Presentation is loading. Please wait.

Presentation is loading. Please wait.

Strong Security for Distributed File Systems Group A3 Ka Hou Wong Jahanzeb Faizan Jonathan Sippel.

Published byStanley Sims Modified over 9 years ago

Similar presentations

Presentation on theme: "Strong Security for Distributed File Systems Group A3 Ka Hou Wong Jahanzeb Faizan Jonathan Sippel."— Presentation transcript:

1 Strong Security for Distributed File Systems Group A3 Ka Hou Wong Jahanzeb Faizan Jonathan Sippel

2 Introduction Presenter: Ka Hou Wong

3 Introduction Security is important because a violation could cost billions of dollars As network-attached disks are getting popular, we need to improve existing file systems to support security This paper presents Secure Network- Attached Disks (SNAD)

4 Features Store and transfer all data encrypted Decrypt data only in a client workstation If the disk is physically stolen, the thief cannot access the information Ability to detect forged data Little overhead because the disk performs secure hashes only

5 Shortcomings of Existing File Systems Store information in clear text Rely upon trusted file servers not to alter the original information Do not deal with issues such as sharing files between users

6 Design Goals End-to-end encryption of all file system data and metadata Only authorized people can access the data Data integrity Ability to detect modified data Flexibility Easy to share files Performance and scalability No one wants to use a file system as slow as a turtle

7 Basic Mechanisms Encrypt all data at client Server has sufficient info to authenticate the writer Reader has sufficient information to verify the end-to-end integrity of the data Uses standard cryptographic tools Public-key cryptography Extensive use of cryptographic hashes and keyed hashes such as Hashed Message Authentication Codes (HMAC)

8 SNAD Data Structures Presenter: Jahanzeb Faizan

9 SNAD Data Structures Four basic structures Data Objects File Objects Key Objects Certificate Objects Storage Contiguous blocks of data, or Data (actual) in file system and remainder in some special structures (I-nodes in UNIX)

10 Secure Data Object (SDO) Minimum unit of data that can be read or written Corresponds to a file block Block Security Info Block ID User IDs Timestamp Initialization Vector Data 32 Bytes Uniquely identifies each block (File ID and Block offset) Creator of SDO and security RC5 encrypted data Prevent replay attacks Prevent data blocks encrypted with the same key from encrypting to the same cipher text

11 File Object Composed of one or more data objects along with per file metadata Metadata consists of Block pointers File size Time stamping Pointer to a key object

12 Key Object Uses encryption key to encrypt files Used for more than one file Corresponds to a UNIX group

13 Key Object (cont.) Key File IDUser IDSignature User IDEncrypted KeyPermission User IDEncrypted KeyPermission User IDEncrypted KeyPermission Unique Identifier for block on system Private key of user or group Last user to modify key object RC5 key encrypted with user’s public key (cannot be decrypted without private key which is never sent to disk) On write, user hashes object and signs it with his private key On read, used to verify data integrity To determine if user is allowed to write the key object

14 Certificate Object Each server contains a single Certificate Object Contains administrative and cryptographic information about each SNAD user Used to authenticate users and do basic storage management

15 Certificate Object (cont.) User IDPublic KeyHMAC KeyTimestamp User IDPublic KeyHMAC KeyTimestamp User IDPublic KeyHMAC KeyTimestamp User or group the tuple belongs to Stored on disk for two reasons: 1.No need to consult key server 2.Writer authentication To prevent replay attacksTo verify identity of user writing data (encrypted)

16 Overall Organization Certificate object File object Data object Key object File object Data object Key object File object Data object File objects sharing a single key object (the two files have the same access controls)

17 Overhead Data 36-100 bytes,depending on scheme used Header Data Object Data objects and Metadata Header Pointer to Key object File Object Data 72 bytes Header Key Object 72 bytes * no. of users Certificate object <100 bytes per user

18 SNAD Security Schemes Presenter: Jonathan Sippel

19 SNAD Security Schemes Goal To provide authenticated, encrypted storage Problem Encryption/decryption times are not easily reduced Solution Symmetric algorithms are relatively fast Different methods of authentication are available which vary in security and speed

20 SNAD Security Schemes (cont.) Reading and writing of authenticated data User is required to give a private key to the client User opens the file and reads the key object Appropriate field of key object is decrypted to obtain symmetric encryption key for the file Symmetric encryption key is used to encrypt data before sending it to the server and after receiving it from the server

21 Scheme 1 Most secure Requires the user to sign the checksum of every block written using public-key encryption Requires the server to authenticate every block before writing it Allows the system to track the writer for each block Signature generation and checking are slow

22 Scheme 1 (cont.) Read Server operations are not required Client verification of hash and signature Write Client encrypts each data block Client computes a hash over entire data object Client signs hash using the user’s private key Server compares recomputed hash against signed hash

23 Scheme 1 (cont.) OperationReadWrite ClientNASClientNAS En/DecryptXX HashXXX SignatureX VerificationXX

24 Scheme 2 Signature check on server is replaced with a Message Authentication Code (MAC) check Client still generates a signature and checks it upon reading a block Server is freed from time consuming verification Overall performance is improved

25 Scheme 2 (cont.) Read Server operations are not required Client verification of hash and signature Write Client performs a cryptographic hash on the block and signs it Client calculates a HMAC on the SDO using the shared secret HMAC key Server computes HMAC using shared secret key from the certificate object and compares it to the one received from the client

26 Scheme 2 (cont.) OperationReadWrite ClientNASClientNAS En/DecryptXX HashXXX SignatureX VerificationX

27 Scheme 3 Signatures are eliminated Cryptographic hashes are used to insure data integrity Considerably faster because no signature generation/checking is involved Not possible to verify who wrote the block last

28 Scheme 3 (cont.) Read Server calculates the HMAC using the key provided by the user requesting the data Client verifies the hash and performs a checksum on the decrypted data Write Client encrypts the SDO and calculates a HMAC over the encrypted data Server authenticates the write by computing the HMAC using the shared secret key from the certificate object

29 Scheme 3 (cont.) OperationReadWrite ClientNASClientNAS En/DecryptXX HashXXXX Signature Verification

30 Performance Results

31 Conclusions SNAD Solves many performance and security problems found today Provides user confidentiality and integrity Performs better and is more reliable than centralized file servers Improves performance and scalability with decentralized security functionality Eliminates a single point of failure

Download ppt "Strong Security for Distributed File Systems Group A3 Ka Hou Wong Jahanzeb Faizan Jonathan Sippel."

Similar presentations

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
PIS: Unit III Digital Signature & Authentication Sanjay Rawat PIS Unit 3 Digital Sign Auth Sanjay Rawat1 Based on the slides of Lawrie.

PIS: Unit III Digital Signature & Authentication Sanjay Rawat PIS Unit 3 Digital Sign Auth Sanjay Rawat1 Based on the slides of Lawrie.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.

MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.

Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
SMUCSE 5349/73491 Authentication Protocols. SMUCSE 5349/73492 The Premise How do we use perfect cryptographic mechanisms (signatures, public-key and symmetric.

SMUCSE 5349/73491 Authentication Protocols. SMUCSE 5349/73492 The Premise How do we use perfect cryptographic mechanisms (signatures, public-key and symmetric.
Online Security Tuesday April 8, 2003 Maxence Crossley.

Online Security Tuesday April 8, 2003 Maxence Crossley.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

Similar presentations

Ads by Google