• DocumentCode
    2231196
  • Title

    CRUST: Cryptographic Remote Untrusted Storage without Public Keys

  • Author

    Geron, Erel ; Wool, Avishai

  • Author_Institution
    Tel Aviv Univ., Tel Aviv
  • fYear
    2007
  • fDate
    27-27 Sept. 2007
  • Firstpage
    3
  • Lastpage
    14
  • Abstract
    This paper presents CRUST, a stackablefile system layer designed to provide secure file sharing over remote untrusted storage systems. CRUST is intended to be layered over insecure network file systems without changing the existing systems. In our approach, data at rest is kept encrypted, and data integrity and access control are provided by cryptographic means. Our design completely avoids public-key cryptography operations and uses more efficient symmetric-key alternatives to achieve improved performance. As a generic and self-contained system, CRUST includes its own in-band key distribution mechanism and does not rely on any special capabilities of the server or the clients. We have implemented CRUST as a Linux file system and shown that it performs comparably with typical underlying file systems, while providing significantly stronger security.
  • Keywords
    Linux; authorisation; cryptography; peer-to-peer computing; CRUST; Linux file system; access control; cryptographic remote untrusted storage; data integrity; insecure network file systems; public-key cryptography operations; secure file sharing; stackablefile system layer; Access control; Data security; File servers; File systems; Linux; Network servers; Peer to peer computing; Public key; Public key cryptography; Secure storage;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Security in Storage Workshop, 2007. SISW '07. Fourth International IEEE
  • Conference_Location
    San Diego, CA
  • Print_ISBN
    978-0-7695-3052-9
  • Type

    conf

  • DOI
    10.1109/SISW.2007.9
  • Filename
    4389740