Scalable Secure Storage when Half the System Is Faulty

  • Noga Alon
  • Haim Kaplan
  • Michael Krivelevich
  • Dahlia Malkhi
  • Julien Stern
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1853)


In this paper, we provide a method to safely store a document in perhaps the most challenging settings, a highly decentralized replicated storage system where up to half of the storage servers may incur arbitrary failures, including alterations to data stored in them.

Using an error correcting code (ECC), e.g., a Reed-Solomon code, one can take n pieces of a document, replace each piece with another piece of size larger by a factor of \( \frac{n} {{n - 2t}} \) such that it is possible to recover the original set even when up to t of the larger pieces are altered. For t close to n/2 the space overhead of this scheme is close to n, and an ECC such as the Reed-Solomon code degenerates to a trivial replication code.

We show a technique to reduce this large space overhead for high values of t. Our scheme blows up each piece by a factor slightly larger than two using an erasure code which makes it possible to recover the original set using n/2 - O(n/d) of the pieces, where d ≈ 80 is a fixed constant. Then we attach to each piece O(d log n/ log d) additional bits to make it possible to identify a large enough set of unmodified pieces, with negligible error probability, assuming that at least half the pieces are unmodified, and with low complexity. For values of t close to n/2 we achieve a large asymptotic space reduction over the best possible space blowup of any ECC in deterministic setting. Our approach makes use of a d-regular expander graph to compute the bits required for the identification of n/2 - O(n/d) good pieces.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. AE90.
    D. Agrawal and A. El Abbadi. Integrating security with fault-tolerant distributed databases. Computer Journal 33(1):71–78, February 1990.Google Scholar
  2. A86.
    N. Alon. Eigenvalues, geometric expanders, sorting in rounds, and Ramsey theory. Combinatorica 6(3):207–219, 1986.MATHCrossRefMathSciNetGoogle Scholar
  3. AFWZ95.
    N. Alon, U. Feige, A. Wigderson and D. Zuckerman. Derandomized graph products. Computational Complexity 5:60–75, 1995.MATHCrossRefMathSciNetGoogle Scholar
  4. AL96.
    N. Alon and M. Luby. A linear time erasure-resilient code with nearly optimal recovery. IEEE Transactions on Information Theory 42:1732–1736, 1996.MATHCrossRefMathSciNetGoogle Scholar
  5. ASE92.
    N. Alon, J. Spencer and P. Erdos. The Probabilistic Method. John Wiley & Sons, Inc. 1992.Google Scholar
  6. And96.
    R. J. Anderson. The Eternity Service. In Proceedings of Pragocrypt’ 96, 1996.Google Scholar
  7. Bollobas85.
    B. Bollobás. Random Graphs, Academic Press, London, 1985.MATHGoogle Scholar
  8. CL99.
    M. Castro and B. Liskov. Practical Byzantine fault tolerance. In the Proceedings of the Third Symposium on Operating Systems Design and Implementation, New Orleans, USA, February 1999.Google Scholar
  9. GGJ97.
    J. Garay, R. Gennaro, C. Jutla and T. Rabin. Secure distributed storage and retrieval. In M. Mavronicolas and P. Tsigas, editors, 11th Internation Workshop on Distributed Algorithms, WDAG’ 97, pages 275–289, Berlin, 1997. (LNCS 1109).Google Scholar
  10. GRS95.
    O. Goldreich, R. Rubinfeld, and M. Sudan. Learning polynomials with queries: The highly noisy case. In Proc. 36th IEEE Symp. on Foundations of Comp. Science, pages 294–303. IEEE, 1995.Google Scholar
  11. GS99.
    V. Guruswami and M. Sudan. Improved decoding of Reed-Solomon and algebraic-geometric codes. IEEE Transactions on Information Theory, 45(6):1757–1767, September 1999.Google Scholar
  12. HT88.
    M. P. Herlihy and J. D. Tygar. How to make replicated data secure. In Advances in Cryptology-CRYPTO’ 87 Proceedings (Lecture Notes in Computer Science 293), pages 379–391, Springer-Verlag, 1988.Google Scholar
  13. Kra93.
    H. Krawczyk. Distributed fingerprints and secure information dispersal. In Proceedings of the 12th ACM Symposium on Principles of Distributed Computing, pages 207–218, 1993.Google Scholar
  14. Lam79.
    L. Lamport. How to make a multiprocessor computer that correctly executes multiprocessor programs. IEEE Transactions on Computers, C-28(9):690–691, 1979.CrossRefGoogle Scholar
  15. LPS86.
    A. Lubotzky, R. Phillips and P. Sarnak. Explicit expanders and the Ramanujan conjectures. In Proceedings of the 18th ACM Symposium on the Theory of Computing, pages 240–246, New York, 1986.Google Scholar
  16. LMS+97.
    M. G. Luby, M. Mitzenmacher, M. A. Shokrollahi, D. A. Spielman and V. Stemann. Practical loss-resilient codes. In Proceedings of the 29th Symposium on Theory of Computing, May 1997.Google Scholar
  17. MR99.
    D. Malkhi and M. K. Reiter. An architecture for survivable coordination in large scale distributed systems. IEEE Transactions on Knowledge and Data Engineering, 12(2), 2000.Google Scholar
  18. MK98.
    D. Maziéres and M. F. Kaashoek. Escaping the evils of centralized control with self-certifying pathnames. In the Proceedings of the 8th ACM SIGOPS European workshop: Support for composing distributed applications, Sintra, Portugal, September 1998.Google Scholar
  19. Rab89.
    M. O. Rabin. Efficient dispersal of information for security, load balancing and fault tolerance. Journal of the ACM, 36(2):335–348, 1989.MATHCrossRefMathSciNetGoogle Scholar
  20. RR00.
    R. M. Roth and G. Ruckenstern. Efficient decoding of Reed-Solomon codes beyond half the minimum distance. IEEE Transactions on Information Theory, to appear.Google Scholar
  21. Sch90.
    F. B. Schneider. Implementing fault-tolerant services using the state machine approach: A tutorial. ACM Computing Surveys 22(4):299–319, December 1990.Google Scholar
  22. SHA1.
    FIPS 180-1. Secure Hash Standard. NIST. Us Dept. of Commerce, 1995.Google Scholar
  23. Su97.
    M. Sudan. Decoding of Reed-Solomon codes beyond the error-correction bound. Journal of Complexity, 13(1):180–193, 1997.MATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2000

Authors and Affiliations

  • Noga Alon
    • 1
  • Haim Kaplan
    • 1
  • Michael Krivelevich
    • 1
  • Dahlia Malkhi
    • 2
  • Julien Stern
    • 3
  1. 1.School of Mathematical SciencesTel Aviv UniversityIsrael
  2. 2.School of Computer Science and EngineeringThe Hebrew University of JerusalemIsrael
  3. 3.Laboratoire de Recherche en InformatiqueCNRS - Universite de Paris SudFrance

Personalised recommendations