Composable and Robust Outsourced Storage

Badertscher, Christian; Maurer, Ueli

doi:10.1007/978-3-319-76953-0_19

Cited by 3 publications

(30 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [5], Maurer and Badertscher propose an instantiation in CC of the clientserver setting for non-interactive protocols. They notably introduce the basic Server Memory Resource (SMR for short), where an honest client can read and write data on an outsourced memory owned by a potentially dishonest server.…”

Section: The Interactive Server Memory Resourcementioning

confidence: 99%

“…One of the main differences with SMR is that, in ISMR, the server is now considered as semi-honest (through its interface S), since it has to participate in the interactive protocol when receiving orders from the client. In [5], the client was the only party to take part in the protocol, the role of the server being limited to storing data. In our case, the server agrees to apply a converter which carries out the computations requested by the client.…”

Section: The Interactive Server Memory Resourcementioning

confidence: 99%

“…To build an ISMR with stronger security guarantees, we will use the construction notion of the CC framework, as used in [5]. This notion is illustrated in fig.…”

Section: The Interactive Server Memory Resourcementioning

confidence: 99%

“…In this work, we are concerned with ensuring privacy in remote storage contexts. To do so, we start from the modeling of the client-server setting for noninteractive protocols in Constructive Cryptography (CC) by Badertscher and Maurer [5]. multi-server, information-theoretically secure PIR (IT-PIR) [1,11,6,7,41,16,4,15] and computationally secure PIR (cPIR) [29,10,30,19,38].…”

Section: Introductionmentioning

confidence: 99%

“…Its topdown approach makes it very intuitive and nice to work with. Badertscher and Maurer [5] first used it in the outsourced storage setting to clarify some security models and build protocols in a modular fashion. Jost et al [25] introduced the notion of global event history to the theory and give a first treatment of adaptive security.…”

mentioning

confidence: 99%

See 4 more Smart Citations

Interactivity in Constructive Cryptography : Modeling and Applications to Updatable Encryption and Private Information Retrieval

Levy-dit-Vehel¹,

Roméas²

2022

Preprint

View full text Add to dashboard Cite

In this work, we extend the Constructive Cryptography (CC) framework introduced by Maurer in 2011 so as to handle interactive protocols. We design and construct a so-called Interactive Server Memory Resource (ISMR), that is an augmented version of the basic instantiation of a client-server protocol in CC, namely the Server Memory Resource. We then apply our ISMR construction to two types of interactive cryptographic protocols for remote storage : Updatable Encryption (UE) and Private Information Retrieval (PIR). Concerning UE, our results are a composable version of those protocols, clarifying the security guarantees achieved by any UE scheme. Namely, we give the relevant security notion to consider according to a given leakage context. Letting USMR denote our ISMR adapted to the UE application, we prove that IND-UE-CPA security is sufficient for a secure construction of a confidential USMR that hides the age of ciphertexts; and IND-(ENC+UPD)-CPA security is sufficient for a secure construction of a confidential USMR in case of unrestricted leakage. As a consequence, contrary to what was claimed before, the IND-UE security notion is not always stronger than the IND-(ENC + UPD) one. Another contribution to CC is a method of proof handling asymmetric challenges, namely game pairs of the form (m, c), i.e. (plaintext, ciphertext), where the oracle either answers an encryption of m or an update of c. Those occur for instance when proving IND-UE-CPA security. Concerning PIR, we also give a composable version of PIR protocols, yielding a unique model that unifies different notions of PIR : IT-PIR, C-PIR, one-or multi-server PIR. Using the flexibility of CC, we are also able to model PIR variants, such as SPIR.CC is a composable framework that was introduced by Maurer [33]. Its topdown approach makes it very intuitive and nice to work with. Badertscher and Maurer [5] first used it in the outsourced storage setting to clarify some security models and build protocols in a modular fashion. Jost et al. [25] introduced the notion of global event history to the theory and give a first treatment of adaptive security. This work was then pursued [24] by introducing interval-wise security guarantees in order to find a way to overcome impossibility results such as the commitment problem.We extend this model by introducing and modeling interactivity in CC. We make this possible by proposing new ways of using of so-called converters and simulators. We illustrate the power and the flexibility of our model on two privacy preserving and interactive schemes : Updatable Encryption (UE) and Private Information Retrieval (PIR). We make their modeling possible by introducing a new proof technique. We think that our treatment of interactivity in CC will permit to more easily build and to better understand the security guarantees of interactive protocols.Updatable Encryption. UE allows a client, who outsourced his encrypted data, to make an untrusty server update it. The huge real-life applications of such a functionality explains the recent ...

show abstract

Section: The Interactive Server Memory Resourcementioning

confidence: 99%

Section: The Interactive Server Memory Resourcementioning

confidence: 99%

“…To build an ISMR with stronger security guarantees, we will use the construction notion of the CC framework, as used in [5]. This notion is illustrated in fig.…”

Section: The Interactive Server Memory Resourcementioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

mentioning

confidence: 99%

See 3 more Smart Citations

Interactivity in Constructive Cryptography : Modeling and Applications to Updatable Encryption and Private Information Retrieval

Levy-dit-Vehel¹,

Roméas²

2022

Preprint

View full text Add to dashboard Cite

show abstract

Efficient Proofs of Retrievability Using Expander Codes

Levy-dit-Vehel

Roméas

2022

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Proofs of Retrievability (PoR) protocols ensure that a client can fully retrieve a large outsourced file from an untrusted server. Good PoRs should have low communication complexity, small storage overhead and clear security guarantees. We design a good PoR based on a family of graph codes called expander codes. We use expander codes based on graphs derived from point-line incidence relations of finite affine planes. Høholdt et al. showed that, when using Reed-Solomon codes as inner codes, these codes have good dimension and minimum distance over a relatively small alphabet. Moreover, expander codes possess very efficient unique decoding algorithms. We take advantage of these results to design a PoR scheme that extracts the outsourced file in quasi-linear time and features better concrete parameters than state-of-the-art schemes w.r.t storage overhead and size of the outsourced file.

show abstract

A Framework for the Design of Secure and Efficient Proofs of Retrievability

Levy-dit-Vehel

Roméas

2022

Cryptography, Codes and Cyber Security

View full text Add to dashboard Cite

Proofs of Retrievability (PoR) protocols ensure that a client can fully retrieve a large outsourced file from an untrusted server. Good PoRs should have low communication complexity, small storage overhead and clear security guarantees with tight security bounds. The focus of this work is to design good PoR schemes with simple security proofs. To this end, we propose a framework for the design of secure and efficient PoR schemes that is based on Locally Correctable Codes, and whose security is phrased in the Constructive Cryptography model by Maurer. We give a first instantiation of our framework using the high rate lifted codes introduced by Guo et al. This yields an infinite family of good PoRs. We assert their security by solving a finite geometry problem, giving an explicit formula for the probability of an adversary to fool the client. Moreover, we show that the security of a PoR of Lavauzelle and Levy-dit-Vehel was overestimated and propose new secure parameters for it. Finally, using the local correctability properties of Tanner codes, we get another instantiation of our framework and derive an analogous formula for the success probability of the audit.

show abstract

Composable and Robust Outsourced Storage

Cited by 3 publications

References 18 publications

Interactivity in Constructive Cryptography : Modeling and Applications to Updatable Encryption and Private Information Retrieval

Interactivity in Constructive Cryptography : Modeling and Applications to Updatable Encryption and Private Information Retrieval

Efficient Proofs of Retrievability Using Expander Codes

A Framework for the Design of Secure and Efficient Proofs of Retrievability

Contact Info

Product

Resources

About