Download presentation
Presentation is loading. Please wait.
1
Sindhusha Doddapaneni 009268103
CloudStash: Using Secret-Sharing Scheme to Secure Data, Not Keys, in Multi Clouds Sindhusha Doddapaneni
2
Paper 1: CloudStash: Using Secret-Sharing Scheme to Secure Data, Not Keys, in Multi Clouds
Authors: Alsolami, Fahad; Boult, Terrance E. University: University of Colorado at Colorado Springs, Department Of Computer Science Presented at : Information Technology: New Generations (ITNG), th International Conference on 7-9 April 2014. Publication Year: 2014 Publisher : IEEE
3
Overview Introduction CloudStash Scheme Objectives
Design and Algorithm analysis Implementation Evaluation Conclusion
4
Introduction In Cloud Storage, Security and Key management are highlighted concerns. Problem: Managing/protecting keys CloudStash schema: A System that applied the secret sharing schema directly on the file to store multi- shares of a file into multi-clouds. To improve confidentiality , availability, performance and fault tolerance CloudStash splits a files into multi-shares of secret and distributing these multi-shares into multi-clouds simultaneously where threshold shares are required to reconstruct a file.
5
Introduction First, CloudStash provides confidentiality by applying secret sharing schema directly on a file that is split into multi-shares. Second, CloudStash provides performance by using multi-threading to manage multi shares into multi clouds in parallel. Third, CloudStash provides availability by distributing multi-shares over multi-clouds and not depending on single cloud’s availability. Finally CloudStash provides fault tolerance by hashing and signing each share and distributing these multi-shares into multi-clouds.
6
CloudStash schema objectives
Existing approaches: 1. In single cloud environment, if an attacker compromises the cloud, the attacker can get the whole encrypted file and can run brute force attack trying to break the weak keys encryption. 2. In previous multi-cloud approaches, if an attacker compromises the cloud, part of data can be obtained.
7
CloudStash schema objectives
However, In CloudStash, an attacker cannot obtain any information unless he can compromise all the clouds and get the threshold shares. Features: Confidentiality Avoid Key Management issues Performance Integrity Fault Tolerance
8
Design and Algorithm Analysis
Two Operations: Upload Operation Download Operation
9
Architecture of CloudStash and Baseline in uploading operation
10
Architecture of CloudStash and Baseline in downloading operation
11
Implementation Baseline Setup:
Step1: Upload a file using Symmetric algorithm AES for encryption, SHA512 for hashing and RSA for signature on whole file( File without splitting ). Step2: Split the key into shares using secret sharing schema. Step3: Each cloud storage system is stored with one file along with one share of a key. Step4: Downloaded a file from one cloud storage then download the two key shares from two cloud storages. Step5: Computation of two shares of key and decrypt the file
12
Implementation CloudStash Setup:
Step1: Instead of using key to split the file into multi-shares, CloudStash algorithm uses secret sharing schema directly on the file. Step2: Uses SHA512 for Hashing, RSA for signature on each share. Step 3: During upload, multi threading is used to upload multi-shares in parallel into cloud storages. Step 4: During download, Multithreading is used to download two shares from two cloud storages that the threshold shares. Step 5: Computing two shares to reconstruct the file back.
13
Evaluation Goal: To prove that applying the secret share schema directly on files cost less than performing encryption on files and then applying secret sharing schema. Evaluation: Check for the computation time of upload and download operation of Baseline and CloudStash.
14
Conclusion CloudStash shows significant performance improvement in addition to security improvements and fault tolerance. CloudStash also addressed insider/brute force attacks.
15
Future Work In future work,
Instead of using RSA for signature, we can use ECDSA(Elliptic Curve Digital Signature Algorithm) for digital signature to increase performance. Other future work is to find out an alternate method or algorithm for CloudStash system to support large files (file size >40MB ) for Secret Sharing Schema. I will read more IEEE papers regarding Multi Cloud storage for data security.
16
Thank You
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.