Kevin D. Bowers
How to Tell if Your Cloud Files Are Vulnerable to Drive Crashes
This paper presents a new challenge---verifying that a remote server is storing a file in a fault-tolerant manner, i.e., such that it can survive hard-drive failures. We describe an approach called the Remote Assessment of Fault Tolerance (RAFT). The key technique in a RAFT is to measure the time taken for a server to respond to a read request for a collection of file blocks. The larger the number of hard drives across which a file is distributed, the faster the read-request response. Erasure codes also play an important role in our solution. We describe a theoretical framework for RAFTs and show experimentally that RAFTs can work in practice.
Proofs of Retrievability: Theory and Implementation
A proof of retrievability (POR) is a compact proof by a file system (prover) to a client (verifier) that a target file F is intact, in the sense that the client can fully recover it. As PORs incur lower communication costs than transmission of F itself, they are an attractive building block for high-assurance remote storage systems. In this paper, we propose a theoretical framework for the design of PORs. This framework leads to improvements in the previously proposed POR constructions of Juels-Kaliski and Shacham-Waters, and also sheds light on the conceptual limitations of previous theoretical models for PORs. We propose a new variant on the Juels-Kaliski protocol with significantly improved efficiency and describe a prototype implementation. We demonstrate practical encoding even for files F whose size exceeds that of client main memory.
HAIL: A High-Availability and Integrity Layer for Cloud Storage
We introduce HAIL (High-Availability and Integrity Layer), a distributed cryptographic system that permits a set of servers to prove to a client that a stored file is intact and retrievable. Proofs in HAIL are efficiently computable by servers and highly compact---typically tens or hundreds of bytes, irrespective of file size. HAIL cryptographically verifies and reactively reallocates file shares. It is robust against an active, mobile adversary, i.e., one that may progressively corrupt the full set of servers. We propose a strong, formal adversarial model for HAIL, and rigorous analysis and parameter choices. We also report on a prototype implementation. HAIL strengthens, formally unifies, and streamlines distinct approaches from the cryptographic and distributed-systems communities. HAIL also includes an optional new tool for proactive protection of stored files. HAIL is primarily designed to protect static stored objects, such as backup files or archives.