i × 71, i = 5,…,20 14

  23. Our algorithm D 1 D 2 D 3 P • Store data across distributed system • Challenge sites to prove that they hold the data • Sites respond with the signatures of requested sig 1 sig 2 sig 3 sig p data • Sites reveal tiny amount of information: size of signature • Challenger verifies that the Calculate signature of 32 byte signatures are consistent ranges at 4+ i × 71, i = 5,…,20 14

  24. Our algorithm D 1 D 2 D 3 P • Store data across distributed system • Challenge sites to prove that they hold the data • Sites respond with the signatures of requested sig 1 sig 2 sig 3 sig p data • Sites reveal tiny amount of information: size of signature • Challenger verifies that the signatures are consistent 14

  25. Our algorithm D 1 D 2 D 3 P • Store data across distributed system • Challenge sites to prove that they hold the data • Sites respond with the signatures of requested sig 1 sig 2 sig 3 sig p data • Sites reveal tiny amount of information: size of signature • Challenger verifies that the signatures are consistent sig 1 ⊕ sig 2 ⊕ sig 3 ≟ sig P 14

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

STUDENTS PARENTS 8:45-9:05 Check in 8:45-9:05 Check in 9:05-9:20

STUDENTS PARENTS 8:45-9:05 Check in 8:45-9:05 Check in 9:05-9:20

STUDENTS PARENTS 8:45-9:05 Check in 8:45-9:05 Check in 9:05-9:20 School Tour 9:05-9:15 PTA 9:25-12:00 Breakout 9:15-9:11:30 Sessions Transition to middle school information session

572 views • 54 slides
Check in, Before they Check out. + 1-855-255-2005 126 York, Unit 301, Ottawa

Check in, Before they Check out. + 1-855-255-2005 126 York, Unit 301, Ottawa

Check in, Before they Check out. + 1-855-255-2005 126 York, Unit 301, Ottawa www.helixforhotels.com info@micrometrics.com Hotels struggle to influence guest experience KPIs and online reputation as their teams rely on ineffective methods

365 views • 8 slides
La Vie en Rouge checkbooks Just choose a check, give it away, and wait for him or her to cash

La Vie en Rouge checkbooks Just choose a check, give it away, and wait for him or her to cash

Tie Sexiest Way To Pay Your Debts! Introducing a new line of products to help you enjoy life and forget all those hangups. A different, fun and sexy idea La Vie en Rouge checkbooks Just choose a check, give it away, and wait for him or her

439 views • 5 slides
MULTIPLICATION TABLES CHECK (MTC) WHAT WE KNOW The Multiplication Tables Check (MTC) was

MULTIPLICATION TABLES CHECK (MTC) WHAT WE KNOW The Multiplication Tables Check (MTC) was

MULTIPLICATION TABLES CHECK (MTC) WHAT WE KNOW The Multiplication Tables Check (MTC) was officially announced by the Department for Education (DfE) in September 2017. It will be administered for children in Year 4, starting in the

526 views • 7 slides
BGP Integrity Check using IRR draft-kengo-bgp-integrity-check-00.txt Kengo Nagahashi

BGP Integrity Check using IRR draft-kengo-bgp-integrity-check-00.txt Kengo Nagahashi

BGP Integrity Check using IRR draft-kengo-bgp-integrity-check-00.txt Kengo Nagahashi <kenken@sfc.wide.ad.jp> Keio University, Japan 1 Motivation Multiple Origin ASes are often observed Most of them are severe Filtering by

351 views • 7 slides
Year 1 Phonics Screening Check Phonics Screening Check All schools have to administer a

Year 1 Phonics Screening Check Phonics Screening Check All schools have to administer a

Year 1 Phonics Screening Check Phonics Screening Check All schools have to administer a phonics screening check to children in Year 1. The phonics check is written by the Department for Education. A new check is delivered to schools

425 views • 17 slides
check your life - check your drugs IDC Integrated Drug Checking: more than just analysis by

check your life - check your drugs IDC Integrated Drug Checking: more than just analysis by

check your life - check your drugs IDC Integrated Drug Checking: more than just analysis by Constanze Nagy Recreational drug use in Luxemburg and across Europe, September 30th, 2015 checkyourdrugs.at Short introduction of checkit!

