Secure File Sharing Presented by Vishal Kher February 13, 2004.

Slides:

Advertisements

Similar presentations

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Advertisements

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Peer-to-Peer (P2P) Distributed Storage 1Dennis Kafura – CS5204 – Operating Systems.

SUNDR: Secure Untrusted Data Repository

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Csci5233 Computer Security1 Bishop: Chapter 10 (Cont.) Key Management: Certificates.

Cryptographic Security Presented by: Josh Baker October 9 th, CS5204 – Operating Systems.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

DESIGNING A PUBLIC KEY INFRASTRUCTURE

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

CSCI283 Fall 2005 GWU All slides from Bishop’s slide set Public Key Infrastructure (PKI)

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Online Security Tuesday April 8, 2003 Maxence Crossley.

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

PRIAM: PRivate Information Access Management on Outsourced Storage Service Providers Mark Shaneck Karthikeyan Mahadevan Jeff Yongdae Kim.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

Secure File Storage Nathanael Paul CRyptography Applications Bistro March 25, 2004.

Key Management in Cryptography

Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

Page 1 Sandboxing & Signed Software Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.

CSCI 6962: Server-side Design and Programming

Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

Java Security Pingping Ma Nov 2 nd, Overview Platform Security Cryptography Authentication and Access Control Public Key Infrastructure (PKI)

Cryptography, Authentication and Digital Signatures

Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

XMPP Concrete Implementation Updates: 1. Why XMPP 2 »XMPP protocol provides capabilities that allows realization of the NHIN Direct. Simple – Built on.

Module 9: Fundamentals of Securing Network Communication.

Compliance Defects in Public- key Cryptography “ A public-key security system trusts its users to validate each others’s public keys rigorously and to.

Strong Security for Distributed File Systems Group A3 Ka Hou Wong Jahanzeb Faizan Jonathan Sippel.

1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

The TAOS Authentication System: Reasoning Formally About Security Brad Karp UCL Computer Science CS GZ03 / M th November, 2008.

Digital Signatures, Message Digest and Authentication Week-9.

1 Network Security Lecture 7 Overview of Authentication Systems Waleed Ejaz

Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.

1 Kerberos – Private Key System Ahmad Ibrahim. History Cerberus, the hound of Hades, (Kerberos in Greek) Developed at MIT in the mid 1980s Available as.

Decentralized authorization and data security in web content delivery * Danfeng Yao (Brown University, USA) Yunhua Koglin (Purdue University, USA) Elisa.

Security fundamentals Topic 5 Using a Public Key Infrastructure.

Data Integrity Proofs in Cloud Storage Author: Sravan Kumar R and Ashutosh Saxena. Source: The Third International Conference on Communication Systems.

© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.

Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy

Peer-to-Peer (P2P) File Systems. P2P File Systems CS 5204 – Fall, Peer-to-Peer Systems Definition: “Peer-to-peer systems can be characterized as.

This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.

1 Example security systems n Kerberos n Secure shell.

Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.

INFSO-RI Enabling Grids for E-sciencE Sofia, 17 March 2009 Security, Authentication and Authorisation Mike Mineter Training, Outreach.

Security Outline Encryption Algorithms Authentication Protocols

CompTIA Security+ Study Guide (SY0-501)

Peer-to-Peer (P2P) File Systems

Peer-to-Peer Storage Systems

Verifiable Attribute Based Keyword Search with Fine-Grained Owner-Enforced Search Authorization in the Cloud They really need a shorter title.

National Trust Platform

Presentation transcript:

Secure File Sharing Presented by Vishal Kher February 13, 2004

2 References  E.-J. Goh, et al. SiRiUS: Securing Remote Untrusted Storage. In Proceedings of NDSS  M. Kallahalla, et al. Plutus scalable secure file sharing on untrusted storage. FAST 2003.

3 Outline  SiRiUS  Plutus  Comparison

4 Goals  System should be easy to install and use  No changes to file server  Secure file sharing –Confidentiality and integrity Data as well as meta-data –Key management –Read and read-write distinction –Freshness Meta-data

5 Assumptions  Untrusted File Server  File sharing for small groups  Trusted client machine  Presence of PKI or similar infrastructure

6 System Components d-fileData File md-fileMeta-data file FEKFile encryption key (symmetric key per file) FSKFile Signing Key (asymmetric) MEK, MSKFile owner’s encryption and signing key (asymmetric) md  -file Meta-data integrity file P U, S U Public and private key of user

7 File Structure E FEK (D)SIG FSK (H(D)) d-file Encrypted Key Block (users) Encrypted Key Block […] Public Key for FSK Metadata Last modified TS File name SIG MSK on md-file md-file Username FEK FSK Username FEK E PU Prevent swapping attacks

