Cloud storage security - Tech conf 2014
-
Upload
telecomvalley -
Category
Data & Analytics
-
view
93 -
download
4
Transcript of Cloud storage security - Tech conf 2014
![Page 1: Cloud storage security - Tech conf 2014](https://reader033.fdocuments.us/reader033/viewer/2022052602/55a1a9431a28ab8b418b457a/html5/thumbnails/1.jpg)
Stockage Cloud:
Confidentialité, Encryption et
Deduplication Deduplication
PUZIO Pasquale
Doctorant CIFRE
SecludIT & EURECOM
![Page 2: Cloud storage security - Tech conf 2014](https://reader033.fdocuments.us/reader033/viewer/2022052602/55a1a9431a28ab8b418b457a/html5/thumbnails/2.jpg)
Stockage Cloud
2
![Page 3: Cloud storage security - Tech conf 2014](https://reader033.fdocuments.us/reader033/viewer/2022052602/55a1a9431a28ab8b418b457a/html5/thumbnails/3.jpg)
3
![Page 4: Cloud storage security - Tech conf 2014](https://reader033.fdocuments.us/reader033/viewer/2022052602/55a1a9431a28ab8b418b457a/html5/thumbnails/4.jpg)
4
![Page 5: Cloud storage security - Tech conf 2014](https://reader033.fdocuments.us/reader033/viewer/2022052602/55a1a9431a28ab8b418b457a/html5/thumbnails/5.jpg)
Confidentialité• Premier menace selon le rapport du CSA (Cloud Security Alliance)
5
![Page 6: Cloud storage security - Tech conf 2014](https://reader033.fdocuments.us/reader033/viewer/2022052602/55a1a9431a28ab8b418b457a/html5/thumbnails/6.jpg)
Encryption
6
![Page 7: Cloud storage security - Tech conf 2014](https://reader033.fdocuments.us/reader033/viewer/2022052602/55a1a9431a28ab8b418b457a/html5/thumbnails/7.jpg)
Encryption
7
![Page 8: Cloud storage security - Tech conf 2014](https://reader033.fdocuments.us/reader033/viewer/2022052602/55a1a9431a28ab8b418b457a/html5/thumbnails/8.jpg)
Deduplication
8
![Page 9: Cloud storage security - Tech conf 2014](https://reader033.fdocuments.us/reader033/viewer/2022052602/55a1a9431a28ab8b418b457a/html5/thumbnails/9.jpg)
Deduplication
...mais ça ne marche pas avec les données chiffrées!
D = Hello World
D = Hello World
ENCRYPTION with K1 ENCRYPTION with K2
owhfgr0wgr[whfrw0[h0[erghe0[gh0[eg
dfjl;dbfrwbfirbfroepthwobgfrugtwertgrtwu
9
![Page 10: Cloud storage security - Tech conf 2014](https://reader033.fdocuments.us/reader033/viewer/2022052602/55a1a9431a28ab8b418b457a/html5/thumbnails/10.jpg)
Convergent Encryption
K = hash(Data)
D = Hello World
D = Hello World
ENCRYPTION with H(D) ENCRYPTION with H(D)
klfgwilegfiorwegtriegtiergieiergriegrigfifiw
klfgwilegfiorwegtriegtiergieiergriegrigfifiw
10
![Page 11: Cloud storage security - Tech conf 2014](https://reader033.fdocuments.us/reader033/viewer/2022052602/55a1a9431a28ab8b418b457a/html5/thumbnails/11.jpg)
Deduplication + Convergent
Encryption
11
![Page 12: Cloud storage security - Tech conf 2014](https://reader033.fdocuments.us/reader033/viewer/2022052602/55a1a9431a28ab8b418b457a/html5/thumbnails/12.jpg)
Risques pour la Confidentialité
• Offline brute-force attack
• Confirmation of a file
• Learn the remaining information
12
![Page 13: Cloud storage security - Tech conf 2014](https://reader033.fdocuments.us/reader033/viewer/2022052602/55a1a9431a28ab8b418b457a/html5/thumbnails/13.jpg)
Learn the remaining information attack
REMAINING
13
REMAINING
INFORMATION
![Page 14: Cloud storage security - Tech conf 2014](https://reader033.fdocuments.us/reader033/viewer/2022052602/55a1a9431a28ab8b418b457a/html5/thumbnails/14.jpg)
Solution: ClouDedup
14
![Page 15: Cloud storage security - Tech conf 2014](https://reader033.fdocuments.us/reader033/viewer/2022052602/55a1a9431a28ab8b418b457a/html5/thumbnails/15.jpg)
MerciMerciQuestions ?
http://elastic-security.com/
http://secludit.com/
15