Secure Erasure Codes With Partial Decodability (1410.3214v1)

Abstract: The MDS property (aka the $k$-out-of-$n$ property) requires that if a file is split into several symbols and subsequently encoded into $n$ coded symbols, each being stored in one storage node of a distributed storage system (DSS), then an user can recover the file by accessing any $k$ nodes. We study the so-called $p$-decodable $\mu$-secure erasure coding scheme $(1 \leq p \leq k - \mu, 0 \leq \mu < k, p | (k-\mu))$, which satisfies the MDS property and the following additional properties: (P1) strongly secure up to a threshold: an adversary which eavesdrops at most $\mu$ storage nodes gains no information (in Shannon's sense) about the stored file, (P2) partially decodable: a legitimate user can recover a subset of $p$ file symbols by accessing some $\mu + p$ storage nodes. The scheme is perfectly $p$-decodable $\mu$-secure if it satisfies the following additional property: (P3) weakly secure up to a threshold: an adversary which eavesdrops more than $\mu$ but less than $\mu+p$ storage nodes cannot reconstruct any part of the file. Most of the related work in the literature only focused on the case $p = k - \mu$. In other words, no partial decodability is provided: an user cannot retrieve any part of the file by accessing less than $k$ nodes. We provide an explicit construction of $p$-decodable $\mu$-secure coding schemes over small fields for all $\mu$ and $p$. That construction also produces perfectly $p$-decodable $\mu$-secure schemes over small fields when $p = 1$ (for every $\mu$), and when $\mu = 0, 1$ (for every $p$). We establish that perfect schemes exist over \emph{sufficiently large} fields for almost all $\mu$ and $p$.