Trustworthy Cloud Storage

The Cloud trend is an attempt to leverage economics of scale in the domain of computing resources. Unfortunately, this often means losing control of the lower levels of a computer system, and exposing users to new threat vectors. These threats may be significant enough to forbid the use of clouds, and force giving up on their economical advantages. Chapter 1 introduces some issues with current cloud storage systems, that should be fixed before a cloud storage system can be considered as safe as a self-managed system. Among these, we will focus on censorship resistance. We also explain the not immediately obvious way in which they relate to issues discussed in the two latter chapters. Chapter 2 formally defines censorship-resistance and describes the ST E P-archive, an abstract model for a generic class of censorship-resistant storage systems. Within this model, we expose an asymmetry in hardness between attack algorithms (trying to perform censorship) and defense algorithms (trying to repair censored files). We discuss ideal choices for the many parameters and derive useful mathematical bounds when possible. We also simulate the behaviour of an ideal storage system to obtain experimental evidence of the effect of these parameter choices. We show that this model exhibits several counter-intuitive properties. Chapter 3 deals with the issue of incorrect key generation. Cryptography being an essential component of our proposed secure storage system, we discuss common pitfalls in implemen- tations of popular asymmetric cryptographic algorithms, and evidence of their presence in real-world implementations. Chapter 4 discusses an operational aspect of storage systems, the choice of a block storage unit, and the consequences of lack thereof. In particular, it shows how the size of a ciphertext can act as a side channel and leak information about encrypted contents to an attacker, within the context of large media files distributed through public file sharing systems.