SiRiUS: Securing Remote Untrusted Storage

By Eu-Jin Goh, Hovav Shacham, Nagendra Modadugu, and Dan Boneh.

In Proceedings of NDSS 2003, pages 131–45. Internet Society, Feb. 2003.


This paper presents SiRiUS, a secure file system designed to be layered over insecure network and P2P file systems such as NFS, CIFS, OceanStore, and Yahoo! Briefcase. SiRiUS assumes the network storage is untrusted and provides its own read-write cryptographic access control for file level sharing. Key management and revocation is simple with minimal out-of-band communication. File system freshness guarantees are supported by SiRiUS using hash tree constructions. SiRiUS contains a novel method of performing file random access in a cryptographic file system without the use of a block server. Extensions to SiRiUS include large scale group sharing using the NNL key revocation construction. Our implementation of SiRiUS performs well relative to the underlying file system despite using cryptographic operations.



@InProceedings{GSMB03, author = {Eu-Jin Goh and Hovav Shacham and Nagendra Modadugu and Dan Boneh}, title = {{SiRiUS}: Securing Remote Untrusted Storage}, booktitle = {Proceedings of NDSS 2003}, editor = {Mahesh Tripunitara}, year = 2003, month = feb, publisher = {Internet Society (ISOC)}, pages = {131-45} }

Navigation: Hovav Shacham // Publications // [GSMB03]