IBM data ownership toolkit

3/ Nov/ 2017
Authors: 
IBM

Proof of Ownership (PoW) is a cryptographic protocol that regulates the interactions between a prover and a verifier. The protocol is usually executed in the context of a storage outsourcing scenario, where the prover is the client and the verifier is the (storage) service provider.

Several PoW schemes have been proposed in the literature. While they are proved secure under similar security models, they differ widely in terms of the performance impact. With this framework we present a common set of APIs that can be used to integrate PoW schemes into a storage system. The system can choose dynamically which scheme to use depending on the context (e.g. premium users get the PoW solution that is less taxing on the client side). This way the storage administrator doesn’t have to choose which scheme to adopt when building the system; on the contrary, this determination can be done later at runtime.

In a POW scheme, a prover and a verifier interact. At first prover and verifier exchange short information about a file (e.g. the hash of a file). Then, prover and verifier engage in a cryptographic protocol with the purpose of establishing that the prover indeed owns the file. The correctness property of PoW schemes require that the owner of a file will succeed in convincing the verifier of this fact. The security property will guarantee that a malicious prover who is not in possession of the file will succeed in convincing the verifier with negligible probability even in the presence of a legitimate file owner who colludes with the adversary, subject to certain restrictions. Cryptographically speaking, the prover is allowed to access an oracle that provides information on the file. More specifically, the prover may submit the description of a function to the oracle, and the oracle will invoke the function on input the file and return the output of the function to the prover. The leakage is only bounded in terms of execution time of the function and size of its output. The protocol is supposed to be resilient even in presence of this oracle.

Today all storage providers employ data compression and deduplication as an important way to better utilize their storage backends. However, careless use of deduplication by a cloud storage provider exposes several security vulnerabilities. PoW schemes are the security mechanism to be used to counter this threat.

Keywords: Data Privacy, Privacy-preserving data outsourcing, Verifiable ownership