Quantifying the Cost of Privately Storing Data in Distributed Storage Systems

Consider a user who wishes to store a file in multiple servers such that at least t servers are needed to reconstruct the file, and z colluding servers cannot learn any information about the file. Unlike traditional secret-sharing models, where perfectly secure channels are assumed to be available at no cost between the user and each server, we assume that the user can only send data to the servers via a public channel, and that the user and each server share an individual secret key with length n. For a given n, we determine the maximal length of the file that the user can store, and thus quantify the necessary cost to store a file of a certain length, in terms of the length of the secret keys that the user needs to share with the servers. Additionally, for this maximal file length, we determine (i) the optimal amount of local randomness needed at the user, (ii) the optimal amount of public communication from the user to the servers, and (iii) the optimal amount of storage requirement at the servers.