Skip to Main Content
By combining Byzantine quorum systems (BQS) and secret sharing schemes, this paper presents a secure storage system, S2-BQS, tolerating servers' Byzantine failures. S2-BQS provides information-theoretic security for the stored sensitive data inherited from perfect secret sharing schemes (PSS). Compared to traditional realizations of BQS in storage systems, S2-BQS doesn't replicate data in servers directly. Instead, secret shares obtained from PSS are stored in different servers. To retrieve the correct data from S2-BQS, we design a new verification method for PSS without using any extra information or extra algorithms except reconstructing the secret for several times using PSS. Due to the simplicity of S2-BQS's structure and protocols, the computation and communication overhead on servers are low, making it almost impossible to launch resource-clogging denial-of-service attacks to servers in S2-BQS. We also propose a specialized S2-BQS called S3-BQS in which Shamir's secret sharing scheme is employed. It shows that our approach is flexible and easy to be realized. The system evaluation shows that an S3-BQS with optimized protocols has better computation performance.