Scribd Logo
Upload

Welcome to Scribd!

  • Quiz 1 - Sols

    Uploaded by

    hadi
    13 views2 pages
    SecureBox uses Merkle trees to provide integrity and authentication for file storage with proofs of existence or non-existence. When a user adds, edits or deletes a file, the service reconstructs the Merkle tree and shares the updated tree items and digitally signed root with the user. This allows the user to later verify the file has not been tampered with or does not exist using the stored tree state. Sorted Merkle trees also enable proofs of non-membership by providing adjacent leaves to a missing file name.

    Original Description:

    Original Title

    quiz 1 - Sols

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    SecureBox uses Merkle trees to provide integrity and authentication for file storage with proofs of existence or non-existence. When a user adds, edits or deletes a file, the service reconstructs the Merkle tree and shares the updated tree items and digitally signed root with the user. This allows the user to later verify the file has not been tampered with or does not exist using the stored tree state. Sorted Merkle trees also enable proofs of non-membership by providing adjacent leaves to a missing file name.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    13 views2 pages

    Quiz 1 - Sols

    Uploaded by

    hadi
    SecureBox uses Merkle trees to provide integrity and authentication for file storage with proofs of existence or non-existence. When a user adds, edits or deletes a file, the service reconstructs the Merkle tree and shares the updated tree items and digitally signed root with the user. This allows the user to later verify the file has not been tampered with or does not exist using the stored tree state. Sorted Merkle trees also enable proofs of non-membership by providing adjacent leaves to a missing file name.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    School of Electrical Engineering and Computer Science

    National University of Sciences & Technology (NUST)

    Quiz 1

    Subject: Cryptocurrencies & the blockchain Marks : 15


    Course: Time: 15 Minutes
    Instructor: Taha Ali Date: __________

    Name.…………………………. Registration No…………………………


    ___________________________________________________________

    You are designing SecureBox, an authenticated online file storage system. For simplicity, there is only a single
    folder. Users must be able to add, edit, delete, and retrieve files, and to list the folder contents. When a user
    retrieves a file, SecureBox must provide a proof that the file hasn’t been tampered with since its last update.
    If a file with the given name doesn’t exist, the server must report that — again with a proof.

    We want to minimize the size of these proofs, the time complexity of verifying them, and the size of the
    digest that the user must store between operations. (Naturally, to be able to verify proofs, users must at all
    times store some nonzero amount of state derived from the folder contents. Other than this digest the user
    has no memory of the contents of the files she added.)

    Clearly describe the following:

     a design for this system which includes any cryptography components


     a step-by-step workflow for essential processes (add, delete, edit)
     a step-by-step workflow for how user may verify security guarantees

    Solution:

    This can be done using sorted Merkle trees. Encryption is not strictly necessary, as SecureBox is not required to
    provide confidentiality. A normal hash fingerprint provides integrity checks on files in the cloud, but a Merkle
    tree can also be used for the proof-of-non-membership property – which gives a user proof that files with
    given names do not exist on the server. A standard login ID and password pair may be used to authenticate
    the identity of the user to the service.

    The workflow and verification checks are executed as follows:

    1. To add a new file, the user first derives and locally stores a hash fingerprint (digest) of the file that she
    is uploading. The file is then uploaded to the server. The service then constructs a hash tree using the
    individual files saved in the folder as leaf items. The contents of this hash tree are returned to the user,
    along with the root which is digitally signed by the service.
    The user stores these tree items and can use them later to verify that the file is part of the folder and
    that it has not been tampered with.

    2. When a file is deleted or edited, the corresponding hash tree is again reconstructed and the tree items
    are shared with the user, along with the root, which is digitally signed by the service.

    The user again stores these tree items and can later verify that the file has not been tampered with.

    Sorted Merkle trees are used for this purpose. In this case, if a certain file does not exist on the server,
    the service can provide a proof by sharing two consecutive files, which are alphabetically ordered to
    preclude the requested file. The user can check that these files are adjacent leaves in the tree and
    therefore the file she is seeking does not exist on the server.

    Storing the signed root and the tree items are sufficient to authenticate user files and their integrity.

    You might also like