Database Outsourcing with Hierarchical Authenticated Data Structures

Etemad, Mohammad; Küpçü, Alptekin

doi:10.1007/978-3-319-12160-4_23

Cited by 9 publications

(8 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To evaluate our SSE scheme, we implemented a prototype with the two-level efficient HADS construction [36] with Flexlist [41] at both levels of the indices, in C++ using Cashlib library. All experiments were performed on a 2.50 GHz machine with 24 cores (but using a single core), with 16 GB RAM and Ubuntu 12.04 LTS operating system.…”

Section: Discussionmentioning

confidence: 99%

See 1 more Smart Citation

Verifiable dynamic searchable encryption

Etemad¹,

Küpçü²

2019

Turk J Elec Eng & Comp Sci

Self Cite

View full text Add to dashboard Cite

Using regular encryption schemes to protect the privacy of the outsourced data implies that the client should sacrifice functionality for security. Searchable symmetric encryption (SSE) schemes encrypt the data in a way that the client can later search and selectively retrieve the required data. Many SSE schemes have been proposed, starting with static constructions, and then dynamic and adaptively secure constructions but usually in the honest-but-curious model.We propose a verifiable dynamic SSE scheme that is adaptively secure against malicious adversaries. Our scheme supports file modification, which is essential for efficiently working with large files, in addition to the ability to add/delete files. While our main construction is proven secure in the random oracle model (ROM), we also present a solution secure in the standard model with full security proof. Our experiments show that our scheme in the ROM performs a search within a few milliseconds, verifies the result in another few milliseconds, and has a proof overhead of 0.01% only. Our standard model solution, while being asymptotically slower, is still practical, requiring only a small client memory (e.g., ≃ 488 KB) even for a large file collection (e.g., ≃ 10 GB), and necessitates small tokens (e.g., ≃ 156 KB for search and ≃ 362 KB for file operations).the token or the files), and the search pattern, which indicates whether two or more of the tokens were for the same query [1]. A secure SSE scheme leaks nothing more.Previous studies on cloud storage mainly considered efficient integrity verification [11][12][13][14][15][16][17][18]. Our goal in this paper is to achieve integrity and confidentiality simultaneously, while preserving the efficient search functionality in outsourced storage scenarios. We propose a verifiable dynamic SSE scheme that is secure against malicious servers, with the ability to efficiently add/delete/modify (parts of) encrypted files, and with security fully proven via simulation in both the random oracle model and the standard model. Related workThe oblivious RAM (ORAM) [19] supports search on the outsourced data while hiding the access pattern.However, as the usage of ORAM (one block per access) differs from that of the SSE (many blocks per access), it cannot fully prevent access or search pattern leakage in SSE [20]. Early works and definitionsGoh [21] introduced the secure index as an efficient data structure for keyword search. The scheme is secure against chosen-keyword attacks (CKA1). Chang and Mitzenmacher [22] proposed the simulation-based notion of security. Curtmola et al. [1] stated that both CKA1 [21] and simulation-based [22] definitions are not adequate, and gave a stronger definition (CKA2). Dynamic dataThe problem in the dynamic setting is that once an update operation is performed, the server gains extra information related to previous queries. The server can learn whether or not the newly added files contain the keywords that have already been queried for (even though the keyword is encrypted and the server d...

show abstract

Section: Discussionmentioning

confidence: 99%

“…A hierarchical ADS (HADS) consists of multiple levels of ADSs, possibly of different types [14,36,37].…”

Section: Introductionmentioning

confidence: 99%

Verifiable dynamic searchable encryption

Etemad¹,

Küpçü²

2019

Turk J Elec Eng & Comp Sci

Self Cite

View full text Add to dashboard Cite

show abstract

“…There are different types of ADSs: accumulators [8], authenticated skip lists [25], authenticated hash tables [32], Merkle hash trees [30], 2-3 trees [31], and hierarchical combinations [21,22]. The accumulator computes an accumulated value over all data items, and a witness for each item as the membership proof.…”

Section: Brief Contextmentioning

confidence: 99%

Generic Dynamic Data Outsourcing Framework for Integrity Verification

Etemad

Küpçü

2020

ACM Comput. Surv.

Self Cite

View full text Add to dashboard Cite

Ateniese et al. proposed the Provable Data Possession (PDP) model in 2007. Following that, Erway et al. adapted the model for dynamically updatable data and called it the Dynamic Provable Data Possession (DPDP) model. The idea is that a client outsources her files to a cloud server and later challenges the server to obtain a proof of the integrity of her data. Many schemes have later been proposed for this purpose, all following a similar framework. We analyze dynamic data outsourcing schemes for the cloud regarding security and efficiency and show a general framework for constructing such schemes that encompasses existing DPDP-like schemes as different instantiations. This generalization shows that a dynamic outsourced data integrity verification scheme can be constructed given black-box access to an implicitly-ordered authenticated data structure. Moreover, for blockless verification efficiency, a homomorphic verifiable tag scheme is also needed. We investigate the requirements and conditions these building blocks should satisfy, using which one may easily check the applicability of a given building block for dynamic data outsourcing. Our framework serves as a guideline/tutorial/survey and enables us to provide a comparison among different building blocks that existing schemes employ.

show abstract

“…We first draw a circle taking the point q as center and D (P 2 ) as radius, then we get the range query region as shown in Figure 6, denoted as Sr(q). After that, the nodes are visited from root to leaf that enter the shaded Sr(q), and they are {N 1 …”

Section: Knn Query Authenticationmentioning

confidence: 99%

“…Due to the limitations of resources and technology, spatial data owners are often difficult to deal with a large number of query requests [1]. Therefore, the spatial data owners outsource their spatial database to the third party service providers to provide query services.…”

Section: Introductionmentioning

confidence: 99%