917 views • 33 slides
1. Welcome & Session Explanation 1. Sound Check, M aterial Check 2. Broad Personal Goal:

1. Welcome & Session Explanation 1. Sound Check, M aterial Check 2. Broad Personal Goal:

1. Welcome & Session Explanation 1. Sound Check, M aterial Check 2. Broad Personal Goal: Share my experience teaching basic musicianship to students with learning differences. 3. Title: Divine Design= After 6 long years of building a

575 views • 30 slides
Marshal Agenda Introduction Check Starter Marshal Introduction Swimming Official

Marshal Agenda Introduction Check Starter Marshal Introduction Swimming Official

Check Starter Marshal Agenda Introduction Check Starter Marshal Introduction Swimming Official CHECK STARTER Function? IMPORTANCE OF THE CHECK STARTER Swimmers in correct starting positions, in timely manner A smooth,

709 views • 69 slides
Check 1 Check 2 What an Employer Needs to Know About Employee Background Checks James R.

Check 1 Check 2 What an Employer Needs to Know About Employee Background Checks James R.

Check 1 Check 2 What an Employer Needs to Know About Employee Background Checks James R. Hammerschmidt, Esq. Ethan L. Don, Esq. 1 Overview Introduction to criminal background and credit checks and the benefits and concerns they

561 views • 23 slides
Blueberry Apartments Your Overview & City Guide Check Out before 10.00am Check In after

Blueberry Apartments Your Overview & City Guide Check Out before 10.00am Check In after

Blueberry Apartments Your Overview & City Guide Check Out before 10.00am Check In after 2.00pm Annette Zivkovic PH: (02) 6583 3266 Blueberry Apartments in a quiet Welcome to residential setting so close to all Port Macquarie has to

406 views • 7 slides
Check & Connect An evidence-based comprehensive student engagement model Check & Connect

Check & Connect An evidence-based comprehensive student engagement model Check & Connect

Check & Connect An evidence-based comprehensive student engagement model Check & Connect Overview Check & Connect is a structured mentoring intervention to promote student success and engagement at school and with learning

529 views • 11 slides
FUNDRAISING LIL SHOPPERS SHOPPE SCHOOL SPIRIT CHECK US OUT ONLINE Check us out online:

FUNDRAISING LIL SHOPPERS SHOPPE SCHOOL SPIRIT CHECK US OUT ONLINE Check us out online:

FUNDRAISING LIL SHOPPERS SHOPPE SCHOOL SPIRIT CHECK US OUT ONLINE Check us out online: www.gntinc.com BetterWorldFundraising.com Owned & Operated by the same family. Serving schools and organizations for over 38 years!

254 views • 22 slides
Check-in/Check-out Susan Barrett sbarrett@pbismaryland.org Organizer Overview of targeted

Check-in/Check-out Susan Barrett sbarrett@pbismaryland.org Organizer Overview of targeted

Check-in/Check-out Susan Barrett sbarrett@pbismaryland.org Organizer Overview of targeted interventions Summary of CICO Using CICO data for decision-making Possible Pitfalls: Things to plan for Success what next Core

794 views • 37 slides
Starts Natalie Sinn Melges MC promo E scow example start - Check weather - Check Yourself:

Starts Natalie Sinn Melges MC promo E scow example start - Check weather - Check Yourself:

Starts Natalie Sinn Melges MC promo E scow example start - Check weather - Check Yourself: Warm-up, 1+ hours before Countdown watch, polarized sunglasses, hat/visor, the start sunscreen, layers, water bottle, snack, VHF radio On dry

392 views • 12 slides
Interactive Preview v1.6 E-Verify Self Check Interactive Preview The intent of this Preview is

Interactive Preview v1.6 E-Verify Self Check Interactive Preview The intent of this Preview is

