TY - THES
T1 - On Decentralized Cloud Storage Security and an Efficient Post-Quantum Encryption Scheme
AU - Kundu, Rohon
PY - 2024/5/15
Y1 - 2024/5/15
N2 - In this thesis, we address three main security problems related to cryptography andcloud storage. To tackle the challenge posed by a quantum computer, we needencryption that is resistant to quantum computers. This category of cryptographyis called post-quantum cryptography. In the first paper, we solve a challengein one of the lattice-based cryptographic protocols called Nth-degree Truncatedpolynomial Ring Unit (NTRU) namely how to reduce the key size while keepingthe desired security level. We propose a solution that reduces the key size significantly.Our proposed solution allows a practical implementation of NTRU withfast polynomial multiplications.Next, we move to solve a long-standing problem arising in any cloud storagenamely the reduction of storage cost of redundant data and maintaining securityand privacy at the same time. Data deduplication is considered to be a tool thatcan be used to eliminate redundant data and store only one of its copies. Butdata deduplication also means that the file cannot go through client-side encryptionwhich opens up new possibilities of adversarial threats. In order to tackle thischallenge, we propose a new architecture where we perform client-side deduplicationalong with dynamic erasure protection by introducing a third-party assistant.We also performed an erasure analysis to quantitatively analyze the probability ofloss of a file when a large number of replicas are deleted at random.Finally, we shift our interest to Decentralized Cloud Storage (DCS). DCSsolutions like Filecoin, Storj, and Arweave are gaining more popularity in the Web 3.0 ecosystem. But they are not without challenges. The robustness of the DCSprotocols remains a challenging ground. Since the file in a DCS protocol is storedin a decentralized manner among different nodes, a Distributed Denial of Service(DDoS) attack would render the system vulnerable to data loss. Therefore, it isimportant to analyze the robustness of decentralized architecture against DDoSattacks. In our last paper, we perform a similar erasure analysis to that of thesecond paper but in a decentralized setup, where the adversary aims to disruptthe system by deleting a file from the network. Storj is one of the leading playersin the DCS space. We have created an adversarial model capturing the real Storjnetwork scenario and simulated our model using real-time data obtained from theStorj network. We obtain resource budget figures for DDoS on Storj using ourmodel. Also, we propose a better parametric value for the erasure piece distributionin Storj which suits well when there is a large portion of so-called unvetted nodesin the network.
AB - In this thesis, we address three main security problems related to cryptography andcloud storage. To tackle the challenge posed by a quantum computer, we needencryption that is resistant to quantum computers. This category of cryptographyis called post-quantum cryptography. In the first paper, we solve a challengein one of the lattice-based cryptographic protocols called Nth-degree Truncatedpolynomial Ring Unit (NTRU) namely how to reduce the key size while keepingthe desired security level. We propose a solution that reduces the key size significantly.Our proposed solution allows a practical implementation of NTRU withfast polynomial multiplications.Next, we move to solve a long-standing problem arising in any cloud storagenamely the reduction of storage cost of redundant data and maintaining securityand privacy at the same time. Data deduplication is considered to be a tool thatcan be used to eliminate redundant data and store only one of its copies. Butdata deduplication also means that the file cannot go through client-side encryptionwhich opens up new possibilities of adversarial threats. In order to tackle thischallenge, we propose a new architecture where we perform client-side deduplicationalong with dynamic erasure protection by introducing a third-party assistant.We also performed an erasure analysis to quantitatively analyze the probability ofloss of a file when a large number of replicas are deleted at random.Finally, we shift our interest to Decentralized Cloud Storage (DCS). DCSsolutions like Filecoin, Storj, and Arweave are gaining more popularity in the Web 3.0 ecosystem. But they are not without challenges. The robustness of the DCSprotocols remains a challenging ground. Since the file in a DCS protocol is storedin a decentralized manner among different nodes, a Distributed Denial of Service(DDoS) attack would render the system vulnerable to data loss. Therefore, it isimportant to analyze the robustness of decentralized architecture against DDoSattacks. In our last paper, we perform a similar erasure analysis to that of thesecond paper but in a decentralized setup, where the adversary aims to disruptthe system by deleting a file from the network. Storj is one of the leading playersin the DCS space. We have created an adversarial model capturing the real Storjnetwork scenario and simulated our model using real-time data obtained from theStorj network. We obtain resource budget figures for DDoS on Storj using ourmodel. Also, we propose a better parametric value for the erasure piece distributionin Storj which suits well when there is a large portion of so-called unvetted nodesin the network.
M3 - Licentiate Thesis
SN - 978-91-8104-064-7
PB - Department of Electrical and Information Technology, Lund University
CY - Lund
ER -