PUOKMS: Password-Protected Updatable Oblivious Key Management System for Cloud Storage
نویسندگان
چکیده
Updatable oblivious key management system (UOKMS) has been widely applied in reality to protect outsourced data confidentiality. We demonstrate that existing UOKMS fails prevent users’ private information from being leaked. show an adversary can impersonate any user access her/his sensitive UOKMS, and this problem is further exacerbated by the collusion between two entities (i.e., a server cloud server). In paper, we propose secure two-layered encryption mechanism resist impersonation attacks. Specifically, first layer public/secret generated user’s password via way, where hardened set of dedicated identity servers thwart guessing attacks; besides, multiple secretly share user-specific server-side for each assist generating second symmetric key. also utilize renewal periodically updates secret on perpetual leakage secret. With these mechanisms, develop password-protected updatable storage, dubbed PUOKMS. evaluate PUOKMS terms security efficiency, which demonstrates achieves strong guarantee with high efficiency.
منابع مشابه
Password Authenticated Key Exchange and Protected Password Change Protocols
In this paper, we propose new password authenticated key exchange (PAKE) and protected password change (PPC) protocols without any symmetric or public-key cryptosystems. The security of the proposed protocols is based on the computational Diffie-Hellman assumption in the random oracle model. The proposed scheme can resist both forgery server and denial of service attacks.
متن کاملBlizzard: Fast, Cloud-scale Block Storage for Cloud-oblivious Applications
Blizzard is a high-performance block store that exposes cloud storage to cloud-oblivious POSIX and Win32 applications. Blizzard connects clients and servers using a network with full-bisection bandwidth, allowing clients to access any remote disk as fast as if it were local. Using a novel striping scheme, Blizzard exposes high disk parallelism to both sequential and random workloads; also, by d...
متن کاملEfficient Password Authenticated Key Exchange via Oblivious Transfer
We present a new framework for constructing efficient password authenticated key exchange (PAKE) protocols based on oblivious transfer (OT). Using this framework, we obtain: – an efficient and simple UC-secure PAKE protocol that is secure against adaptive corruptions without erasures. – efficient and simple PAKE protocols under the Computational DiffieHellman (CDH) assumption and the hardness o...
متن کاملData-Oblivious Algorithms for Privacy-Preserving Access to Cloud Storage
of “ Data-Oblivious Algorithms for Privacy-Preserving Access to Cloud Storage ” by Olga Ohrimenko, Ph.D., Brown University, May 2014 Cloud storage has emerged as the next generation of data storage where users can remotely store their data and leave its management to a third party, e.g., Amazon S3, Google Drive or Microsoft Azure. However, the fact that users no longer have physical possession ...
متن کاملGecko: A Contention-Oblivious Design for Cloud Storage
Disk contention is a fact of life in modern data centers, with multiple applications sharing the storage resources of a single physical machine. Log-structured storage designs are ideally suited for such high-contention settings, but historically have suffered from performance problems due to cleaning overheads. In this paper, we introduce Gecko, a novel design for storage arrays where a single...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Lecture Notes in Computer Science
سال: 2021
ISSN: ['1611-3349', '0302-9743']
DOI: https://doi.org/10.1007/978-3-030-93206-0_8