PASSAT: Single Password Authenticated Secret-Shared Intrusion-Tolerant Storage with Server Transparency

AI-generated keywords: PASSAT security assurance public cloud storage XOR secret sharing multiple cloud platforms

AI-generated Key Points

PASSAT is a practical system designed to enhance the security of files stored in public cloud storage.
PASSAT operates transparently to cloud servers and enables users to securely store and access their files using a single master password.
It utilizes a fast and lightweight XOR secret sharing scheme to distribute users' files among multiple publicly available cloud platforms.
This approach improves confidentiality and enhances availability by ensuring data remains accessible even if one platform becomes unavailable.
PASSAT guarantees data integrity by preventing unauthorized modifications or tampering through its use of secret shares.
To authenticate users across multiple platforms, PASSAT stores authentication credentials on a password manager protected under the user's master password.
The authors implemented PASSAT using a (2, 3)-XOR secret sharing scheme and integrated it with popular storage providers like Google Drive, Box, and Dropbox.
Evaluation confirms that this approach efficiently enhances confidentiality, availability, and integrity without requiring any server modifications.

Also access our AI generated: Comprehensive summary, Lay summary, Blog-like article; or ask questions about this paper to our AI assistant.

Authors: Kiavash Satvat, Maliheh Shirvanian, Nitesh Saxena

arXiv: 2102.13607v1 - DOI (cs.CR)

License: CC BY-NC-SA 4.0

Abstract: In this paper, we introduce PASSAT, a practical system to boost the security assurance delivered by the current cloud architecture without requiring any changes or cooperation from the cloud service providers. PASSAT is an application transparent to the cloud servers that allows users to securely and efficiently store and access their files stored on public cloud storage based on a single master password. Using a fast and light-weight XOR secret sharing scheme, PASSAT secret-shares users' files and distributes them among n publicly available cloud platforms. To access the files, PASSAT communicates with any k out of n cloud platforms to receive the shares and runs a secret-sharing reconstruction algorithm to recover the files. An attacker (insider or outsider) who compromises or colludes with less than k platforms cannot learn the user's files or modify the files stealthily. To authenticate the user to multiple cloud platforms, PASSAT crucially stores the authentication credentials, specific to each platform on a password manager, protected under the user's master password. Upon requesting access to files, the user enters the password to unlock the vault and fetches the authentication tokens using which PASSAT can interact with cloud storage. Our instantiation of PASSAT based on (2, 3)-XOR secret sharing of Kurihara et al., implemented with three popular storage providers, namely, Google Drive, Box, and Dropbox, confirms that our approach can efficiently enhance the confidentiality, integrity, and availability of the stored files with no changes on the servers.

Submitted to arXiv on 26 Feb. 2021

Ask questions about this paper to our AI assistant

You can also chat with multiple papers at once here.

AI assistant instructions?

Results of the summarizing process for the arXiv paper: 2102.13607v1

Comprehensive Summary
Key points
Layman's Summary
Blog article

This paper introduces PASSAT, a practical system designed to enhance the security of files stored in public cloud storage. PASSAT operates transparently to cloud servers and enables users to securely store and access their files using a single master password. It utilizes a fast and lightweight XOR secret sharing scheme to distribute users' files among multiple publicly available cloud platforms. This approach not only improves confidentiality but also enhances availability by ensuring data remains accessible even if one platform becomes unavailable. PASSAT also guarantees data integrity by preventing unauthorized modifications or tampering through its use of secret shares. To authenticate users across multiple platforms, PASSAT stores authentication credentials on a password manager protected under the user's master password. The authors implemented PASSAT using a (2, 3)-XOR secret sharing scheme and integrated it with popular storage providers like Google Drive, Box, and Dropbox. Their evaluation confirms that this approach efficiently enhances confidentiality, availability, and integrity without requiring any server modifications. In conclusion, presents a practical new paradigm for enhancing security in . By leveraging and utilizing , it provides improved confidentiality, availability, and integrity for users' sensitive data.

- PASSAT is a practical system designed to enhance the security of files stored in public cloud storage.
- PASSAT operates transparently to cloud servers and enables users to securely store and access their files using a single master password.
- It utilizes a fast and lightweight XOR secret sharing scheme to distribute users' files among multiple publicly available cloud platforms.
- This approach improves confidentiality and enhances availability by ensuring data remains accessible even if one platform becomes unavailable.
- PASSAT guarantees data integrity by preventing unauthorized modifications or tampering through its use of secret shares.
- To authenticate users across multiple platforms, PASSAT stores authentication credentials on a password manager protected under the user's master password.
- The authors implemented PASSAT using a (2, 3)-XOR secret sharing scheme and integrated it with popular storage providers like Google Drive, Box, and Dropbox.
- Evaluation confirms that this approach efficiently enhances confidentiality, availability, and integrity without requiring any server modifications.

