Journal of Communications and Networks

  • 제11권3호
  • /
  • Pages.211-228
  • /
  • 2009
  • /
  • 1229-2370(pISSN)
  • /
  • 1976-5541(eISSN)
한국통신학회 (The Korean Institute of Commucations and Information Sciences)
권호 표지

New Security Layer for OverLay Networks

  • Imai, Hideki (Research Center for Information Seeurity (RCIS), National Institute of Advanced Industrial Seienee and Teehnology (AIST)) ;
  • Shin, Seong-Han (Research Center for Information Seeurity (RCIS), National Institute of Advanced Industrial Seienee and Teehnology (AIST)) ;
  • Kobara, Kazukuni (Research Center for Information Seeurity (RCIS), National Institute of Advanced Industrial Seienee and Teehnology (AIST))
  • 발행 : 2009.06.30
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

After clarifying the underlying problems in a secure network storage, we introduce two important requirements, leakageresilience and availability in higher levels respectively, for data keys that are used to protect remotely-stored data. As a main contribution of this paper, we give a new security layer for overlay networks by proposing a leakage-resilient authentication and data management system. In this system, we specifically propose a single mode and a cluster mode where the latter provides a higher level of both leakage-resilience and availability for the data key.

키워드

참고문헌

  1. Amazon, 'Amazon simple storage servicc (Amazon S3).' [Online]. Availahlc: http://aws.amazon.com/s3
  2. BitTorrent Inc., 'BitTorrent.' [Online]. Available: http://www.hittorrent.com
  3. E. L. Miller, W. E. Freeman, D. D. E. Long, and B. C. Reed, 'Strong security for network-attached storage,' in Proc. USENIX Conference on File and Storage Thchnologies, Jan. 2002
  4. E. J. Goh, H. Shacham, N. Modadugu, and D. Bonch, 'SiRIUS: Securing remote untrusted storage,' in Proc. Network and Distributed System Security, 2003, pp.131-145
  5. E. Mykletun, M. Narasimha, and G. Tsudik, 'Authentication and integrity in outsourced datahases,' ACM Trans. Storage, vol. 2, no. 2, pp. 107-138, 2006 https://doi.org/10.1145/1149976.1149977
  6. A. Heizmann, B. Palazzi, C. Paparnanthou, and R. Tamassia, 'Efficient integrity checking of untrusted network storage,' in Proc. 4th ACM International Workshop on Storage Security and Survivability, 2008, pp. 43-54
  7. D. Boneh, C. Gentry, B. Lynn, and H. Shacharn, 'Aggregate and verifiably encrypted signatures from hilincar rnaps,' in Proc. Eurocrypt 2003, 2003, LNCS 2656, pp. 416-432
  8. M. T. Goodrich, R. Tarnassia, and A. Schwerin, 'Implementatìon of an authenticated dictioinary with skip lists and cornrnutative hashing,' in Proc. DARPA Information Survívability Conference and Exposition II, 2001, pp.68-82
  9. lETF, 'PPP extensible authentication protocol (EAP),' RFC 2284, March 1998
  10. B. Ahoba, L. Blunk, J. Vollhrecht, J. Carlson, and H. Levkowetx, 'Extensible authentication protocol (EAP),' lETF RFC 3748, June 2004
  11. A. Frier, P. Karlton, and P. Kocher, 'The SSL 3.0 protocol, 'Netscape Communication Corp. [Online]. Availahle: http://wp.netscape.com/eng/ss13
  12. lETF, 'Transport layer security (tls) charter,' [Online]. Available: http://www .ietf.org/html.charters/tls-charter.html
  13. D. Harkins and D. Carrel, 'The lnternet Key Exchange (IKE),' IETF RFC 2409, Nov. 1998. [Online]. Availahle: http://www.ietf.org/rfc/rfc2409.txt
  14. C. Kaufman, 'Internel key exchange (TKEv2) protocol,' IETF RFC 4306, Dec.2005
  15. lEEE P1363, 'lEEE standard specifications for public key cryptography,' Nov. 1999
  16. IEEE PI363.2, 'Standard specifications for password-based public key cryptographic techniques.' [Online]. Availahle: http://grouper.ieee.org/groups/ 1363/passwdPK/submissions.html
  17. S. H. Shin, K. Kobara, and H. Imai, 'Leakage-resilient authenticated key establishment protocols,' in Proc. Asiacrypt 2003, 2003, LNCS 2894, pp. 155-172 https://doi.org/10.1007/978-3-540-40061-5_10
  18. S. H. Shin, K. Kobara, and H. Imai, 'A simple Ieakage-resilient authenticated key establishment protocol, its extensions, and applications,' IEICE Trans. Fund. Electronics, Commun. and Computer Sciences, vol. E88-A, no. 3, pp. 736-754, Mar. 2005 https://doi.org/10.1093/ietfec/e88-a.3.736
  19. S. H. Shin, K. Kobara, and H. Imai, 'An efficient and Ieakage-resilient RSA-based authenticated key exchange protocol with tight security reduction,' IEICE Trans. Fundamentals of Electronics, Communications and Computer Sciences, vol. E90-A, no. 2, pp. 474-490, 2007 https://doi.org/10.1093/ietfec/e90-a.2.474
  20. R. Richardson, 'CSI survey 2007: The 12th annual computer crime and security survey,' Computer Security Institute, http://www.gocsi.com/forms/csi_survey.jhtml, 2007
  21. Federal information processing standards publication 180-2, 'Secure hash standard (SHS),' Aug. 2002. [Online]. Available: http://csrc.nist.gov/publications/fips/fips 180-2/fips 180-2 withchangenotice.pdf
  22. M. Bellare, R. Canetti, and H. Krawczyk, 'Keying hash fucntions for message authentication,' in Proc. Crypto'96, 1996, LNCS 1109, pp. 1-15 https://doi.org/10.1007/3-540-68697-5_1
  23. R. Rivest, A. Shamir, and L. Adleman, "A method for obtaining digital signatures and public-key cryptosystems," Commun. ACM, vol. 21, no. 2, pp.120-126, 1978 https://doi.org/10.1145/359340.359342