TY - GEN
T1 - EnclavePDP
T2 - 23rd International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2020
AU - He, Yun
AU - Xu, Yihua
AU - Jia, Xiaoqi
AU - Zhang, Shengzhi
AU - Liu, Peng
AU - Chang, Shuai
N1 - Publisher Copyright:
© 2020 by The USENIX Association. All Rights Reserved.
PY - 2020
Y1 - 2020
N2 - As the cloud storage service becomes pervasive, verifying the integrity of their outsourced data on cloud remotely turns out to be challenging for users. Existing Provable Data Possession (PDP) schemes mostly resort to a Third Party Auditor (TPA) to verify the integrity on behalf of users, thus reducing their communication and computation burden. However, such schemes demand fully trusted TPA, that is, placing TPA in the Trusted Computing Base (TCB), which is not always a reasonable assumption. In this paper, we propose EnclavePDP, a secure and general data integrity verification framework that relies on Intel SGX to establish the TCB for PDP schemes, thus eliminating the TPA from the TCB. EnclavePDP supports both new and existing PDP schemes by integrating core functionalities of cryptography libraries into Intel SGX. We choose 10 existing representative PDP schemes, and port them into EnclavePDP with reasonable effort. By deploying EnclavePDP in a real-world cloud storage platform and running the 10 PDP schemes respectively, we demonstrate that EnclavePDP can eliminate the dependence on TPA and introduce reasonable performance overhead.
AB - As the cloud storage service becomes pervasive, verifying the integrity of their outsourced data on cloud remotely turns out to be challenging for users. Existing Provable Data Possession (PDP) schemes mostly resort to a Third Party Auditor (TPA) to verify the integrity on behalf of users, thus reducing their communication and computation burden. However, such schemes demand fully trusted TPA, that is, placing TPA in the Trusted Computing Base (TCB), which is not always a reasonable assumption. In this paper, we propose EnclavePDP, a secure and general data integrity verification framework that relies on Intel SGX to establish the TCB for PDP schemes, thus eliminating the TPA from the TCB. EnclavePDP supports both new and existing PDP schemes by integrating core functionalities of cryptography libraries into Intel SGX. We choose 10 existing representative PDP schemes, and port them into EnclavePDP with reasonable effort. By deploying EnclavePDP in a real-world cloud storage platform and running the 10 PDP schemes respectively, we demonstrate that EnclavePDP can eliminate the dependence on TPA and introduce reasonable performance overhead.
UR - http://www.scopus.com/inward/record.url?scp=85103500203&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85103500203&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:85103500203
T3 - RAID 2020 Proceedings - 23rd International Symposium on Research in Attacks, Intrusions and Defenses
SP - 195
EP - 208
BT - RAID 2020 Proceedings - 23rd International Symposium on Research in Attacks, Intrusions and Defenses
PB - USENIX Association
Y2 - 14 October 2020 through 16 October 2020
ER -