Skip to Main Content
Migrating from server-attached storage to distributed storage brings new vulnerabilities in creating a secure data storage and access facility. Particularly it is a challenge on top of insecure networks or unreliable storage service providers. For example, in applications such as cloud computing where data storage is transparent to the owner. It is even harder to protect the data stored in unreliable hosts. More robust security scheme is desired to prevent adversaries from obtaining sensitive information when the data is in their hands. Meanwhile, the performance gap between the execution speed of security software and the amount of data to be processed is ever widening. A common solution to close the performance gap is through hardware implementation. This paper proposes D-DOG (Data Division and Out-of-order keystream Generation), a novel encryption method to protect data in the distributed storage environments. Aside from verifying the correctness and effectiveness of the D-DOG scheme through theoretical analysis and experimental study, we also preliminarily evaluated its hardware implementation.