Many storage customers are adopting encryption solutions to protect themselves against data leakage or theft. Encryption solutions are already on the market, many of which take the form of encryption solutions that sit in, or near, the application that is the source of critical data. We refer to this deployment strategy as data-source encryption. Placing encryption near the source makes it easy to guarantee that data remains encrypted downstream of the application, enabling the use of untrusted storage,such as public clouds. Unfortunately, data-source encryption encryption also prevents downstream storage systems from applying content-based data management features, such as data deduplication to the data. In this paper, we present Lamassu, an alternative encryption solution that provides strong, data-source encryption, while preserving downstream storage-based data deduplication. Lamassu uses a convergent encryption strategy to provide this service, and,unlike past convergent encryption systems, securely inserts encryption metadata into the data stream, rather than placing it in a dedicated store. This allows us to use existing systems without requiring any modification to either the client application or the storage controller. In this paper we will lay out the architecture and security model used in our prototype system, and provide an analysis of its performance under a variety of circumstances. Our performance analysis will show that our system provides excellent storage efficiency, while achieving I/O throughput on par with similar conventional encryption systems.
- The definitive version of the paper can be found at: https://www.usenix.org/system/files/conference/atc15/atc15-paper-shah.pdf.
- The slides presented at the conference can be found at: https://www.usenix.org/sites/default/files/conference/protected-files/atc15_slides_shah.pdf