Following in the spirit of data structure and algorithm correctness checking, authenticated data structures provide cryptographic proofs that their answers are as accurate as the author intended, even if the data structure is being maintained by a remote host. We present techniques for authenticating data structures that represent graphs and collection of geometric objects. We use a model where a data structure maintained by a trusted source is mirrored at distributed directories, with the directories answering queries made by users. When a user queries a directory, it receives a cryptographic proof in addition to the answer, where the proof contains statements signed by the source. The user verifies the proof trusting only the statements signed by the source. We show how to efficiently authenticate data structures for fundamental problems on networks, such as path and connectivity queries, and on geometric objects, such as intersection and containment queries.

We show how to use the RSA one-way accumulator to realize an efficient and dynamic authenticated dictionary, where untrusted directories provide cryptographically verifiable answers to membership queries on a set maintained by a trusted source. Our accumulator-based scheme for authenticated dictionaries supports efficient incremental updates of the underlying set by insertions and deletions of elements. Also, the user can optimally verify in constant time the authenticity of the answer provided by a directory with a simple and practical algorithm. This work has applications to certificate management in public key infrastructure and end-to-end integrity of data collections published by third parties on the Internet.

This paper considers the problem of verifying the correctness of geometric structures. In particular, we design simple optimal checkers for convex polytopes in two and higher dimensions, and for various types of planar subdivisions, such as triangulations, Delaunay triangulations, and convex subdivisions. Their performance is analyzed also in terms of the algorithmic degree, which characterizes the arithmetic precision required

We introduce novel techniques for organizing the indexing structures of how data is stored so that alterations from an original version can be detected and the changed values specifically identified. We give forensic constructions for several fundamental data structures, including arrays, linked lists, binary search trees, skip lists, and hash tables. Some of our constructions are based on a new reduced-randomness construction for nonadaptive combinatorial group testing.

In this paper we describe a general technique for checking the integrity of data structures which can be corrupted by memory faults. Our approach is based on a recursive checksum technique. Basic methods of using checksums have been previously seen to be useful for detecting faults at the bit or word level; among our results will be their extension to the node level. The major contributions of our paper are threefold. First, we show how the recursive checksum procedure can be applied to tree data structures that are dynamically changing, whereas the previous work concentrated on trees that were static in their structure. This results in a asymptotic improvement in running time for applications where it is natural to model the underlying data as a tree. Second, we present a C ++ implementation of this scheme. Significantly, it is seen that our software can be used with existing applications which manipulate trees with only minor modification of the application programs. Finally, we ha...

this paper, we consider the problem of detecting errors in the answers given in response to data structure queries. For many programs a substantial fraction of the intricate error-prone code resides in the routines associated with data structure access. In addition, a significant fraction of total program running time is spent executing the code of these routines. Data structures are often used to implement abstract data types (ADTs) and in recent years a number of different ADTs have been shown to be efficiently checkable. Checkers which are also referred to as error monitors in this paper have been developed for priority queues, the union/find data type, and most recently mergeable priority queues and have been shown to require only O(n) time to check a sequence of n operations [5, 21, 23]. These checkers detect any errors in query answers and since each of these checkers is based on an ADT

We report on the use of program checking in the LEDA library of efficient data types and algorithms.

We study query authentication schemes, algorithmic and cryptographic constructions that provide efficient and secure protocols for verifying the results of queries over structured data in untrusted or adversarial data distribution environments. We formally define the problem in a new data query and authentication setting that involves general query types answered in the RAM model of computation, and put forward a new approach for designing secure query authentication schemes that, through the new concept of query certification, aims to authenticate the validity of the answer, rather than the entire process that generates the answer. Our main results state that this new authentication framework achieves generality, namely any query type admits a secure query authentication scheme, and also supports an important type of modularity, namely the authentication of general queries based on the evaluation of relations over the data elements is reduced to the authentication of set-membership queries. Thus, in addition to general possibility results under general assumptions and characterization results using existing cryptographic techniques, we contribute a clear separation between algorithmics and cryptography in data-authentication protocol design, and sufficient conditions for achieving super-efficient answer verification in time asymptotically less than the time needed to answer the query.

Two-Stage Programming (2sp) is an experimental programming language, the first implementation of the Specification-Consistent Coordination Model (SCCM). The SCCM proposes a new, mixed-paradigm (functional/imperative) approach to developing reliable programs based on complete run-time checking of computations with respect to a given specification. A 2sp program consists of a functional specification and an imperative coordination tightly connected to the specification. The coordination maps the specification to an imperative and possibly parallel/distributed program. Normal termination of a 2sp program execution implies the correctness of the computed results with respect to the specification, for that execution. We present the basic features of the SCCM/2sp, a new message-passing system of 2sp with integrated run-time checking, and a larger case study. We show that 2sp provides: functional specifications, specification-consistent imperative coordinations, automatic run-time ...

evaluation of CATS, a toolkit for indexed state storage for network services. CATS is based on a new implementation of a persistent authenticated dictionary, which integrates signed action records and cryptographic state digests into an index. This storage abstraction enables a CATS-based network service to certify its operations: any client with sufficient knowledge of the service semantics can verify that it behaves consistently and correctly. CATS is a fundamental building block for accountable network systems that can detect, isolate, and prove misbehavior or tampering.