On Scalable Integrity Checking for Secure Cloud Disks

Quinn Burke; Ryan Sheatsley; Rachel King; Owen Hines; Michael Swift; Patrick McDaniel

On Scalable Integrity Checking for Secure Cloud Disks

Quinn Burke, Ryan Sheatsley, Rachel King, Owen Hines, Michael Swift, Patrick McDaniel

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Merkle hash trees are the standard method to protect the integrity and freshness of stored data. However, hash trees introduce additional compute and I/O costs on the I/O critical path, and prior efforts have not fully characterized these costs. In this paper, we quantify performance overheads of storage-level hash trees in realistic settings. We then design an optimized tree structure called Dynamic Merkle Trees (DMTs) based on an analysis of root causes of overheads. DMTs exploit patterns in workloads to deliver up to a 2.2× throughput and latency improvement over the state of the art. Our novel approach provides a promising new direction to achieve integrity guarantees in storage efficiently and at scale.

Original language	English (US)
Title of host publication	Proceedings of the 23rd USENIX Conference on File and Storage Technologies, FAST 2025
Publisher	USENIX Association
Pages	391-405
Number of pages	15
ISBN (Electronic)	9781939133458
State	Published - 2025
Event	23rd USENIX Conference on File and Storage Technologies, FAST 2025 - Santa Clara, United States Duration: Feb 25 2025 → Feb 27 2025

Publication series

Name	Proceedings of the 23rd USENIX Conference on File and Storage Technologies, FAST 2025

Conference

Conference	23rd USENIX Conference on File and Storage Technologies, FAST 2025
Country/Territory	United States
City	Santa Clara
Period	2/25/25 → 2/27/25

All Science Journal Classification (ASJC) codes

Computer Networks and Communications
Hardware and Architecture
Software

Cite this

@inproceedings{45e6eda0c16544e9bef278ec6ae5bcb8,

title = "On Scalable Integrity Checking for Secure Cloud Disks",

abstract = "Merkle hash trees are the standard method to protect the integrity and freshness of stored data. However, hash trees introduce additional compute and I/O costs on the I/O critical path, and prior efforts have not fully characterized these costs. In this paper, we quantify performance overheads of storage-level hash trees in realistic settings. We then design an optimized tree structure called Dynamic Merkle Trees (DMTs) based on an analysis of root causes of overheads. DMTs exploit patterns in workloads to deliver up to a 2.2× throughput and latency improvement over the state of the art. Our novel approach provides a promising new direction to achieve integrity guarantees in storage efficiently and at scale.",

author = "Quinn Burke and Ryan Sheatsley and Rachel King and Owen Hines and Michael Swift and Patrick McDaniel",

year = "2025",

language = "English (US)",

series = "Proceedings of the 23rd USENIX Conference on File and Storage Technologies, FAST 2025",

publisher = "USENIX Association",

pages = "391--405",

booktitle = "Proceedings of the 23rd USENIX Conference on File and Storage Technologies, FAST 2025",

}

Burke, Q, Sheatsley, R, King, R, Hines, O, Swift, M & McDaniel, P 2025, On Scalable Integrity Checking for Secure Cloud Disks. in Proceedings of the 23rd USENIX Conference on File and Storage Technologies, FAST 2025. Proceedings of the 23rd USENIX Conference on File and Storage Technologies, FAST 2025, USENIX Association, pp. 391-405, 23rd USENIX Conference on File and Storage Technologies, FAST 2025, Santa Clara, United States, 2/25/25.

On Scalable Integrity Checking for Secure Cloud Disks. / Burke, Quinn; Sheatsley, Ryan; King, Rachel et al.
Proceedings of the 23rd USENIX Conference on File and Storage Technologies, FAST 2025. USENIX Association, 2025. p. 391-405 (Proceedings of the 23rd USENIX Conference on File and Storage Technologies, FAST 2025).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - On Scalable Integrity Checking for Secure Cloud Disks

AU - Burke, Quinn

AU - Sheatsley, Ryan

AU - King, Rachel

AU - Hines, Owen

AU - Swift, Michael

AU - McDaniel, Patrick

PY - 2025

Y1 - 2025

N2 - Merkle hash trees are the standard method to protect the integrity and freshness of stored data. However, hash trees introduce additional compute and I/O costs on the I/O critical path, and prior efforts have not fully characterized these costs. In this paper, we quantify performance overheads of storage-level hash trees in realistic settings. We then design an optimized tree structure called Dynamic Merkle Trees (DMTs) based on an analysis of root causes of overheads. DMTs exploit patterns in workloads to deliver up to a 2.2× throughput and latency improvement over the state of the art. Our novel approach provides a promising new direction to achieve integrity guarantees in storage efficiently and at scale.

AB - Merkle hash trees are the standard method to protect the integrity and freshness of stored data. However, hash trees introduce additional compute and I/O costs on the I/O critical path, and prior efforts have not fully characterized these costs. In this paper, we quantify performance overheads of storage-level hash trees in realistic settings. We then design an optimized tree structure called Dynamic Merkle Trees (DMTs) based on an analysis of root causes of overheads. DMTs exploit patterns in workloads to deliver up to a 2.2× throughput and latency improvement over the state of the art. Our novel approach provides a promising new direction to achieve integrity guarantees in storage efficiently and at scale.

UR - http://www.scopus.com/inward/record.url?scp=105002262606&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=105002262606&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:105002262606

T3 - Proceedings of the 23rd USENIX Conference on File and Storage Technologies, FAST 2025

SP - 391

EP - 405

BT - Proceedings of the 23rd USENIX Conference on File and Storage Technologies, FAST 2025

PB - USENIX Association

T2 - 23rd USENIX Conference on File and Storage Technologies, FAST 2025

Y2 - 25 February 2025 through 27 February 2025

ER -

On Scalable Integrity Checking for Secure Cloud Disks

Abstract

Publication series

Conference

All Science Journal Classification (ASJC) codes

Other files and links

Fingerprint

Cite this