Abstract
In this paper, we provide a method to safely store a document in perhaps the most challenging settings, a highly decentralized replicated storage system where up to half of the storage servers may incur arbitrary failures, including alterations to data stored in them.
Using an error correcting code (ECC), e.g., a Reed-Solomon code, one can take n pieces of a document, replace each piece with another piece of size larger by a factor of \( \frac{n} {{n - 2t}} \) such that it is possible to recover the original set even when up to t of the larger pieces are altered. For t close to n/2 the space overhead of this scheme is close to n, and an ECC such as the Reed-Solomon code degenerates to a trivial replication code.
We show a technique to reduce this large space overhead for high values of t. Our scheme blows up each piece by a factor slightly larger than two using an erasure code which makes it possible to recover the original set using n/2 - O(n/d) of the pieces, where d ≈ 80 is a fixed constant. Then we attach to each piece O(d log n/ log d) additional bits to make it possible to identify a large enough set of unmodified pieces, with negligible error probability, assuming that at least half the pieces are unmodified, and with low complexity. For values of t close to n/2 we achieve a large asymptotic space reduction over the best possible space blowup of any ECC in deterministic setting. Our approach makes use of a d-regular expander graph to compute the bits required for the identification of n/2 - O(n/d) good pieces.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
D. Agrawal and A. El Abbadi. Integrating security with fault-tolerant distributed databases. Computer Journal 33(1):71–78, February 1990.
N. Alon. Eigenvalues, geometric expanders, sorting in rounds, and Ramsey theory. Combinatorica 6(3):207–219, 1986.
N. Alon, U. Feige, A. Wigderson and D. Zuckerman. Derandomized graph products. Computational Complexity 5:60–75, 1995.
N. Alon and M. Luby. A linear time erasure-resilient code with nearly optimal recovery. IEEE Transactions on Information Theory 42:1732–1736, 1996.
N. Alon, J. Spencer and P. Erdos. The Probabilistic Method. John Wiley & Sons, Inc. 1992.
R. J. Anderson. The Eternity Service. In Proceedings of Pragocrypt’ 96, 1996.
B. Bollobás. Random Graphs, Academic Press, London, 1985.
M. Castro and B. Liskov. Practical Byzantine fault tolerance. In the Proceedings of the Third Symposium on Operating Systems Design and Implementation, New Orleans, USA, February 1999.
J. Garay, R. Gennaro, C. Jutla and T. Rabin. Secure distributed storage and retrieval. In M. Mavronicolas and P. Tsigas, editors, 11th Internation Workshop on Distributed Algorithms, WDAG’ 97, pages 275–289, Berlin, 1997. (LNCS 1109).
O. Goldreich, R. Rubinfeld, and M. Sudan. Learning polynomials with queries: The highly noisy case. In Proc. 36th IEEE Symp. on Foundations of Comp. Science, pages 294–303. IEEE, 1995.
V. Guruswami and M. Sudan. Improved decoding of Reed-Solomon and algebraic-geometric codes. IEEE Transactions on Information Theory, 45(6):1757–1767, September 1999.
M. P. Herlihy and J. D. Tygar. How to make replicated data secure. In Advances in Cryptology-CRYPTO’ 87 Proceedings (Lecture Notes in Computer Science 293), pages 379–391, Springer-Verlag, 1988.
H. Krawczyk. Distributed fingerprints and secure information dispersal. In Proceedings of the 12th ACM Symposium on Principles of Distributed Computing, pages 207–218, 1993.
L. Lamport. How to make a multiprocessor computer that correctly executes multiprocessor programs. IEEE Transactions on Computers, C-28(9):690–691, 1979.
A. Lubotzky, R. Phillips and P. Sarnak. Explicit expanders and the Ramanujan conjectures. In Proceedings of the 18th ACM Symposium on the Theory of Computing, pages 240–246, New York, 1986.
M. G. Luby, M. Mitzenmacher, M. A. Shokrollahi, D. A. Spielman and V. Stemann. Practical loss-resilient codes. In Proceedings of the 29th Symposium on Theory of Computing, May 1997.
D. Malkhi and M. K. Reiter. An architecture for survivable coordination in large scale distributed systems. IEEE Transactions on Knowledge and Data Engineering, 12(2), 2000.
D. Maziéres and M. F. Kaashoek. Escaping the evils of centralized control with self-certifying pathnames. In the Proceedings of the 8th ACM SIGOPS European workshop: Support for composing distributed applications, Sintra, Portugal, September 1998.
M. O. Rabin. Efficient dispersal of information for security, load balancing and fault tolerance. Journal of the ACM, 36(2):335–348, 1989.
R. M. Roth and G. Ruckenstern. Efficient decoding of Reed-Solomon codes beyond half the minimum distance. IEEE Transactions on Information Theory, to appear.
F. B. Schneider. Implementing fault-tolerant services using the state machine approach: A tutorial. ACM Computing Surveys 22(4):299–319, December 1990.
FIPS 180-1. Secure Hash Standard. NIST. Us Dept. of Commerce, 1995.
M. Sudan. Decoding of Reed-Solomon codes beyond the error-correction bound. Journal of Complexity, 13(1):180–193, 1997.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Alon, N., Kaplan, H., Krivelevich, M., Malkhi, D., Stern, J. (2000). Scalable Secure Storage when Half the System Is Faulty. In: Montanari, U., Rolim, J.D.P., Welzl, E. (eds) Automata, Languages and Programming. ICALP 2000. Lecture Notes in Computer Science, vol 1853. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45022-X_49
Download citation
DOI: https://doi.org/10.1007/3-540-45022-X_49
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-67715-4
Online ISBN: 978-3-540-45022-1
eBook Packages: Springer Book Archive