Advancing Multi-cloud Storage Security with Multi-party Threshold Schemes

Share
Table of Contents

Insights from Gilles Seghaier's Keynote at MPTS 2023

The NIST Workshop on Multi-party Threshold Schemes (MPTS) 2023 was a landmark event that brought together experts from around the world to discuss advancements and future directions in cryptographic security. Among the distinguished speakers was Gilles Seghaier, our Chief Product Officer at Astran, whose insights captivated the audience and shed light on the pivotal role of multi-party threshold schemes in enhancing security for multi-cloud storage.

A Focus on Multi-cloud Storage Security

Gilles Seghaier's keynote at MPTS 2023 centered on a compelling use case: multi-cloud storage security. He introduced a multi-party threshold protocol that leverages multiple cloud service providers (CSPs) to offer a robust solution for secure data storage. This innovative approach allows a client to store data by sending it to a proxy, which then splits the data and distributes the shares among a set of CSPs. This method ensures full confidentiality, integrity, and availability without the need for long-term keys.

Combining Advanced Cryptographic Primitives

Seghaier elaborated on the combination of cryptographic primitives used in Astran’s solution, including Secret Sharing Schemes (SSS), All-Or-Nothing Transform (AONT), and additive Homomorphic Encryption (HE). This combination enhances security in several ways:

  • Secret Sharing Schemes (SSS): Ensures that the data can only be reconstructed when a sufficient number of shares are combined.
  • All-Or-Nothing Transform (AONT): A keyless transformation that makes it impossible to recover the original data unless the entirety of its output is known.
  • Homomorphic Encryption (HE): Allows for data to be encrypted in a way that enables computations to be performed on the ciphertext, providing confidentiality against the proxy.

Detailed Mechanism of the Solution

At a high level, the client encrypts its data using AONT and HE before sending it to the proxy. The proxy then fragments the data and distributes the shares over several CSPs using a Threshold SSS. Specifically, the AONT ensures that the data cannot be reconstructed unless all parts are known, providing an additional layer of security. The client homomorphically encrypts the first 256 bits of the AONT output, which the proxy then splits securely using SSS, while the rest of the AONT output is distributed using memory-efficient threshold algorithms like Reed Solomon codes. This approach ensures that no information leaks, even if the proxy or a collusion of CSPs below the threshold are compromised.

Keyless Security and Compliance

One of the standout features of this solution is the removal of the need for long-term keys, thanks to the keyless property of AONT paired with homomorphic secret sharing. This enhances security and makes the solution highly suitable for compliance with regulations like the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR), which require stringent technical measures for data protection.

Astran's Commitment to Innovation

Seghaier also highlighted Astran's broader commitment to innovation in cryptography. By integrating quantum-resistant algorithms and optimizing performance for practical applications, Astran is at the forefront of making advanced cryptographic techniques accessible and effective for a wide range of industries. The company's collaborative efforts with industry leaders, academic institutions, and regulatory bodies further underscore its dedication to pushing the boundaries of cryptographic security.

Future Directions and Challenges

Looking ahead, Seghaier identified several key challenges and opportunities for the future of multi-party threshold schemes. While significant progress has been made, issues related to scalability, interoperability, and standardization still need to be addressed. Seghaier called for continued research and development to overcome these hurdles and ensure the widespread adoption of these advanced cryptographic solutions.

Conclusion

Gilles Seghaier's keynote at MPTS 2023 was a compelling reminder of the vital role that multi-party threshold schemes play in modern cybersecurity. His presentation on multi-cloud storage security, backed by Astran's innovative approaches and commitment to collaboration, provided valuable insights for all attendees. As we navigate the complexities of an increasingly digital world, the advancements discussed at MPTS 2023, driven by thought leaders like Seghaier, will be instrumental in shaping a more secure future.

Watch the replay here: https://csrc.nist.gov/presentations/2023/mpts2023-day3-talk-aont

Return to Resources ->