In the era of big data, reducing the computational complexity of servers in data centers will be an important goal. We propose Low Complexity Secure Codes (LCSCs) that are specifically designed to provide information theoretic security in cloud distributed storage systems. Unlike traditional coding schemes that are designed for error correction capabilities, these codes are only designed to provide security with low decoding complexity. These sparse codes are able to provide (asymptotic) perfect secrecy similar to Shannon cipher. The simultaneous promise of low decoding complexity and perfect secrecy make these codes very desirable for cloud storage systems with large amount of data. The design is particularly suitable for large size archival data such as movies and pictures. The complexity of these codes are compared with traditional encryption techniques.
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Low Complexity Secure Code Design for Big Data in Cloud Storage Systems
1. Mohsen Karimzadeh Kiskani, Hamid Sadjadpour,
Mohammad Reza Rahimi, Fred Etemadieh
University of California, Santa Cruz
Low Complexity Secure Code (LCSC)
Design for Big Data in Cloud Storage Systems
International Conference on Communications (ICC)
May 2018
2. Motivation
2
➢ Coding for Security:
○ A new security paradigm for big data
○ Code optimality definition
○ Asymptotic optimality achievability
➢ Security
○ Security without current encryption algorithms?
○ Information theoretic secrecy in cloud storage in practice?
➢ Big Data?
○ Traditional security measures are not designed for big data applications.
○ A new paradigm for big data security
○ Reduce computational complexity in big data security
➢ Results:
○ Asymptotic perfect security is achievable in distributed cloud storage security
○ Much lower computational complexity
○ Better solution than AES
3. Coding for security
➢ Coding for security
○ Definition:
■ Code to achieve perfect secrecy
○ Similar to encryption algorithms:
■ Encoding/Decoding Vectors are
similar to keys
■ Confidential encoding/decoding
information
■ Encoded data is similar to ciphertext
➢ Asymptotic code optimality
○ Achieves perfect secrecy in limit
○ No additional overhead
○ For large number of files the code rate
goes to one.
○ Asymptotic zero secure coding overhead
FEC CodingSecurity Coding
No additional overhead
4. Perfect Secrecy
4
source Encoder
message
M
key
source
key K
Decoder
cryptogram
E
message
M
Enemy
cryptanalyst
Secure channel
1. Perfect secrecy definition:
○ No information leakage, regardless of computational power
2. Example: one-time pad
3. Necessary and sufficient conditions for perfect secrecy:
○ A unique key for each message is to be used.
○ Uniform key distribution
4. We used these 2 conditions to prove our results.
destination
5. Problem Formulation
Cloud
contains most of the data
User
keeps some data locally
➢ Cloud storage network model
○ Communication between cloud and user
➢ Can we get perfect secrecy?
○ Not even cloud can get any information
➢ Problem with Shannon Cipher?
○ Huge Key size (a key bit for each message bit)
➢ Our solution:
○ User local storage is used for key construction
○ User encodes data using secret encoding method
○ User keeps some of the data locally
○ User upload most of the encoded data to cloud
○ Cloud cannot gain any information about files
○ If user’s local storage size is large enough, perfect
secrecy can be achieved asymptotically.
○ Good complexity performance
6. Dense Encoding Sparse Decoding
➢ How to do coding for security?
○ Dense encoding
■ Density → Create uniformly distributed keys
■ Uniform keys is a requirement to achieve
perfect secrecy
○ Sparse decoding
■ Sparse decoding matrix D on cloud
■ Sparsity → Computational efficiency
■ Reduce cloud computations
➢ Main idea of the paper:
○ Design a code that results in
■ Sparse decoding matrix D
■ Dense encoding matrix A
➢ No information leakage to third parties is allowed.
6
Cloud
Uses decoding matrix
D, (sparse decoding
matrix)
User
uses encoding matrix A,
(dense encoding matrix)
8. Key generation
Overall large key is built
User local storage
Secure channel
Encoding/Decoding
information
➢ Two-phase key generation:
○ Secure channel for decoding and encoding information
○ User local storage for storing some part of the data as key
➢ Avoid significant key transmissions over secure channel
9. Comparison with AES
➢ Security:
○ Perfect asymptotic secrecy
○ For large files cannot be broken with time
○ Suitable for big data security
➢ Complexity:
○ Much better efficiency
○ Only 4 XOR operations as opposed to 41 in AES
○ No other types of operations than XOR
○ No serial operations to inflict decoding delay
➢ Efficient parallelism:
○ Could be done in MapReduce setting
○ Perfect for big data applications
9
10. Simulation
10
➢ Design a sparse decoding matrix, D
➢ The encoding matrix A is the pseudo-inverse of D
➢ Simulation shows that the pseudo-inverse is dense
➢ The average density quickly approaches m/2
➢ Even for small number of number of files.
➢ Even with large sparsity index for D, A will quickly
converge to a dense matrix
➢ Promises good practicality
11. Future View
11
➢ Achieve perfect secrecy (Not asymptotically)
➢ Reduce the decoding complexity.
➢ Security-Complexity trade-off study
➢ Theoretical comparison of computational complexity
➢ Design new codes that have
○ Security
○ Privacy
○ Repair
○ Low complexity
12. Low Complexity Secure Code (LCSC) Design for
Big Data in Cloud Storage Systems
Mohsen Karimzadeh Kiskani, Hamid Sadjadpour
May 2018
Thank You!
Questions?