The system will be unavailable due to maintenance on Thursday July 19 from 7:00-8:30 am ET.
Towards Optimal Secure Distributed Storage Systems with Exact Repair
Abstract
Distributed storage systems in the presence of a wiretapper are considered. A distributed storage system (DSS) is parameterized by three parameters (𝑛, 𝑘, 𝑑), in which a file stored across n distributed nodes, can be recovered from any 𝑘 out of 𝑛 nodes. This is called as the reconstruction property of a DSS. If a node fails, any 𝑑 out of (𝑛-1) nodes help in the repair of the failed node so that the regeneration property of the DSS is preserved. For such a (𝑛, 𝑘, 𝑑)-DSS, two types of wiretapping scenarios are investigated: (a) Type-I (node) adversary which can wiretap the data stored on any 𝑙< 𝑘 nodes; and a more severe (b) Type-II (repair data) adversary which can wiretap the contents of the repair data that is used to repair a set of l failed nodes over time. The focus of this work is on the practically relevant setting of exact repair regeneration in which the repair process must replace a failed node by its exact replica. We make new progress on several non-trivial instances of this problem which prior to this work have been open. The main contribution of this paper is the optimal characterization of the secure storage-vs-exact-repair-bandwidth tradeoff region of a (𝑛, 𝑘, 𝑑)-DSS, with 𝑛 ≤ 4 and any 𝑙 < 𝑘 in the presence of both Type-I and Type-II adversaries. While the problem remains open for a general (𝑛, 𝑘, 𝑑)-DSS with 𝑛 > 4, we present extensions of these results to a (𝑛, 𝑛-1, 𝑛-1)-DSS, in presence of a Type-II adversary that can observe the repair data of any 𝑙 = (𝑛-2) nodes. The key technical contribution of this work is in developing novel information theoretic converse proofs for the Type-II adversarial scenario. From our results, we show that in the presence of Type-II attacks, the only efficient point in the storage-vs-exact-repair-bandwidth tradeoff is the MBR (minimum bandwidth regenerating) point. This is in sharp contrast to the case of a Type-I attack in which the storage-vs-exactrepair-bandwidth tradeoff allows a spectrum of operating points beyond the MBR point.