Proofs of retrievability for data replications. It allows the data replication be handled by the cloud provider, who will then generate proofs of retrievability of these replicas upon user attestation.
Cloud service providers take advantage of deduplication and compression mechanisms to minimise their storage needs and therefore, their expenditures. Thus, it is very important for TREDISEC solutions not to hinder the deployment of such mechanisms and to work seamlessly on top of them. While storage efficiency is a very important requirement for cloud services, it is more crucial to enable it for the file sharing use-cases.
De-duplication on the authenticators used for Proofs of Retrievability across multiple users. Relying on key-message homomorphic encryption, the cloud providers are able to merge the PoR authenticators generated by different users using different credentials and the merged authenticators is verifiable by all users.
Message Locked PoR and Message locked key generation. This primitive enables clients to verify the retrievability of their files while also allowing file-based deduplication based on a dedicated message-locked key generation. Since all keying material are depending on the file itself the encryption and encoding of the files remain the same if the file is the same.
The primitive provides secure deletion on an honest-but-curious cloud storage. Therefore, clients can store all the files on the cloud as usual, but still achieve secure deletion, which cannot be guaranteed otherwise. The solution is based on encryption.
The Container Isolation module provides two functionalities: First, it implements a tool used to extract and encrypt a Docker container image layer in order to safely transfer it into a target Docker host. Second, it enables a container to store its data over encrypted storage mediums, in order to ensure that the confidential data cannot be retrieved by an adversary with access in the host’s storage backend
This scheme is intended to be used in a scenario where multiple users are using a storage system to store data.
A cryptographic protocol that regulates the interactions between a prover and a verifier. The protocol is usually executed in the context of a storage outsourcing scenario, where the prover is the client and the verifier is the (storage) service provider. The correctness property of PoW schemes require that the owner of a file will succeed in convincing the verifier of this fact.
Files are encrypted on the client side before being uploaded to the cloud, and will be decrypted on the client side after being downloaded to local. The encryption key is kept by the clients. The encryption keys are acquired by the clients from some remote entity, in a privacy-preserving way that the remote entity is not able to infer or distinguish the file content from the requests from all clients, but this remote entity will ensure that the same file content will derive the same encryption key. Thanks to this feature, files across multiple clients can be de-duplicated.
The encryption primitive encrypts and partitions the file, in a way that the file can be decrypted only when all the partitions of the encrypted data as well as the decryption key are available.
Proofs of Retrievability (PoR) are cryptographic proofs that enable a cloud provider to prove that the tenant can retrieve his file in its entirety. A tenant can ask the cloud provider to provide such proofs of a requested file without the need to download the file The aim of providing the PoR primitive is to provide strong assurance of storage integrity to the tenants.