Secure Untrusted Data Repository (SUNDR)

摘要

We have implemented a secure network file system called SUNDR that guarantees the integrity of data even when malicious parties control the server. SUNDR splits storage functionality between two untrusted components, a block store and a consistency server. The block store holds all file data and most metadata. Without interpreting metadata, it presents a simple interface for clients to store variable-sized data blocks and later retrieve them by cryptographic hash. The consistency server implements a novel protocol that guarantees close-to-open consistency whenever users see each other s updates. The protocol roughly consists of users exchanging version-stamped digital signatures of block server metadata, though a number of subtleties arise in efficiently supporting concurrent clients and groupwritable files. We have proven the protocol s security under basic cryptographic assumptions. Without somehow producing signed messages valid under a user s (or the superuser s) public key, an attacker cannot tamper with a user s files even given control of the servers and network. Despite this guarantee, SUNDR performs within a reasonable factor of existing insecure network file systems.