Secure Determinant Codes for Distributed Storage Systems

TL;DR

This paper introduces secure determinant codes for distributed storage systems that ensure data confidentiality against eavesdroppers under two different threat models, providing flexible design options for various system parameters.

Contribution

The paper proposes two classes of secure determinant codes that achieve information-theoretic secrecy under Type-I and Type-II constraints in distributed storage systems.

Findings

Proposed secure determinant codes for Type-I and Type-II secrecy.

Achievable secrecy trade-offs for various system parameters.

Codes applicable to a range of storage and repair bandwidth configurations.

Abstract

The information-theoretic secure exact-repair regenerating codes for distributed storage systems (DSSs) with parameters $(n,k=d,d,\ell)$ are studied in this paper. We consider distributed storage systems with $n$ nodes, in which the original data can be recovered from any subset of $k=d$ nodes, and the content of any node can be retrieved from those of any $d$ helper nodes. Moreover, we consider two secrecy constraints, namely, Type-I, where the message remains secure against an eavesdropper with access to the content of any subset of up to $\ell$ nodes, and Type-II, in which the message remains secure against an eavesdropper who can observe the incoming repair data from all possible nodes to a fixed but unknown subset of up to $\ell$ compromised nodes. Two classes of secure determinant codes are proposed for Type-I and Type-II secrecy constraints. Each proposed code can be designed for a range of per-node storage capacity and repair bandwidth for any system parameters. They lead to two achievable secrecy trade-offs, for Type-I and Type-II security.