Key Derivation Algorithms for Monotone Access Structures in Cryptographic File Systems

  • Mudhakar Srivatsa
  • Ling Liu
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4189)


Advances in networking technologies have triggered the “storage as a service” (SAS) model. The SAS model allows content providers to leverage hardware and software solutions provided by the storage service providers (SSPs), without having to develop them on their own, thereby freeing them to concentrate on their core business. The SAS model is faced with at least two important security issues: (i) How to maintain the confidentiality and integrity of files stored at the SSPs? (ii) How to efficiently support flexible access control policies on the file system? The former problem is handled using a cryptographic file system, while the later problem is largely unexplored. In this paper, we propose secure, efficient and scalable key management algorithms to support monotone access structures on large file systems. We use key derivation algorithms to ensure that a user who is authorized to access a file, can efficiently derive the file’s encryption key. However, it is computationally infeasible for a user to guess the encryption keys for those files that she is not authorized to access. We present concrete algorithms to efficiently and scaleably support a discretionary access control model (DAC) and handle dynamic access control updates & revocations. We also present a prototype implementation of our proposal on a distributed file system. A trace driven evaluation of our prototype shows that our algorithms meet the security requirements while incurring a low performance overhead on the file system.


Access Control Content Provider Access Control Policy Application Service Provider Monotone Boolean Function 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    SPEC SFS (system file server) benchmark,
  2. 2.
    Adya, A., Bolosky, W., Castro, M., Cermak, G., Chaiken, R., Douceur, J.R., Howell, J., Lorch, J.R., Theimer, M., Wattenhofer, R.P.: Farsite: Federated, available and reliable storage for an incompletely trusted environment. In: Proceedings of the 5th International Symposium on OSDI (2002)Google Scholar
  3. 3.
    Benaloh, J.C., Leichter, J.: Generalized secret sharing and monotone functions. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 27–35. Springer, Heidelberg (1990)Google Scholar
  4. 4.
    Blaze, M.: A cryptographic file system for unix. In: Proceedings of ACM CCS (1993)Google Scholar
  5. 5.
    Canetti, R., Garay, J., Itkis, G., Micciancio, D.: Multicast security: A taxonomy and some efficient constructions. In: Proceedings of the IEEE INFOCOM, vol. 2, pp. 708–716 (1999)Google Scholar
  6. 6.
    Canetti, R., Malkin, T.G., Nissim, K.: Efficient communication-storage tradeoffs for multicast encryption. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, p. 459. Springer, Heidelberg (1999)Google Scholar
  7. 7.
    Cattaneo, G., Catuogno, L., Sorbo, A.D., Persiano, P.: The design and implementation of transparent cryptographic file system for unix. In: Proceedings of Annual USENIX Technical Conference (2001)Google Scholar
  8. 8.
    Dabek, F., Kaashoek, M.F., Karger, D., Morris, R., Stoica, I.: Wide-area cooperative storage with CFS. In: Proceedings of the 18th ACM SOSP (October 2001)Google Scholar
  9. 9.
    Dowdeswell, R., Ioannidis, J.: The cryptographic disk driver. In: Proceedings of Annual USENIX Technical Conference (2003)Google Scholar
  10. 10.
    FIPS. Data encryption standard (DES),
  11. 11.
    Hacigumus, H., Iyer, B., Mehrotra, S.: Providing database as a service. In: Proceedings of 18th IEEE ICDE (2002)Google Scholar
  12. 12.
    Harrington, A., Jensen, C.: Cryptographic access control in a distributed file system. In: Proceedings of the 8th ACM SACMAT (2003)Google Scholar
  13. 13.
  14. 14.
    IBM. Application service provider business model,
  15. 15.
  16. 16.
    Krawczyk, H., Bellare, M., Canetti, R.: HMAC: Keyed-hashing for message authentication,
  17. 17.
    Lampson, B.: Protection. In: Proceedings of the 5th Princeton Symposium on Information Sceinces and Systems, pp. 437–443 (1971)Google Scholar
  18. 18.
    Mathpages. Generating monotone boolean functions,
  19. 19.
    McDonald, A.D., Kuhn, M.G.: Stegfs: A steganographic file system for linux. In: Information Hiding, pp. 462–477 (1999)Google Scholar
  20. 20.
    Mittra, S.: Iolus: A framework for scalable secure multicasting. In: Proceedings of ACM SIGCOMM (1997)Google Scholar
  21. 21.
    NIST. AES: Advanced encryption standard,
  22. 22.
    Opyrchal, L., Prakash, A.: Secure distribution of events in content-based publish subscribe system. In: Proceedings of the 10th USENIX Security Symposium (2001)Google Scholar
  23. 23.
    Perrig, A., Song, D., Tygar, J.D.: ELK: A new protocol for efficient large group key distribution. In: Proceedings of IEEE Symposium on Security and Privacy (2001)Google Scholar
  24. 24.
    Roadknight, C., Marshall, I., Vearer, D.: File popularity characterization. In: Proceedings of the 2nd Workshop on Internet Server Performance (1999)Google Scholar
  25. 25.
    Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-based access control models. IEEE Computer 29(2) (1996)Google Scholar
  26. 26.
    Srivatsa, M., Liu, L.: Key derivation algorithms for monotone access structures in large file systems. Technical report, College of Computing, Georgia Tech (2006)Google Scholar
  27. 27.
    Wong, C.K., Gouda, M.G., Lam, S.S.: Secure group communications using key graphs. IEEE/ACM Transactions on Networking 8(1), 16–30 (2000)CrossRefGoogle Scholar
  28. 28.
    Wright, C.P., Martino, M.C., Zadok, E.: Ncryptfs: A secure and convinient cryptographic file system. In: Proceedings of Annual USENIX Technical Conference (2003)Google Scholar
  29. 29.
    Zadok, E., Badulescu, I., Shender, A.: Cryptfs: A stackable vnode level encryption file system. Technical Report CUCS-021-98, Columbia University (1998)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Mudhakar Srivatsa
    • 1
  • Ling Liu
    • 1
  1. 1.College of ComputingGeorgia Institute of Technology 

Personalised recommendations