Cite this Article

P.Jagadeesan, K. Mohan, V.Naveen, A.Mohammad Farmaanullah, 2025. "Securing Cloud Data Under Key Exposure", International Journal of Emerging Information Technology (IJEIT) 1(1): 32-36.

Keywords

Cryptographic Keys, encryption, Bastion, Information Privacy.

Abstract

Recent revelations of a sophisticated attacker have underscored the vulnerability of data privacy, as they have been able to breach encryption by acquiring cryptographic keys through coercion or exploiting weaknesses in cryptographic software. Once these keys are compromised, the only recourse to safeguard data privacy is to restrict the attacker's access to the ciphertext. This can be achieved by dispersing fragments of the encrypted data across multiple servers in diverse administrative domains, assuming that the attacker cannot compromise all of them. Nevertheless, conventional encryption methods still leave data vulnerable, as an attacker with the encryption key can compromise a single server and gain access to the ciphertext blocks stored within it. In response to this pressing challenge, we introduce Bastion, a pioneering and efficient solution designed to protect data privacy even in the event of key exposure and an attacker's access to all ciphertext fragments. We scrutinize Bastion's security features and assess its performance through a prototype implementation. Additionally, we explore practical insights regarding the integration of Bastion into existing distributed storage systems. Our findings suggest that Bastion is well-suited for integration into current systems, as it incurs less than 5% overhead compared to existing semantically secure encryption modes.

Introduction

In today’s digital Landscape, the adoption of cloud computing has revolutionized the way organizations store and manage data, offering unparalleled scalability, flexibility, and cost-effectiveness. However, with increased reliance on cloud services comes the imperative need to prioritize cloud data security.