On Secure Distributed Data Storage Under Repair Dynamics

TL;DR

This paper investigates the maximum securely storable data in distributed storage systems with node repairs, deriving bounds and providing explicit codes for the bandwidth-limited regime to ensure data secrecy against passive eavesdroppers.

Contribution

It introduces a general upper bound on secrecy capacity under repair dynamics and presents an explicit code construction achieving this bound in the bandwidth-limited regime.

Findings

Derived a tight upper bound on secrecy capacity.

Provided an explicit code construction for the bandwidth-limited regime.

Confirmed the bound's tightness through theoretical analysis.

Abstract

We address the problem of securing distributed storage systems against passive eavesdroppers that can observe a limited number of storage nodes. An important aspect of these systems is node failures over time, which demand a repair mechanism aimed at maintaining a targeted high level of system reliability. If an eavesdropper observes a node that is added to the system to replace a failed node, it will have access to all the data downloaded during repair, which can potentially compromise the entire information in the system. We are interested in determining the secrecy capacity of distributed storage systems under repair dynamics, i.e., the maximum amount of data that can be securely stored and made available to a legitimate user without revealing any information to any eavesdropper. We derive a general upper bound on the secrecy capacity and show that this bound is tight for the bandwidth-limited regime which is of importance in scenarios such as peer-to-peer distributed storage systems. We also provide a simple explicit code construction that achieves the capacity for this regime.