Venue | Category |
---|---|
SYSTOR'21 | Data Compression |
Length Preserving Compression - Marrying Encryption with Compression1. SummaryMotivation of this paperLength preserving compression (LPC)Implementation and Evaluation2. Strength (Contributions of the paper)3. Weakness (Limitations of the paper)4. Some Insights (Future work)
Motivation
the integration of data compression capabilities into many storage systems
encrypting data at the host, before data is written to the storage, in order to address regulatory and enterprise requirements
This work focuses on data reduction which is deployed on the storage side
Main problem
combine storage-side
data reduction with end-to-end encryption
this is done by compressing the data before encrypting it
LPC attempts to compress and encrypt a block of data
Goals:
nearly
as compressible as the input wasWrite workflow:
compress a data sector at the host
, encrypt it
, and then pad the encrypted data block to its original block size
handle incompressible data
add two bytes of information to the encrypted compressed sector
Read workflow
Discussion
compression block size: to work with a sector size of 4096 bytes vs. 512 bytes
compression method: can be replaced it with other compression engines
support deduplication: using convergent encryption but storing the IV along with the encrypted data in the metadata
changing the protocol?: the entire premise of LPC is to avoid changes to the protocol between the host and the storage
Security analysis
information leakage
similar data
semantic security within compressibility categories
possible security enhancements
hide the exact compressibility of each sector, by adding a few superfluous bytes to the compressed data before encryption
Implementation
Evaluation
trace:
random read, random write, sequential read, and sequential write
Baseline: LPC vs. regular encryption
Environment: SSD, iSCSI block device, in-memory volume
it points out the issue that how to combine data reduction with end-to-end encryption
Why do not use data reduction (compression) in the host side?
it needs a complex data layout management
requires a stateful mapping between the application's notion of offset and the actual location of the data
compression changes the length of the data
End-to-end encryption
except at the host
, yet they eliminate the opportunities for storage side data reductionDecompress
Trading security for functionality is a common practice
For example, convergent encryption, Order preserving encryption, and CryptoDB
are negated by standard encryption
)