Mathematik | Informatik
Tamino Jain, 2004 | Riehen, BS
Cloud storage has become a widely adopted technology that allows clients to outsource their data, to access it from various locations and to provide security from local device failure. As the technology is gaining track, some of its drawbacks are also raising major concerns. Today, a single failure at one of the major cloud providers can cause outages of thousands of services and applications all over the globe. Simultaneously, reoccurring data leaks pose a great risk to the confidentiality of the data stored. In this thesis we develop a decentralized storage protocol that solves the aforementioned issues ensuring confidentiality, integrity and availability of data. Such a system is achieved by harmonizing blockchains with a Proof-of-Retrievability (PoR) and an economic incentive structure. Using a PoR designed for data storage applications allows us to conduct queries for data integrity without having to send the whole file. In this thesis we show the feasibility and scalability of our proposed solution by theoretically proving its security, further providing reasonable performance for the novel proposed components.
Introduction
We aim to design a decentralized storage protocol centred around a PoR that utilizes a pairing-based Zero Knowledge Proof. We transform the original proof and use it in a novel way in decentralized storage in conjunction with blockchain. Furthermore, we aim to provide real world functionality by designing an intricate incentive structure that fosters cooperation amongst all the involved parties. The system aims to satisfy data integrity and availability and additionally confidentiality for secure data storage.
Methods
There were three main steps to developing our system. First, an extensive literature review was carried out in which we compared various decentralized storage networks, then selected cryptographic and computational schemes that provided us with the means to achieve our desired characteristic. Second, as the original PoR required interaction between participating parties, we used the Fiat-Shamir heuristic to create a non-interactive version of the PoR. Lastly, we show the scalability of the transformed Zero-Knowledge-Proof by implementing it in the GMP and PBC library. In addition, we implement a version of the PoR by changing the cryptographic basis to achieve further performance gains.
Results
We have developed a decentralized data storage protocol. Our architecture preserves data integrity under the presence of malicious entities among untrusted storage providers. The designed protocol ensures the exchange of data against a fee by using the blockchain. On the basis of common security assumptions in cryptography we have shown that our architecture satisfies requirements regarding privacy and availability. We have analysed the economic forces that would arise in our system due to the designed incentive structure. To address this issue we have discussed possible ways to integrate our solution in the existing blockchain ecosystems. Importantly, the implementation of the PoR exhibited a linear relationship between execution time and file size indicating usability in real life applications. We could further improve time and space efficiency by altering the cryptographic basis.
Discussion
We have shown that our proposed design is suitable for decentralized storage, however some improvements to our work have to be made. More research into the user friendliness of our solution has to be conducted as we believe it is one of the main factors in how well a technology will get adapted. The time efficiency of the PoR can also be improved by using modern libraries. Lastly, the version with the altered cryptographic basis has to be proven secure.
Conclusions
In this thesis we have laid out an alternative approach to achieve privacy and availability in decentralized storage networks. We have shown the feasibility of a novel way to provide data integrity. However, further research is required in order to build a full-scale implementation.
Würdigung durch den Experten
Daniel Tschudi
Dieses Projekt beschäftigt sich mit der Fragestellung, wie elektronische Daten sicher dezentral gespeichert werden können. In Anbetracht der Verbreitung zentralisierter Cloud-basierter Systeme ist dieses Thema von grosser Relevanz. Die präsentierte Lösung kombiniert geschickt verschiedene existierende digitale Protokolle der Kryptographie und resultiert in einem verbesserten Gesamtprotokoll. Der zentrale Baustein, der «Proof of Retrievability», wurde dabei auch implementiert. Insgesamt zeugt das Projekt von grosser Begeisterung für Informatik und von einem tiefen Verständnis für Kryptographie.
Prädikat:
sehr gut
Gymnasium Kirschgarten, Basel
Lehrer: Matthias Liebendörfer