8 Freshness of md-file  File residing in user’s home dir belong to user  Creation –Hash all md-files and store the final hash in md  -file –Concat hash of md-files in a dir to md  -file of subdir –Sign the final hash (root level) along with timestamp and place in root md  -file  Update –The owner’s client updates after some time interval  Verification –Walk up the tree

9 Write  Assume owner updated the access control info  Write –Obtain md-file, verify signature on md-file –Obtain FEK and FSK –Obtain d-file and verify signature using pub key of FSK –Decrypt data –Encrypt modified data with FEK, hash sign using FSK –Rewrite the d-file  Dumb – sequential –Extension talks about random read and write

10 Read and Rename  Assume owner updated the access control info  Read –Obvious from previous description  Rename –Require updating the hash tree and md  -file

11 Key Management and Revocation  Key Management –Owner manages keys –User needs MEK and MSK  Revocation –Nothing special –User updates FEK and meta-data –Re-encrypts file

12 Performance

13 Discussion (1)  Roll-back –No data freshness –Replace current d-file with a valid old version  No suitable for large scale file sharing  Owner performs all the key management –Good for P2P  Huge performance overhead –Can further reduce some number of signatures  Storage overhead

14 Discussion (2)  Change of user’s public keys – Contact the owners of every file Keep/ search a list of these files –Do file owners have to figure this out?  Where should the keys be stored? –Smartcard –Encrypted using pass phrase Hassle to user How can they be accessed seamlessly?

15 Extensions  Random Access –Each block encrypted with AES, CBC with different random iv  Encrypt pathname using FEK –ls command will require all FEKs + decryption!  Large scale group scaling using NNL DB1SIG MSK DBnH(DB)n ….

16 Outline  SiRiUS  Plutus  Comparison

17 Goals  Low cryptographic overhead in file server  File server unaware of user’s identity  Secure file sharing –Decentralized Key management Completely pushed to users –Confidentiality and integrity Data and meta-data –Authorization Read and read-write distinction

18 Assumptions  Untrusted storage  Trusted client machine  User’s authenticate each other before obtaining keys over a secure channel –Key management is handled by users  Communications are secure

19 File Groups and Lock Box  Filegroup is a group of files with same privileges –Owned by same {owner, group}, have same permissions –Reduce the number of keys  Lock Box –Box with a lock that holds a bunch of keys –Need key to the box to access the stored keys

20 System Overview (1)  Each file block is encrypted with a different key –fileblock key  Every filegroup has a lockbox –Lockbox stores all file-block keys of files belonging to that filegroup –Associated with lockbox is a lockbox-key (symmetric) Encrypts file-block keys Owner distributes lockbox-keys to readers and writers  Reader writer distinction –Asymmetric keys: file-sign key, file-verify key

21 System Overview (2)  Integrity of data file –Writer hashes all data blocks of the file and signs the root using file-sign key  Confidentiality of meta-data –Encrypt names of files in dir using file-name key –Encrypt filegroup names using file-group key

22 File Structure E foo-key (foo) E bar-key (bar) E tmp-key (tmp) header E B-key (filegroupB) header E A-key (filegroupA) Inode 1 block 1 Inode 2 block 2 Inode 3 block 3 H(block 1) K file-block1 Root hash + sign Inode 1 header Using file-sign key for filegroupB File foo

23 Read  Reader wants to access foo  Browse to obtain name of the owner of foo  Contact owner for: –file-verify key, file-lockbox key –Verify the signature on root using file-verify key –Decrypt lockbox using file-lockbox key and fetch file-block keys –Decrypt file foo

24 Write  Reader wants to access foo  Contact owner for: –file-sign and verify key, file-lockbox key –Generates file-block keys –Encrypt blocks –Store lockbox and file blocks –Calculate hash tree, sign root, write the tree with sign  But… How to authenticate writers –Token per file group –Hash(Token, F) is stored in inode –Server verifies tokens before allowing writes

25 Revocation  Lazy revocation –Changes keys –Owner immediately updates meta-data –Mark file for re-encryption –Re-encrypt only on updated  File-groups –Same key multiple files  On write following revocation –key for re-encrypted file different!

26 Key Rotation  Every key has version numbers  Readers and writers should check the version before using the keys

27 Discussion  Total trust on insiders. –No notion of identity on the server –any authorized user can change and sign the data – Will the readers be able to track who changed it?  The owner will have to be online to distribute keys  Burden on owners –Good for P2P –How about enterprise?

28 Comparison Role of server Verify writesStore data (unmodified) PlutusSiRiUS File sharingDynamicStatic: A user cannot create file User’s identityHiddenIncluded in meta-data Key distributionDone by owner to userOwner puts the appropriate keys in the meta-data Hash treeUpdate by writer Includes data blocks Periodic update by owner Only includes meta-data RevocationLazy + key rotationNothing special Number of KeysLess: File groupsOne per user ScalabilityMore scalableLess scalable

29 Comments Thank You