The CROSSING Collaboration Award
The CROSSING Collaboration Award is presented for excellent internal collaborative work and outstanding progress in research collaborations within CROSSING, for which all members of the CRC are eligible. It is awarded annually by the CROSSING directorate. Eligible for the Award is any collaboration between projects, for example joint publications, contributions to CogniCrypt, joint software tools or demonstrators or joint bachelor or master thesis.
Winners of the Collaboration Award get a trophy and certificate, and each collaborator receives funds for conference or workshop participation (travel, accommodation, conference fee), freely selectable by the price winners.
Winner 2019: Safe: A Secure and Efficient Long-Term Distributed Storage System
Due to advances in cryptanalysis and quantum computing, longterm secure storage of sensitive data cannot rely on current encryption, especially when the storage service is hosted by third-party cloud computing providers. One approach to achieve long-term secure storage is secret sharing-based distributed storage systems, where shares of data are generated and distributed to multiple storage servers. Data confidentiality and integrity are maintained by periodically renewing the shares and verifying the consistency of the shares using commitment schemes. However, protecting outsourced data in such scenarios remains prohibitively costly and impractical: Share renewal requires an information-theoretically secure channel between any two storage servers and long-term confidential commitment schemes are computationally impractical for large files.
In this paper, we present Safe, a secret sharing-based long-term secure distributed storage system that leverages a Trusted Execution Environment (TEE). Share generation and renewal are performed inside the TEE and the shares are securely distributed to the storage servers.We propose optimized protocols for Safe where significantly fewer information-theoretically secure channels are required than in state-of-the-art long-term secure storage systems, and computationally binding commitment schemes are replaced by more efficient computationally secure signatures. We prototype Safe protocols using a TEE instantiation, and show their efficiency, even for large files, compared to existing schemes. Safe is TEEagnostic, as it allows seamless migration from one TEE to another while maintaining the same security guarantees.
Link to the Paper
Safe: A Secure and Efficient Long-Term Distributed Storage System (unpublished)