Authenticating Cloud Storage with Distributed Keys

Library Content Type:
Publish Date: 
Monday, September 19, 2011
Event Name: 
Focus Areas:

Cloud storage is different from traditional systems. Typically the storage provider is not fully trusted. Passwords are often reused, easy to crack, difficult to remember, and depend on availability of the authentication service. Private keys offer a more resilient and secure method, but migrating, using and maintaining such keys is burdensome. A new technique will be discussed which combines the best of both words: the ease of use of passwords with the security properties of keys. Using this method in cloud storage systems user experience, security, and robustness can be greatly improved.

Learning Objectives

Unsuitability of usernames and passwords
Difficulties in using certificates and keys
A new technique: Distributed authentication keys