Presentation is loading. Please wait.

Presentation is loading. Please wait.

Sindhusha Doddapaneni

Published byJemima Rose Modified over 6 years ago

Similar presentations

Presentation on theme: "Sindhusha Doddapaneni"— Presentation transcript:

1 Sindhusha Doddapaneni 009268103
CloudStash: Using Secret-Sharing Scheme to Secure Data, Not Keys, in Multi Clouds Sindhusha Doddapaneni

2 Paper 1: CloudStash: Using Secret-Sharing Scheme to Secure Data, Not Keys, in Multi Clouds
Authors: Alsolami, Fahad; Boult, Terrance E. University: University of Colorado at Colorado Springs, Department Of Computer Science Presented at : Information Technology: New Generations (ITNG), th International Conference on 7-9 April 2014. Publication Year: 2014 Publisher : IEEE

3 Overview Introduction CloudStash Scheme Objectives
Design and Algorithm analysis Implementation Evaluation Conclusion

4 Introduction In Cloud Storage, Security and Key management are highlighted concerns. Problem: Managing/protecting keys CloudStash schema: A System that applied the secret sharing schema directly on the file to store multi- shares of a file into multi-clouds. To improve confidentiality , availability, performance and fault tolerance CloudStash splits a files into multi-shares of secret and distributing these multi-shares into multi-clouds simultaneously where threshold shares are required to reconstruct a file.

5 Introduction First, CloudStash provides confidentiality by applying secret sharing schema directly on a file that is split into multi-shares. Second, CloudStash provides performance by using multi-threading to manage multi shares into multi clouds in parallel. Third, CloudStash provides availability by distributing multi-shares over multi-clouds and not depending on single cloud’s availability. Finally CloudStash provides fault tolerance by hashing and signing each share and distributing these multi-shares into multi-clouds.

6 CloudStash schema objectives
Existing approaches: 1. In single cloud environment, if an attacker compromises the cloud, the attacker can get the whole encrypted file and can run brute force attack trying to break the weak keys encryption. 2. In previous multi-cloud approaches, if an attacker compromises the cloud, part of data can be obtained.

7 CloudStash schema objectives
However, In CloudStash, an attacker cannot obtain any information unless he can compromise all the clouds and get the threshold shares. Features: Confidentiality Avoid Key Management issues Performance Integrity Fault Tolerance

8 Design and Algorithm Analysis
Two Operations: Upload Operation Download Operation

9 Architecture of CloudStash and Baseline in uploading operation

10 Architecture of CloudStash and Baseline in downloading operation

11 Implementation Baseline Setup:
Step1: Upload a file using Symmetric algorithm AES for encryption, SHA512 for hashing and RSA for signature on whole file( File without splitting ). Step2: Split the key into shares using secret sharing schema. Step3: Each cloud storage system is stored with one file along with one share of a key. Step4: Downloaded a file from one cloud storage then download the two key shares from two cloud storages. Step5: Computation of two shares of key and decrypt the file

12 Implementation CloudStash Setup:
Step1: Instead of using key to split the file into multi-shares, CloudStash algorithm uses secret sharing schema directly on the file. Step2: Uses SHA512 for Hashing, RSA for signature on each share. Step 3: During upload, multi threading is used to upload multi-shares in parallel into cloud storages. Step 4: During download, Multithreading is used to download two shares from two cloud storages that the threshold shares. Step 5: Computing two shares to reconstruct the file back.

13 Evaluation Goal: To prove that applying the secret share schema directly on files cost less than performing encryption on files and then applying secret sharing schema. Evaluation: Check for the computation time of upload and download operation of Baseline and CloudStash.

14 Conclusion CloudStash shows significant performance improvement in addition to security improvements and fault tolerance. CloudStash also addressed insider/brute force attacks.

15 Future Work In future work,
Instead of using RSA for signature, we can use ECDSA(Elliptic Curve Digital Signature Algorithm) for digital signature to increase performance. Other future work is to find out an alternate method or algorithm for CloudStash system to support large files (file size >40MB ) for Secret Sharing Schema. I will read more IEEE papers regarding Multi Cloud storage for data security.

16 Thank You

Download ppt "Sindhusha Doddapaneni"

Similar presentations

Secure Naming structure and p2p application interaction IETF - PPSP WG July 2010 Christian Dannewitz, Teemu Rautio and Ove Strandberg.

Secure Naming structure and p2p application interaction IETF - PPSP WG July 2010 Christian Dannewitz, Teemu Rautio and Ove Strandberg.
Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies

Cryptographic Technologies
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.

Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.

Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.
Bob can sign a message using a digital signature generation algorithm

Bob can sign a message using a digital signature generation algorithm
Sinaia, Romania August, 2014 14 TH Workshop “Software Engineering Education and Reverse Engineering” Dhuratë Hyseni, Betim Çiço South East European University.

Sinaia, Romania August, TH Workshop “Software Engineering Education and Reverse Engineering” Dhuratë Hyseni, Betim Çiço South East European University.
1 Convergent Dispersal: Toward Storage-Efficient Security in a Cloud-of-Clouds Mingqiang Li 1, Chuan Qin 1, Patrick P. C. Lee 1, Jin Li 2 1 The Chinese.

1 Convergent Dispersal: Toward Storage-Efficient Security in a Cloud-of-Clouds Mingqiang Li 1, Chuan Qin 1, Patrick P. C. Lee 1, Jin Li 2 1 The Chinese.
IT 221: Introduction to Information Security Principles Lecture 6:Digital Signatures and Authentication Protocols For Educational Purposes Only Revised:

IT 221: Introduction to Information Security Principles Lecture 6:Digital Signatures and Authentication Protocols For Educational Purposes Only Revised:
© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 3: VPN and Encryption Technology.

© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 3: VPN and Encryption Technology.
Symmetric versus Asymmetric Cryptography. Why is it worth presenting cryptography? Top concern in security Fundamental knowledge in computer security.

Symmetric versus Asymmetric Cryptography. Why is it worth presenting cryptography? Top concern in security Fundamental knowledge in computer security.
Identity-Based Secure Distributed Data Storage Schemes.

Identity-Based Secure Distributed Data Storage Schemes.
An Architecture for Distributed High Performance Video Processing in the Cloud 2012.06.28 Speaker : 吳靖緯 MA0G0101 2010 IEEE 3rd International Conference.

An Architecture for Distributed High Performance Video Processing in the Cloud Speaker : 吳靖緯 MA0G IEEE 3rd International Conference.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.

4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.

Similar presentations

Ads by Google