On Consistency of Encrypted Files

  • Alina Oprea
  • Michael K. Reiter
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4167)


In this paper we address the problem of consistency for cryptographic file systems. A cryptographic file system protects the users’ data from the file server, which is possibly untrusted and might exhibit Byzantine behavior, by encrypting the data before sending it to the server. The consistency of the encrypted file objects that implement a cryptographic file system relies on the consistency of the two components used to implement them: the file storage protocol and the key distribution protocol.

We first define two generic classes of consistency conditions that extend and generalize existing consistency conditions. We then formally define consistency for encrypted file objects in a generic way: for any consistency conditions for the key and file objects belonging to one of the two classes of consistency conditions considered, we define a corresponding consistency condition for encrypted file objects. We finally provide, in our main result, necessary and sufficient conditions for the consistency of the key distribution and file storage protocols under which the encrypted storage is consistent. Our framework allows the composition of existing key distribution and file storage protocols to build consistent encrypted file objects and simplifies complex proofs for showing the consistency of encrypted storage.


Consistency Condition Shared Object Partial Order Relation Encrypt File Causal Consistency 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abd-El-Malek, M., Ganger, G.R., Goodson, G.R., Reiter, M.K., Wylie, J.J.: Fault-scalable byzantine fault-tolerant services. In: Proc. 20th ACM Symposium on Operating Systems (SOSP), pp. 59–74. ACM, New York (2005)Google Scholar
  2. 2.
    Adya, A., Bolosky, W.J., Castro, M., Cermak, G., Chaiken, R., Douceur, J.R., Howell, J., Lorch, J.R., Theimer, M., Wattenhofer, R.P.: FARSITE: Federated, available, and reliable storage for an incompletely trusted environment. In: Proc. 5th Symposium on Operating System Design and Implementation (OSDI), Usenix (2002)Google Scholar
  3. 3.
    Ahamad, M., Bazzi, R., John, R., Kohli, P., Neiger, G.: The power of processor consistency. Technical Report GIT-CC-92/34, Georgia Institute of Technology (1992)Google Scholar
  4. 4.
    Ahamad, M., Neiger, G., Burns, J., Kohli, P., Hutto, P.: Causal memory: Definitions, implementation and programming. Distributed Computing 1(9), 37–49 (1995)CrossRefMathSciNetGoogle Scholar
  5. 5.
    Backes, M., Cachin, C., Oprea, A.: Secure key-updating for lazy revocation. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189. Springer, Heidelberg (2006)Google Scholar
  6. 6.
    Bernstein, P., Hadzilacos, V., Goodman, N.: Concurrency Control and Recovery in Database Systems. Addison-Wesley, Reading (1987)Google Scholar
  7. 7.
    Bershad, B., Zekauskas, M., Sawdon, W.: The Midway distributed shared-memory system. In: Proc. IEEE COMPCON Conference, pp. 528–537. IEEE, Los Alamitos (1993)Google Scholar
  8. 8.
    Cachin, C., Poritz, J.A.: Secure intrusion-tolerant replication on the internet. In: Proc. International Conference on Dependable Systems and Networks (DSN), pp. 167–176. IEEE, Los Alamitos (2002)CrossRefGoogle Scholar
  9. 9.
    Castro, M., Liskov, B.: Practical Byzantine fault tolerance. In: Proc. 3rd Symposium on Operating System Design and Implementation (OSDI), pp. 173–186. Usenix (1999)Google Scholar
  10. 10.
    Dubois, M., Scheurich, C., Briggs, F.: Synchronization, coherence and event ordering in multiprocessors. IEEE Computer 21(2), 9–21 (1988)Google Scholar
  11. 11.
    Friedman, R., Vitenberg, R., Chockler, G.: On the composability of consistency conditions. Information Processing Letters 86, 169–176 (2002)CrossRefMathSciNetGoogle Scholar
  12. 12.
    Fu, K.: Group sharing and random access in cryptographic storage file systems. Master’s thesis, Massachusetts Institute of Technology (1999)Google Scholar
  13. 13.
