Organizer: Stefanie Kettler
Due to advances in cryptanalysis and quantum computing, long-term secure storage of sensitive data cannot rely on current encryption. One approach to achieve long-term secure storage is secret-sharing-based
distributed storage systems, where shares of data are generated and distributed to multiple storage servers. Data confidentiality and integrity are maintained by periodically renewing the shares and verifying the consistency of the shares using commitment schemes.
However, protecting outsourced data in such scenarios remains prohibitively costly and impractical: Share renewal requires an information-theoretically secure channel between any two storage servers and long-term confidential commitment schemes are computationally impractical for large files. In this talk, we present LSTee, a
secret-sharing-based long-term secure distributed storage system that leverages Trusted Execution Environments~(TEEs). Share generation and renewal are performed inside the TEE, which guarantees the correctness of the operations, and thus the consistency of the shares with the original outsourced data. We propose optimized protocols for LSTee where fewer information-theoretically secure channels are required for secret sharing, and commitment schemes are replaced by computationally secure signatures.
We prototype and evaluate LSTee using Intel SGX as the underlying TEE, and show that our solution is significantly more efficient than existing schemes. LSTee is also TEE-agnostic, where migration from one TEE to another is seamlessly achieved while maintaining security.
Giulia Traverso is a senior PhD candidate in cryptography in Prof. Buchmann's CDC group. Her main focus is long-term security. In her free time, she goes to the gym and writes for her blog, Breaking Thirty.