NIPPON TELEGRAPH AND TELEPHONE CORPORATION May 18, 2015
The World's First High-speed Secret Sharing Engine for OpenStack Swift~Developing durable/volumetric effective storage system, reducing risk of information leakage with highest speed~
Nippon Telegraph and Telephone Corporation (NTT; Head office: Chiyoda-ku, Tokyo, Japan; President and CEO: Hiroo Unoura) has developed the world's first high-speed secret sharing engine called "Super High-speed Secret Sharing (SHSS)" applicable for OpenStack Swift , which is an open source object storage software.
It exhibits a large increase in speed over current secret sharing engines and it enables compatible secure storage products to be built with the erasure code framework of OpenStack Swift from the viewpoint of performance, volumetric efficiency, and durability.
In the future, there will be an increasing amount of highly confidential information. This technology is expected to be used in secure storage products corresponding to this growth in confidential data.
The developed technology is being introduced at a panel discussion session of the OpenStack Summit on 18th May, held from 18th to 22nd May in Vancouver.
Solutions for security, data durability, and increasing data volume are more important than ever in IT business market. To achieve both high data durability and decreasing storage volume, "erasure code" technology has recently been applied to distributed storage systems as well as OpenStack Swift. In the erasure code technology, a storage system results in both volumetric efficiency and ensuring high durability by storing encoded data transformed from in-coming original data. This mechanism reduces the storing data volume by half compared with the traditional "replication" strategy.
The SHSS engine was developed as a pluggable engine for the OpenStack Swift erasure code framework, with the expectation of developing a secure distributed storage system.
The SHSS engine enables OpenStack Swift to both split in-coming plain data into secure fragments and reconstruct out-going plain data from the fragments. The reconstruction requires a number of fragments, and attackers obtain no information from fewer fragments. This mechanism decreases the information leakage risk of replacing broken physical drives by hard drive vendors.
Furthermore, SHSS requires no encryption key management, which is the problem in many cases, since secret sharing technology does not need keys for fragmentation and reconstruction.
The SHSS engine is compatible with the OpenStack Swift erasure code feature released at Kilo Integration in April 2015. Therefore, system constructors can build a secure storage system using OpenStack Swift and SHSS with high durability and volumetric efficiency as well as using OpenStack Swift and erasure code.
The main advantage of this technology is the highest speed for fragmentation and reconstruction, which allows OpenStack Swift to quickly store/retrieve files.
Previously, secret sharing processing for fragmentation and reconstruction was much slower than erasure code's encoding and decoding; therefore, it was difficult to apply secret sharing to storage systems. To improve performance, NTT has developed a new high-performance 64-bit processing, which is faster than the 8-bit processing used in previous mechanisms. It increases processing, so that SHSS can fragmentize/reconstruct by about 22 Gbps in the case of 24 fragments total and 20 fragments required for reconstruction. It is 50 times faster than the previous fastest firm's secret sharing engine, AONT-RS secure . Combined with OpenStack Swift, SHSS's fragmentation and reconstruction perform about 10 Gbps, which is as almost the same as the performance of Jerasure , that is, OpenStack Swift's standard erasure code engine.
NTT is now able to construct highly secure and durable storage products due to the development of SHSS and applying it to OpenStack Swift.
This technology is expected to be used in storage systems later this year by our group businesses.
|
distributed by
|