    Gharachorloo, K., Lenoski, D., Laudon, J., Gibbons, P., Gupta, A., Hennessy, J.: Memory consistency and event ordering in scalable shared-memory multiprocessors. In: Proc. 17th Annual International Symposium on Computer Architecture, pp. 15–26 (1990)Google Scholar
  14. 14.
    Goh, E., Shacham, H., Modadugu, N., Boneh, D.: SiRiUS: Securing remote untrusted storage. In: Proc. Network and Distributed Systems Security (NDSS) Symposium 2003, pp. 131–145. ISOC (2003)Google Scholar
  15. 15.
    Goodman, J.: Cache consistency and sequential consistency. Technical Report 61, SCI Committee (1989)Google Scholar
  16. 16.
    Herlihy, M., Wing, J.: Linearizability: A corretness condition for concurrent objects. ACM Transactions on Programming Languages and Systems 12(3), 463–492 (1990)CrossRefGoogle Scholar
  17. 17.
    Kallahalla, M., Riedel, E., Swaminathan, R., Wang, Q., Fu, K.: Plutus: Scalable secure file sharing on untrusted storage. In: Proc. 2nd USENIX Conference on File and Storage Technologies (FAST) (2003)Google Scholar
  18. 18.
    Lakshmanan, S., Ahamad, M., Venkateswaran, H.: A secure and highly available distributed store for meeting diverse data storage needs. In: Proc. International Conference on Dependable Systems and Networks (DSN), pp. 251–260. IEEE, Los Alamitos (2001)CrossRefGoogle Scholar
  19. 19.
    Lamport, L.: How to make a multiprocessor computer that correctly executes multiprocess programs. IEEE Transactions on Computers 28(9), 690–691 (1979)MATHCrossRefGoogle Scholar
  20. 20.
    Lenoski, D., Laudon, J., Gharachorloo, K., Weber, W.D., Gupta, A., Hennessy, J., Horowitz, M., Lam, M.S.: The Stanford Dash multiprocessor. IEEE Computer 25(3), 63–79 (1992)Google Scholar
  21. 21.
    Li, J., Krohn, M., Mazieres, D., Shasha, D.: Secure untrusted data repository. In: Proc. 6th Symposium on Operating System Design and Implementation (OSDI), pp. 121–136. Usenix (2004)Google Scholar
  22. 22.
    Lipton, R., Sandberg, J.: Pram: A scalable shared memory. Technical Report CS-TR-180-88, Princeton University, Department of Computer Science (1988)Google Scholar
  23. 23.
    Mazieres, D., Kaminsky, M., Kaashoek, M., Witchel, E.: Separating key management from file system security. In: Proc. 17th ACM Symposium on Operating Systems (SOSP), pp. 124–139. ACM, New York (1999)Google Scholar
  24. 24.
    Mazieres, D., Shasha, D.: Building secure file systems out of Byzantine storage. In: Proc. 21st ACM Symposium on Principles of Distributed Computing (PODC), pp. 108–117. ACM, New York (2002)Google Scholar
  25. 25.
    Miller, E., Long, D., Freeman, W., Reed, B.: Strong security for distributed file systems. In: Proc. First USENIX Conference on File and Storage Technologies (FAST), pp. 1–13 (2002)Google Scholar
  26. 26.
    Oprea, A., Reiter, M.K.: On consistency of encrypted files. Technical Report CMU-CS-06-113, Carnegie Mellon University (2006), Available from:
  27. 27.
    Riedel, E., Kallahalla, M., Swaminathan, R.: A framework for evaluating storage system security. In: Proc. First USENIX Conference on File and Storage Technologies (FAST), pp. 15–30 (2002)Google Scholar
  28. 28.
    Torres-Rojas, F.J., Ahamad, M., Raynal, M.: Timed consistency for shared distributed objects. In: Proc. 18th ACM Symposium on Principles of Distributed Computing (PODC), pp. 163–172. ACM, New York (1999)Google Scholar
  29. 29.
    Vitenberg, R., Friedman, R.: On the locality of consistency conditions. In: Fich, F.E. (ed.) DISC 2003. LNCS, vol. 2848, pp. 92–105. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  30. 30.
    Yu, H., Vahdat, A.: Design and evaluation of a conit-based continuous consistency model for replicated services. ACM Transactions on Computer Systems 20(3), 239–282 (2002)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Alina Oprea
    • 1
  • Michael K. Reiter
    • 2
  1. 1.Computer Science DepartmentCarnegie Mellon UniversityPittsburghUSA
  2. 2.Electrical & Computer Engineering Department, Computer Science Department, and CyLabCarnegie Mellon UniversityPittsburghUSA

Personalised recommendations