Start Start Interactive Preview v1.6 E-Verify Self Check Interactive Preview The intent of this Preview is to provide an understanding of how a user will experience the E-Verify Self Check service. The Self Check Process Self Check While

581 views • 44 slides
Short-term Linkable Group Signatures with Categorized Batch Verification Lukas Malina 1 , Jordi

Short-term Linkable Group Signatures with Categorized Batch Verification Lukas Malina 1 , Jordi

Short-term Linkable Group Signatures with Categorized Batch Verification Lukas Malina 1 , Jordi Castella-Roc` a 2 , Arnau Vives-Guasch 2 , Jan Hajny 1 1 Department of Telecommunications Faculty of Electrical Engineering and Communication Brno

432 views • 20 slides
Lattice Attacks against Elliptic-Curve Signatures with Blinded Scalar Multiplication Dahmun

Lattice Attacks against Elliptic-Curve Signatures with Blinded Scalar Multiplication Dahmun

Lattice Attacks against Elliptic-Curve Signatures with Blinded Scalar Multiplication Dahmun Goudarzi, Matthieu Rivain, Damien Vergnaud SAC 2016, 12 Aug, St. Johns Outline EC signature schemes based on random nonces computed from [ k ]

696 views • 52 slides
Message Authentication Codes Digital Signatures Lecture 11 Shafi Goldwasser Authentication

Message Authentication Codes Digital Signatures Lecture 11 Shafi Goldwasser Authentication

Message Authentication Codes Digital Signatures Lecture 11 Shafi Goldwasser Authentication Problem Bob Alice k k message M Eve is Active: Can alter messages Can insert new messages Authentication Problem Secrecy is not the only

553 views • 37 slides
Preview question Which of the following would have to be completely abandoned if scalable quantum

Preview question Which of the following would have to be completely abandoned if scalable quantum

Preview question Which of the following would have to be completely abandoned if scalable quantum computers become widely available? CSci 5271 A. one-time pads Introduction to Computer Security Crypto and protocols combined slides B. RSA

674 views • 9 slides
Sublinear Algorithms Lecture 6 Sofya Raskhodnikova Penn State University Thanks to Madhav Jha

Sublinear Algorithms Lecture 6 Sofya Raskhodnikova Penn State University Thanks to Madhav Jha

Sublinear Algorithms Lecture 6 Sofya Raskhodnikova Penn State University Thanks to Madhav Jha (Penn State) for help with creating these slides. 1 Communication Complexity A Method for Proving Lower Bounds [Blais Brody Matulef 11 ] Use known

551 views • 27 slides
SML Modules and Abstract Data Types (ADTs) Hiding implementa-on details is the most important

SML Modules and Abstract Data Types (ADTs) Hiding implementa-on details is the most important

Overview of Modules and ADTs SML Modules and Abstract Data Types (ADTs) Hiding implementa-on details is the most important strategy for wriCng correct, robust, reusable soEware. Topics: These slides are lightly edited versions of Ben Woods

442 views • 8 slides
Asymmetric Message Franking Content Moderation for Metadata-Private End-to-End Encryption Nirvan

Asymmetric Message Franking Content Moderation for Metadata-Private End-to-End Encryption Nirvan

Asymmetric Message Franking Content Moderation for Metadata-Private End-to-End Encryption Nirvan Tyagi Paul Grubbs Julia Len Ian Miers Tom Ristenpart CRYPTO 2019 1 Setting: End-to-end encrypted messaging Hello From: Alice To: Bob

1k views • 75 slides
From Declarative Signatures to Misuse IDS 4th International Symposium on Recent Advances in

From Declarative Signatures to Misuse IDS 4th International Symposium on Recent Advances in

From Declarative Signatures to Misuse IDS 4th International Symposium on Recent Advances in Intrusion Detection (RAID'01) October 10-12, 2001 - Davis, CA, USA Jean-Philippe P OUZOL Mireille D UCASS IRISA / INSA de Rennes (France)

412 views • 24 slides

More recommend