Title :
Automated Formal Analysis of a Protocol for Secure File Sharing on Untrusted Storage
Author :
Blanchet, Bruno ; Chaudhuri, Avik
Author_Institution :
Ecole Normale Super., CNRS, Paris
Abstract :
We study formal security properties of a state-of-the-art protocol for secure file sharing on untrusted storage, in the automatic protocol verifier ProVerif. As far as we know, this is the first automated formal analysis of a secure storage protocol. The protocol, designed as the basis for the file system Plutus, features a number of interesting schemes like lazy revocation and key rotation. These schemes improve the protocol´s performance, but complicate its security properties. Our analysis clarifies several ambiguities in the design and reveals some unknown attacks on the protocol. We propose corrections, and prove precise security guarantees for the corrected protocol.
Keywords :
peer-to-peer computing; security of data; storage management; ProVerif; automated formal analysis; automatic protocol verifier; file system Plutus; formal security property; secure file sharing; secure storage protocol; untrusted storage; Access control; Access protocols; Communication system security; Cryptographic protocols; Cryptography; File systems; Peer to peer computing; Privacy; Secure storage; Storage automation; automatic verification; cryptographic access control; key rotation; lazy revocation; secure storage;
Conference_Titel :
Security and Privacy, 2008. SP 2008. IEEE Symposium on
Conference_Location :
Oakland, CA
Print_ISBN :
978-0-7695-3168-7
