Leakage-Free Integrity Assurance for Tree Data Structures

Leakage-Free Integrity Assurance for Tree Data Structures (2009)

Cached

Download Links

[www.cerias.purdue.edu]

by Ashish Kundu , Elisa Bertino

BibTeX

@MISC{Kundu09leakage-freeintegrity,
    author = {Ashish Kundu and Elisa Bertino},
    title = { Leakage-Free Integrity Assurance for Tree Data Structures},
    year = {2009}
}

Bookmark

OpenURL

Abstract

Data sharing with multiple parties over a third-party distribution framework requires that both data integrity and confidentiality be assured. One of the most widely used data organization structures is the tree structure. When such structures encode sensitive information (such as in the XML documents), it is crucial that integrity and confidentiality be assured not only for the content, but also for the structure. Digital signature schemes are commonly used to authenticate the integrity of the data. The most widely used such technique for tree structures is the Merkle hash technique, which however is known to be “not hiding”, thus leading to leakage of information. Most existing techniques for the integrity of hierarchical data structures are based on the Merkle hash technique and thus suffer from the problem of information leakages. We describe the types of leakages and inference attacks that can be carried out on the Merkle hash technique, in the context of integrity assurance. Assurance of integrity and confidentiality (no leakages) of tree-structured data is an important problem in the context of secure data publishing and content distribution systems. In this paper, we propose an integrity assurance scheme for tree data structures, which assures both confidentiality and integrity and is also efficient, especially in third-party distribution environments. Our integrity assurance technique, which we refer to as the “structural integrity assurance scheme”, is based on the structure

Citations

7321	Introduction to Algorithms - Cormen, Leiserson, et al. - 1997
579	Cryptography – Theory and Practice - Stinson - 2006
267	A certified digital signature - Merkle - 1989
231	A design principle for hash functions - Damgård - 1989
182	Aggregate and verifiably encrypted signatures from bilinear maps - Boneh, Gentry, et al. - 2003
83	On Certificate Revocation and Validation - Kocher - 1998
75	The biba one-time signature and broadcast authentication protocol - Perrig - 2001
67	A Data-Oriented (and beyond) Network Architecture - Koponen, Chawla, et al.
53	Flexible authentication of XML documents - Devanbu, Gertz, et al.
51	Minimality attack in privacy preserving data publishing - Chi-Wing, Fu, et al. - 2007
43	Authentic data publication over the internet - Devanbu, Gertz, et al. - 2003
43	Authenticated data structures for graph and geometric searching - Goodrich, Tamassia, et al. - 2003
40	The boundary between privacy and utility in data publishing - Rastogi, Suciu, et al. - 2007
35	Correcting errors without leaking partial information - Dodis, Smith - 2005
34	An efficient dynamic and distributed cryptographic accumulator - Goodrich, Tamassia, et al. - 2002
34	A general model for authenticated data structures - Martel, Nuckolls, et al.
34	Security and inference in multilevel database and knowledge-base systems - Morgenstern - 1987
28	Preventing attribute information leakage in automated trust negotiation - Irwin, Yu - 2005
25	Efficient secure query evaluation over encrypted XML databases - Wang, Lakshmanan - 2006
24	Efficient authenticated dictionaries with skip lists and commutative hashing - Goodrich, Tamassia - 2000
20	Tree Signatures for XML Querying and Navigation - Zezula, Amato, et al. - 2003
13	Ramakrishnan Srikant, and Yirong Xu. Order-preserving encryption for numeric data - Agrawal, Kiernan - 2004
12	Efficient data authentication in an environment of untrusted third-party distributors - Atallah, Cho, et al. - 2008
12	Distributed privacy preserving information sharing - Zhang, Zhao
11	Indexing Information for Data Forensics - Goodrich, Atallah, et al. - 2005
7	Structural Signatures for Tree Data Structures. VLDB - Kundu, Bertino - 2008
5	A.: Derived access control specification for XML - Goel, Clifton, et al. - 2003
3	Knowledge-binding commitments with application to time-stamping - Buldas, Laur - 2007
3	Rangan. An optimal algorithm for reconstructing a binary tree - Kamakoti, Pandu - 1992
3	The Art of Computer Programming, Volume 1. Pearson Education, Third Edition - Knuth
3	A new model for secure dissemination of XML content - Kundu, Bertino - 2008
2	Detecting information leakage in updating XML documents of fine-grained access control - Chatvichienchai, Iwaihara - 2006
2	Efficient parallel algorithms for tree-related problems using the parentheses matching strategy - Das, Min, et al. - 1994
2	Secure dissemination of XML content using structure-based routing - Kundu, Bertino - 2006
1	Authentic third-party data publication - Martel, Stubblebine - 2001