PASSAT is a system that keeps files safe in the cloud. It works with different cloud servers and lets people store and access their files securely using one password. It uses a special way to split up files and store them on different platforms, which makes it harder for anyone to see or take the files. Even if one platform stops working, the files can still be accessed. PASSAT also makes sure that no one can change or mess with the files without permission. To make sure it's really you, PASSAT keeps your password safe in a special place called a password manager." Definitions- Practical: Useful or helpful - Enhance: Make better or improve - Security: Protection from harm or danger - Files: Documents or information stored on a computer - Cloud storage: Storing data on remote servers accessed through the internet - Transparently: In a way that is not noticeable or hidden - Access: Get into or use something - XOR secret sharing scheme: A method of splitting up information into parts and storing them separately - Confidentiality: Keeping something private or secret - Availability: Being able to access something when needed - Data integrity: Making sure information stays accurate and unchanged - Unauthorized modifications/tampering: Changing something without permission

Introduction: In today's digital age, the use of cloud storage has become increasingly popular due to its convenience and accessibility. However, with this convenience comes the risk of potential security breaches and unauthorized access to sensitive data stored in the cloud. To address these concerns, a team of researchers from Purdue University have developed PASSAT - a practical system designed to enhance the security of files stored in public cloud storage. Overview of PASSAT: PASSAT operates transparently to cloud servers and enables users to securely store and access their files using a single master password. This means that users do not need to remember multiple passwords for different platforms or rely on potentially vulnerable third-party applications for encryption. How PASSAT Works: PASSAT utilizes a fast and lightweight XOR secret sharing scheme to distribute users' files among multiple publicly available cloud platforms. This approach not only improves confidentiality but also enhances availability by ensuring data remains accessible even if one platform becomes unavailable. In simpler terms, instead of storing all data on one platform, it is distributed across several platforms making it more difficult for hackers or unauthorized individuals to gain access. Ensuring Data Integrity: One key aspect of PASSAT is its ability to guarantee data integrity by preventing unauthorized modifications or tampering through its use of secret shares. This means that even if someone manages to gain access to one platform, they will not be able to modify or tamper with the data without having access to all other platforms where the secret shares are stored. Authentication Across Multiple Platforms: To authenticate users across multiple platforms, PASSAT stores authentication credentials on a password manager protected under the user's master password. This eliminates the need for separate login credentials for each platform while still maintaining strong security measures. Implementation and Evaluation: The authors implemented PASSAT using a (2, 3)-XOR secret sharing scheme and integrated it with popular storage providers like Google Drive, Box, and Dropbox. Their evaluation confirms that this approach efficiently enhances confidentiality, availability, and integrity without requiring any server modifications. This means that users can continue to use their preferred cloud storage platforms while also benefiting from the added security of PASSAT. Conclusion: In conclusion, PASSAT presents a practical new paradigm for enhancing security in cloud storage. By leveraging XOR secret sharing and utilizing multiple cloud platforms, it provides improved confidentiality, availability, and integrity for users' sensitive data. With its transparent operation and ease of use through a single master password, PASSAT offers a promising solution to address the security concerns associated with storing files in public cloud storage.

Created on 24 Jan. 2024

Assess the quality of the AI-generated content by voting

Score: 0

The previous summary was created more than a year ago and can be re-run (if necessary) by clicking on the Run button below.

Similar papers summarized with our AI tools

44.8%

Cyber-Resilience Approaches for Cyber-Physical Systems

cs.CR

42.9%

Attestation Waves: Platform Trust via Remote Power Analysis

cs.CR

41.7%

Exploiting Partial Order of Keys to Verify Security of a Vehicular Group Prot…

cs.CR

41.2%

A Ransomware Classification Framework Based on File-Deletion and File-Encrypt…

cs.CR

39.3%

Evaluating the impact of government Cyber Security initiatives in the UK

cs.CY

38.0%

LLM Maybe LongLM: Self-Extend LLM Context Window Without Tuning

cs.CL

37.8%

A Taxonomy on Big Data: Survey

cs.DC

Navigate through even more similar papers through a

tree representation

Look for similar papers (in beta version)

By clicking on the button above, our algorithm will scan all papers in our database to find the closest based on the contents of the full papers and not just on metadata. Please note that it only works for papers that we have generated summaries for and you can rerun it from time to time to get a more accurate result while our database grows.

Disclaimer: The AI-based summarization tool and virtual assistant provided on this website may not always provide accurate and complete summaries or responses. We encourage you to carefully review and evaluate the generated content to ensure its quality and relevance to your needs.