Qingji Zheng scite author profile

Abstract-It is common nowadays for data owners to outsource their data to the cloud. Since the cloud cannot be fully trusted, the outsourced data should be encrypted. This however brings a range of problems, such as: How should a data owner grant search capabilities to the data users? How can the authorized data users search over a data owner's outsourced encrypted data? How can the data users be assured that the cloud faithfully executed the search operations on their behalf? Motivated by these questions, we propose a novel cryptographic solution, called verifiable attribute-based keyword search (VABKS). The solution allows a data user, whose credentials satisfy a data owner's access control policy, to (i) search over the data owner's outsourced encrypted data, (ii) outsource the tedious search operations to the cloud, and (iii) verify whether the cloud has faithfully executed the search operations. We formally define the security requirements of VABKS and describe a construction that satisfies them. Performance evaluation shows that the proposed schemes are practical and deployable.

show abstract

Secure and efficient proof of storage with deduplication

Zheng

2012

120

View full text Add to dashboard Cite

Both security and efficiency are crucial to the success of cloud storage. So far, security and efficiency of cloud storage have been separately investigated as follows: On one hand, security notions such as Proof of Data Possession (PDP) and Proof of Retrievability (POR) have been introduced for detecting the tamperation of data stored in the cloud. One the other hand, the notion of Proof of Ownership (POW) has also been proposed to alleviate the cloud server from storing multiple copies of the same data, which could substantially reduce the consumption of both network bandwidth and server storage space. These two aspects are seemingly quite to the opposite of each other. In this paper, we show, somewhat surprisingly, that the two aspects can actually coexist within the same framework. This is possible fundamentally because of the following insight: The public verifiability offered by PDP/POR schemes can be naturally exploited to achieve POW. This "one stone, two birds" phenomenon not only inspired us to propose the novel notion of Proof of Storage with Deduplication (POSD), but also guided us to design a concrete scheme that is provably secure in the Random Oracle model based on the Computational DiffieHellman (CDH) assumption.

show abstract

Fair and dynamic proofs of retrievability

Zheng

2011

119

View full text Add to dashboard Cite

Verifiable Delegated Set Intersection Operations on Outsourced Encrypted Data

Zheng

2015

View full text Add to dashboard Cite

Abstract-We initiate the study of the following problem: Suppose Alice and Bob would like to outsource their encrypted private data sets to the cloud, and they also want to conduct the set intersection operation on their plaintext data sets. The straightforward solution for them is to download their outsourced ciphertexts, decrypt the ciphertexts locally, and then execute a commodity twoparty set intersection protocol. Unfortunately, this solution is not practical. We therefore motivate and introduce the novel notion of Verifiable Delegated Set Intersection on outsourced encrypted data (VDSI). The basic idea is to delegate the set intersection operation to the cloud, while (i) not giving the decryption capability to the cloud, and (ii) being able to hold the misbehaving cloud accountable. We formalize security properties of VDSI and present a construction. In our solution, the computational and communication costs on the users are linear to the size of the intersection set, meaning that the efficiency is optimal up to a constant factor.

show abstract

LIVE: Lightweight Integrity Verification and Content Access Control for Named Data Networking

Zhang

Zheng

et al. 2015

IEEE Trans.Inform.Forensic Secur.

View full text Add to dashboard Cite

Named data networking (NDN) is a new paradigm for the future Internet wherein interest and data packets carry content names rather than the current IP paradigm of source and destination addresses. Security is built into NDN by embedding a public key signature in each data packet to enable verification of authenticity and integrity of the content. However, existing heavyweight signature generation and verification algorithms prevent universal integrity verification among NDN nodes, which may result in content pollution and denial of service attacks. Furthermore, caching and location-independent content access disables the capability of a content provider to control content access, e.g., who can cache a content and which end user or device can access it. We propose a lightweight integrity verification (LIVE) architecture, an extension to the NDN protocol, to address these two issues seamlessly. LIVE enables universal content signature verification in NDN with lightweight signature generation and verification algorithms. Furthermore, it allows a content provider to control content access in NDN nodes by selectively distributing integrity verification tokens to authorized nodes. We evaluate the effectiveness of LIVE with open source CCNx project. Our paper shows that LIVE only incurs average 10% delay in accessing contents. Compared with traditional public key signature schemes, the verification delay is reduced by over 20 times in LIVE.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Qingji Zheng

VABKS: Verifiable attribute-based keyword search over outsourced encrypted data

Secure and efficient proof of storage with deduplication

Fair and dynamic proofs of retrievability

Verifiable Delegated Set Intersection Operations on Outsourced Encrypted Data

LIVE: Lightweight Integrity Verification and Content Access Control for Named Data Networking

Contact Info

Product

Resources

About