Information Theoretically Secure Distributed Storage with QKD and Password-Authenticated Secret Sharing

Abstract

Distributed storage plays an essential role in realizing robust and secure data storage in a network over long periods of time. Distributed storage systems consist of a data owner machine, multiple storage servers and channels to link them. In those systems, secret sharing (SS) scheme is widely adopted, in which secret data are split into multiple pieces and stored in each server. To reconstruct them, the data owner should gather plural pieces. Shamir's (k, n)-threshold scheme, in which the data are split into n pieces (shares) for storage and at least k pieces of them must be gathered for reconstruction, furnishes information theoretic security, that is, even if attackers could collect shares of less than the threshold k, they cannot get any information about the data, even with unlimited computing power. Behind this scenario, however, assumed is that data transmission and authentication must be perfectly secure, which is not trivial in practice. Here we propose a totally information theoretically secure distributed storage system based on a user-friendly single-password- authenticated SS scheme and secure transmission using quantum key distribution (QKD), and demonstrate it in the Tokyo metropolitan area (less than or equal to 90km). Our system will also be useful for highly secure data relay with a QKD network, greatly relaxing the security assumptions on the key relay nodes as well as enhancing the ability of risk management.