RSA Laboratories


Proving that remotely stored data is encrypted at rest is hard, and in fact proving there is not an unencrypted copy is impossible. However, using a resource bound on the cloud provider (such as storage or computation), Hourglass can prove that files on disk are encrypted. Moreover, the system was designed such that keeping an additional, unencrypted copy, is more costly than only storing the encrypted version, using simple economics to encourage proper handling of a user's data.

Marten van Dijk, Robert Griffin, Ari Juels, Alina Oprea, Ronald L. Rivest, Emil Stefanov and Nikos Triandopoulos. Hourglass Schemes: How to Prove that Cloud Files Are Encrypted. In Proceedings of the 19th ACM Conf. Computer and Communications Security (CCS’12), pages 265-280, 2012.