Structural signatures for tree data structures

Kundu, Ashish; Bertino, Elisa

doi:10.14778/1453856.1453876

Cited by 55 publications

(42 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…This threat model has received considerable attention because of applications to DNS security (see [20,25,26,32] for more details). We emphasize that in this model, zero-knowledge is a property of the proofs (as in the context of zero-knowledge sets, lists [12,19] and primary secondary resolver systems [32]) and not of the protocol.…”

Section: Our Contributionsmentioning

confidence: 99%

Efficient Verifiable Range and Closest Point Queries in Zero-Knowledge

Ghosh

Ohrimenko

Tamassia

2016

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

Abstract:We present an efficient method for answering one-dimensional range and closest-point queries in a verifiable and privacy-preserving manner. We consider a model where a data owner outsources a dataset of keyvalue pairs to a server, who answers range and closestpoint queries issued by a client and provides proofs of the answers. The client verifies the correctness of the answers while learning nothing about the dataset besides the answers to the current and previous queries. Our work yields for the first time a zero-knowledge privacy assurance to authenticated range and closest-point queries. Previous work leaked the size of the dataset and used an inefficient proof protocol. Our construction is based on hierarchical identity-based encryption. We prove its security and analyze its efficiency both theoretically and with experiments on synthetic and real data (Enron email and Boston taxi datasets).

show abstract

Section: Our Contributionsmentioning

confidence: 99%

Efficient Verifiable Range and Closest Point Queries in Zero-Knowledge

Ghosh

Ohrimenko

Tamassia

2016

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

show abstract

“…Redactable signatures allow a third party to modify signed data by removing blocks, as introduced by Steinfeld et al in [30] and by Johnson et al in [19]. Other redactable signature schemes emerged since then, e.g., [9,24,1,22]. Second, Kiltz et al introduced append-only signatures [20].…”

Section: Definition 2 (Contingency:) Contingency Describes the Verifmentioning

confidence: 99%

“…However, not even all schemes are private, e.g. for the scheme by Kundu and Bertino [22] attacks on transparency and privacy [7] and one attacking structural integrity [29] have been given.…”

Section: Definition 2 (Contingency:) Contingency Describes the Verifmentioning

confidence: 99%

Contingency Revisited: Secure Construction and Legal Implications of Verifiably Weak Integrity

Pöhls

2013

Trust Management VII

View full text Add to dashboard Cite

Abstract. Digital signatures are by far the most prominent mechanisms to detect violations of integrity. When signing rights are delegated, the integrity protection is gradually weaker as the delegatee's actions are not considered integrity violations. Taken to an extreme, delegating the right to undetectably change everything to everyone will achieve a property called contingency. Contingency was introduced as the "dual of integrity" in 2009 by Rost and Pfitzmann in German [26] and later translated into English in 2011 [4]. Contingency describes the exact opposite of integrity: the provable absence of integrity. Following this line of privacy research, this paper gives the first rigorous definition of contingency and presents a cryptographic protocol build upon a transparent sanitizable signature scheme. Hence, contingency is a verifiable statement that the signer explicitly desired that the integrity status of data is not verifiable. We analyze legal implications and applications of contingent information.

show abstract

“…Wong et al [28] enable mining of association rules on data encrypted with 1-to-n item mapping transformations. Kundu and Bertino [14] devise a technique that provides both integrity and privacy of records organized as trees (e.g., XML data). Our schemes focus only on the integrity of data.…”

Section: Related Workmentioning

confidence: 99%

“…All entries between [ and ] in newVO that correspond to this subtree are inserted into VO. Finally (lines [12][13][14][15][16], if E n is Hit, the matching value or subtree of cachedVO is appended to VO. With the new VO, the client re-computes H D P M and verifies it against the new signature.…”

Section: Query Monitoringmentioning

confidence: 99%

Continuous authentication on relational streams

2009

View full text Add to dashboard Cite

According to the database outsourcing model, a data owner delegates database functionality to a thirdparty service provider, which answers queries received from clients. Authenticated query processing enables the clients to verify the correctness of query results. Despite the abundance of methods for authenticated processing in conventional databases, there is limited work on outsourced data streams. Stream environments pose new challenges such as the need for fast structure updating, support for continuous query processing and authentication, and provision for temporal completeness. Specifically, in addition to the correctness of individual results, the client must be able to verify that there are no missing results in between data updates. This paper presents a comprehensive set of methods covering relational streams. We first describe REF, a technique that achieves correctness and temporal completeness but incurs false transmissions, i.e., the provider has to inform the clients whenever there is a data update, even if their results are not affected. Then, we propose CADS, which minimizes the processing and transmission overhead through an elaborate indexing scheme and a virtual caching mechanism. In addition, we present an analytical study to determine the optimal indexing granularity, and extend CADS for the case that the data distribution changes over time. Finally, we evaluate the effectiveness of our techniques through extensive experiments.

show abstract

Structural signatures for tree data structures

Cited by 55 publications

References 29 publications

Efficient Verifiable Range and Closest Point Queries in Zero-Knowledge

Efficient Verifiable Range and Closest Point Queries in Zero-Knowledge

Contingency Revisited: Secure Construction and Legal Implications of Verifiably Weak Integrity

Continuous authentication on relational streams

Contact Info

Product

Resources

About