Storing data in a third party’s cloud system causes serious concern over data confidentiality. General encryption schemes protect data confidentiality, but also limit the functionality of the storage system because a few operations are supported over encrypted data. Constructing a secure storage system that supports multiple functions is challenging when the storage system is distributed and has no central authority. A threshold proxy re-encryption scheme and integrate it with a decentralized erasure code such that a secure distributed storage system is formulated. The distributed storage system not only supports secure and robust data storage and retrieval, but also lets a user forward his data in the storage servers to another user without retrieving the data back. The main technical contribution is that the proxy re-encryption scheme supports encoding operations over encrypted messages as well as forwarding operations over encoded and encrypted messages. Our method fully integrates encrypting, encoding, and forwarding. Analyze and suggest suitable parameters for the number of copies of a message dispatched to storage servers and the number of storage servers queried by a key server.
 A. C. Ltd., “Amazon elastic compute cloud ec2, simple storage service,” Amazon, http://aws.amazon.com/ec2/, http://aws.amazon.com/s32/, April 2011.  Microsoft, “Microsoft, windows azure platform,” 2010. [Online]. Available: http://www.microsoft.com/windowsazure/  M. Armbrust and A. E. Fox, “Above the clouds: A Berkeley view of cloud computing,” EECS Department,University of California, Berkeley, Tech. Rep. UCB/EECS-2009-28, Feb 2009.  N. Santos, K. P. Gummadi, and R. Rodrigues, “Towards trusted cloud computing,” in Proc. USENIX Hot Cloud 2009.  Z. Wilcox-O’Hearn and B. Warner, “Tahoe: The Least-Authority File system,” Proc. Fourth ACM Int’l Workshop Storage Security and Survivability (StorageSS), pp. 21-26, 2008.  H.-Y. Lin and W.-G. Tzeng, “A Secure Decentralized Erasure Code for Distributed Network Storage,” IEEE Trans. Parallel and Distributed Systems, vol. 21, no. 11, pp. 1586-1594, Nov. 2010.  C. Dubnicki, L. Gryz, L. Heldt, M. Kaczmarczyk, W. Kilian, P. Strzelczak, J. Szczepkowski, C. Ungureanu, and M. Welnicki,“Hydrastor: A Scalable Secondary Storage,” Proc. Seventh Conf. File and Storage Technologies (FAST), pp. 197-210, 2009.  C. Ungureanu, B. Atkin, A. Aranya, S. Gokhale, S. Rago, G. Calkowski, C. Dubnicki, and A. Bohra, “Hydrafs: A High- Throughput File System for the Hydrastor Content-Addressable Storage System,” Proc. Eighth USENIX Conf. File and Storage Technologies (FAST), p. 17, 2010.  W. Dong, F. Douglis, K. Li, H. Patterson, S. Reddy, and P. Shilane, “Tradeoffs in Scalable Data Routing for Deduplication Clusters,” Proc. Ninth USENIX Conf. File and Storage Technologies (FAST), p. 2,2011.
Decentralized erasure code, proxy re-encryption, threshold cryptography, secure storage system.