ESCUDO-CLOUD offers a novel approach, Mix&Slice, to efficiently enforce access revocation on resources stored at external cloud providers. The basic idea of Mix&Slice is to provide an encrypted representation of the resources that guarantees complete interdependence (mixing) among the bits of the encrypted resource content. In this way, unavailability of even a small portion of the encrypted version of the resource completely prevents the reconstruction of the resource or even of portions of it.
Mix&Slice, as the name hints, is based on the following concepts.
- Mix (figure above): the content of each macro-block (the resource is partitioned into equally sized chunks, called macro-blocks, on which mixing operates) is processed by an iterative application of different encryption rounds together with a carefully designed bit mixing, that ensures, at the end of the process, that every individual bit in the input has had impact on each of the bits in the encrypted output.
- Slice (figure below): the mixed macro-blocks are sliced into fragments so that fragments provide complete coverage of the resource content and each fragment represents a minimal unit of revocation: lack of any single fragment of the resource completely prevents reconstruction of the resource or of portions of it.
Accessing a resource requires availability of all its fragments, and of the key used for encryption. To revoke access from a user, it is then sufficient to re-encrypt one (any one) of the resource fragments with a new key not known to the revoked user.
The innovation brought by ESCUDO-CLOUD in this context is represented by the definition and analysis of a novel approach for efficiently revoking access to resources. The proposed solution simply requires to re-encrypt a small portion of the (potentially large) resource and is resilient against attacks by users locally maintaining copies of fragments or of previously-used keys.