Non-Cryptic Answers to Common Cryptography Questions

The SNIA Networking Storage Forum’s Storage Networking Security Webcast Series continues to examine the many different aspects of storage security. At our most recent webcast on applied cryptography, our experts dove into user authentication, data encryption, hashing, blockchain and more. If you missed the live event, you can watch it on-demand. Attendees of the live event had some very interesting questions on this topic and here are answer to them all:

Q. Can hashes be used for storage deduplication?  If so, do the hashes need to be 100% collision-proof to be used for deduplication?

A. Yes, hashes are often used for storage deduplication. It’s preferred that they be collision-proof but it’s not required if the deduplication software does a bit-by-bit comparison of any files that produce the same hash in order to verify if they really are identical or not. If the hash is 100% collision-proof then there is no need to run bit-by-bit comparisons of files that produce the same hash value.

Q. Do cloud or backup service vendors use blockchain proof of space to prove to customers how much storage space is available or has been reserved?   

A. There are some vendors who are using proof of space to map or plot the device. Once the device is plotted you can have a report which provides the summary of storage space available. Since mining is the most popular application today, mining users use this information to report available space for mining pool applications. You can absolutely also use it for enterprise cloud to monitor and demonstrate the amount of available disk space.

Q. If a vendor provides a guarantee of space to a customer using blockchain, does something prevent them from filling up the space before the customer uses that space?

A. Once the disk is plotted there is no way for any other application to use it. If another application uses the guaranteed space, it will be flagged as an error. In fact, it’s a really great way to ensure that no attacks are occurring on the storage area itself. Each block of space is mapped and indexed by the proof of space blockchain so the only way the vendor could do something else with the space is by reformatting the storage devices.

Q. I lost track during the explanation about proofs in blockchain, what are those algorithms used for?

A. Blockchain proofs are generally used to demonstrate that a particular user or vendor has completed some difficult computational work, reserved some storage space, or invested something valuable (a “stake”) in the outcome of a transaction. These proofs can then be used to mine a valuable token, verify the authenticity of a transaction, create a tamper-proof ledger, guarantee availability of storage space, etc. There are two concepts which are normally discussed and create the confusion. One is that Blockchain can use different cryptographic hash algorithms such as SHA-256 (one of the most popular), Whirpool, RIPEMD (RACE Integrity Primitives Evaluation Message Digest), Dagger-Hashimoto and others). Mercle tree is a blockchain construct which allows one to build a chain by using hashes and data blocks. Consensus protocols is protocol for decision making such as Proof of Work, Proof of Space, Proof of Stake and etc. Each consensus protocol is using the distributed ledger to make a record for the block of data transferred. Use of cryptography hashes allows us to create trustless concept with encrypting data which is being transferred from point A to point B. The consensus protocol allows us to keep the record of the data blocks in distributed ledgers. This is a brief answer to the question and if you would like to get additional information please contract olga@myactionspot.com I will be happy to deliver the detailed session to address this topic.

Q. How does encryption work in Storage Replication? Please advise whether this exists?

A. Yes it exists. Encryption can be applied to data at rest and that encrypted data can be replicated, and/or the replication process can encrypt the data temporarily while it’s in transit.

Q. Regarding blockchain: assuming a new transaction (nobody has information yet), is it possible that when sending the broadcast someone modifies part of the data (0.1% for example) and this data continues to travel over the network without being considered corrupted?

A. The first block of data which is building the first blockchain creates the authenticity. If the block and hash just created are originals they will be accepted as originals, recorded in distributed ledger and moved across the chain. BUT if you are attempting to send a block on a blockchain which is already authenticated this block will be not authenticated and discarded once it’s on the chain.

Remember we said this webcast was part of a series? We’ve already had a lot of great experts cover a wide range of storage security topics. You can access all of them at the SNIA Educational Library.

Leave a Reply

Your email address will not be published. Required fields are marked *