This preview shows pages 1–2. Sign up to view the full content.
This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: HAIL: A High-Availability and Integrity Layer for Cloud Storage Kevin D. Bowers RSA Laboratories Cambridge, MA, USA email@example.com Ari Juels RSA Laboratories Cambridge, MA, USA firstname.lastname@example.org Alina Oprea RSA Laboratories Cambridge, MA, USA email@example.com ABSTRACT We introduce HAIL (High-Availability and Integrity Layer), a dis- tributed cryptographic system that allows a set of servers to prove to a client that a stored file is intact and retrievable. HAIL strengthens, formally unifies, and streamlines distinct approaches from the cryp- tographic and distributed-systems communities. Proofs in HAIL are efficiently computable by servers and highly compacttypically tens or hundreds of bytes, irrespective of file size. HAIL crypto- graphically verifies and reactively reallocates file shares. It is ro- bust against an active, mobile adversary, i.e., one that may progres- sively corrupt the full set of servers. We propose a strong, formal adversarial model for HAIL, and rigorous analysis and parameter choices. We show how HAIL improves on the security and effi- ciency of existing tools, like Proofs of Retrievability (PORs) de- ployed on individual servers. We also report on a prototype imple- mentation. Categories and Subject Descriptors E.3 [ Data ]: [Data Encryption] General Terms Security Keywords Distributed storage systems, cloud storage, data availability, era- sure codes, proofs of retrievability 1. INTRODUCTION Cloud storage denotes a family of increasingly popular on-line services for archiving, backup, and even primary storage of files. Amazon S3  is a well known example. Cloud-storage providers offer users clean and simple file-system interfaces, abstracting away the complexities of direct hardware management. At the same time, though, such services eliminate the direct oversight of component reliability and security that enterprises and other users with high service-level requirements have traditionally expected. Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. CCS09, November 913, 2009, Chicago, Illinois, USA. Copyright 2009 ACM 978-1-60558-352-5/09/11 ...$10.00. To restore security assurances eroded by cloud environments, re- searchers have proposed two basic approaches to client verifica- tion of file availability and integrity. The cryptographic commu- nity has proposed tools called proofs of retrievability (PORs)  and proofs of data possession (PDPs) . A POR is a challenge- response protocol that enables a prover (cloud-storage provider) to demonstrate to a verifier (client) that a file F is retrievable, i.e., recoverable without any loss or corruption. The benefit of a PORrecoverable without any loss or corruption....
View Full Document
This note was uploaded on 01/27/2012 for the course CS 600 taught by Professor Smith,r during the Winter '08 term at Alabama.
- Winter '08