@misc{cryptoeprint:2008:489,
author = {Kevin D. Bowers and Ari Juels and Alina Oprea},
title = {HAIL: A High-Availability and Integrity Layer for Cloud Storage},
howpublished = {Cryptology ePrint Archive, Report 2008/489},
year = {2008},
note = {\url{http://eprint.iacr.org/}}, }Summary:The paper describes a system that distributes redundant blocks of a file across multiple servers, and allows a client to make sure that the file is not corrupted even when an attacker can compromise servers, and eventually gain access to all servers. It allows the client to know get proofs of retrievability (POR) efficiently from servers.
HAIL does this by adding what the authors term IP-ECC: Integrity protected error correcting codes. These are basically ECC codes with an embedded MAC. They add these to each block of the file, and then a server can calculate a concise aggregate MAC to prove to the client the existence and integrity of some blocks of a file.
Lots of proofs and cryptospeak, most of which I skipped over. They use standard constructions mostly and put them together.
In terms of performance, the system is slow. In terms of fault-tolerance, the system can-handle byzantine failures where a third of the systems are faulty/compomised. In addition, the files are not lost.
The Good:
Basically secure RAID for the cloud. The servers themselves are untrusted, they have redundancy, and files are stored securely. If one storage provider dies, then the files can still be accessed from other location. System is also robust against modifications and includes integrity checks.
The Bad:
- Performance is really slow and they didn't compare with other systems.
- Are storage providers dying really the worst case scenario such that all this overhead and work needs to be done? This seems like a very heavy hammer.
- It seems that legal recourse + MACs seem to be easier to do. For example, sign an SLA so that storage provider has more to lose by corrupting your data or being unavailable than you.
No comments:
Post a Comment