-
The Status of Quantum-Based Long-Term Secure Communication over the Internet
Authors:
Matthias Geihs,
Oleg Nikiforov,
Denise Demirel,
Alexander Sauer,
Denis Butin,
Felix Günther,
Gernot Alber,
Thomas Walther,
Johannes Buchmann
Abstract:
Sensitive digital data, such as health information or governmental archives, are often stored for decades or centuries. The processing of such data calls for long-term security. Secure channels on the Internet require robust key establishment methods. Currently used key distribution protocols are either vulnerable to future attacks based on Shor's algorithm, or vulnerable in principle due to their…
▽ More
Sensitive digital data, such as health information or governmental archives, are often stored for decades or centuries. The processing of such data calls for long-term security. Secure channels on the Internet require robust key establishment methods. Currently used key distribution protocols are either vulnerable to future attacks based on Shor's algorithm, or vulnerable in principle due to their reliance on computational problems. Quantum-based key distribution protocols are information-theoretically secure and offer long-term security. However, significant obstacles to their real-world use remain. This paper, which results from a multidisciplinary project involving computer scientists and physicists, systematizes knowledge about obstacles to and strategies for the realization of long-term secure Internet communication from quantum-based key distribution. We discuss performance and security particulars, consider the specific challenges arising from multi-user network settings, and identify key challenges for actual deployment.
△ Less
Submitted 27 November, 2017;
originally announced November 2017.
-
MoPS: A Modular Protection Scheme for Long-Term Storage
Authors:
Christian Weinert,
Denise Demirel,
Martín Vigil,
Matthias Geihs,
Johannes Buchmann
Abstract:
Current trends in technology, such as cloud computing, allow outsourcing the storage, backup, and archiving of data. This provides efficiency and flexibility, but also poses new risks for data security. It in particular became crucial to develop protection schemes that ensure security even in the long-term, i.e. beyond the lifetime of keys, certificates, and cryptographic primitives. However, all…
▽ More
Current trends in technology, such as cloud computing, allow outsourcing the storage, backup, and archiving of data. This provides efficiency and flexibility, but also poses new risks for data security. It in particular became crucial to develop protection schemes that ensure security even in the long-term, i.e. beyond the lifetime of keys, certificates, and cryptographic primitives. However, all current solutions fail to provide optimal performance for different application scenarios. Thus, in this work, we present MoPS, a modular protection scheme to ensure authenticity and integrity for data stored over long periods of time. MoPS does not come with any requirements regarding the storage architecture and can therefore be used together with existing archiving or storage systems. It supports a set of techniques which can be plugged together, combined, and migrated in order to create customized solutions that fulfill the requirements of different application scenarios in the best possible way. As a proof of concept we implemented MoPS and provide performance measurements. Furthermore, our implementation provides additional features, such as guidance for non-expert users and export functionalities for external verifiers.
△ Less
Submitted 7 August, 2017;
originally announced August 2017.
-
Towards a New Paradigm for Privacy and Security in Cloud Services
Authors:
Thomas Loruenser,
Charles Bastos Rodriguez,
Denise Demirel,
Simone Fischer-Huebner,
Thomas Gross,
Thomas Langer,
Mathieu des Noes,
Henrich C. Poehls,
Boris Rozenberg,
Daniel Slamanig
Abstract:
The market for cloud computing can be considered as the major growth area in ICT. However, big companies and public authorities are reluctant to entrust their most sensitive data to external parties for storage and processing. The reason for their hesitation is clear: There exist no satisfactory approaches to adequately protect the data during its lifetime in the cloud. The EU Project Prismacloud…
▽ More
The market for cloud computing can be considered as the major growth area in ICT. However, big companies and public authorities are reluctant to entrust their most sensitive data to external parties for storage and processing. The reason for their hesitation is clear: There exist no satisfactory approaches to adequately protect the data during its lifetime in the cloud. The EU Project Prismacloud (Horizon 2020 programme; duration 2/2015-7/2018) addresses these challenges and yields a portfolio of novel technologies to build security enabled cloud services, guaranteeing the required security with the strongest notion possible, namely by means of cryptography. We present a new approach towards a next generation of security and privacy enabled services to be deployed in only partially trusted cloud infrastructures.
△ Less
Submitted 21 July, 2015; v1 submitted 19 June, 2015;
originally announced June 2015.