Results 11 - 20
of
105
Key Regression: Enabling Efficient Key Distribution for Secure Distributed Storage
- in Proc. Network and Distributed Systems Security Symposium (NDSS
, 2006
"... The Plutus file system introduced the notion of key rotation as a means to derive a sequence of temporally-related keys from the most recent key. In this paper we show that, despite natural intuition to the contrary, key rotation schemes cannot generically be used to key other cryptographic objects; ..."
Abstract
-
Cited by 25 (4 self)
- Add to MetaCart
(Show Context)
The Plutus file system introduced the notion of key rotation as a means to derive a sequence of temporally-related keys from the most recent key. In this paper we show that, despite natural intuition to the contrary, key rotation schemes cannot generically be used to key other cryptographic objects; in fact, keying an encryption scheme with the output of a key rotation scheme can yield a composite system that is insecure. To address these shortcomings, we introduce a new cryptographic object called a key regression scheme, and we propose three constructions that are provably secure under standard cryptographic assumptions. We implement key regression in a secure file system and empirically show that key regression can significantly reduce the bandwidth requirements of a content publisher under realistic workloads using lazy revocation. Our experiments also serve as the first empirical evaluation of either a key rotation or key
Private query on encrypted data in multi-user settings
- Information Security Practice and Experience, 4th International Conference, ISPEC 2008, volume 4991 of Lecture Notes in Computer Science
, 2008
"... Abstract. Searchable encryption schemes allow users to perform keyword based searches on an encrypted database. Almost all existing such schemes only con-sider the scenario where a single user acts as both the data owner and the querier. However, most databases in practice do not just serve one user ..."
Abstract
-
Cited by 24 (0 self)
- Add to MetaCart
(Show Context)
Abstract. Searchable encryption schemes allow users to perform keyword based searches on an encrypted database. Almost all existing such schemes only con-sider the scenario where a single user acts as both the data owner and the querier. However, most databases in practice do not just serve one user; instead, they support search and write operations by multiple users. In this paper, we system-atically study searchable encryption in a practical multi-user setting. Our results include a set of security notions for multi-user searchable encryption as well as a construction which is provably secure under the newly introduced security no-tions. 1
Silverline: Toward Data Confidentiality in Storage-Intensive Cloud Applications
"... By offering high availability and elastic access to resources, thirdparty cloud infrastructures such as Amazon EC2 are revolutionizing the way today’s businesses operate. Unfortunately, taking advantage of their benefits requires businesses to accept a number of serious risks to data security. Facto ..."
Abstract
-
Cited by 20 (0 self)
- Add to MetaCart
(Show Context)
By offering high availability and elastic access to resources, thirdparty cloud infrastructures such as Amazon EC2 are revolutionizing the way today’s businesses operate. Unfortunately, taking advantage of their benefits requires businesses to accept a number of serious risks to data security. Factors such as software bugs, operator errors and external attacks can all compromise the confidentiality of sensitive application data on external clouds, by making them vulnerable to unauthorized access by malicious parties. In this paper, we study and seek to improve the confidentiality of application data stored on third-party computing clouds. We propose to identify and encrypt all functionally encryptable data, sensitive data that can be encrypted without limiting the functionality of the application on the cloud. Such data would be stored on the cloud only in an encrypted form, accessible only to users
Outsourced symmetric private information retrieval
- In ACM Conference on Computer and Communications Security (CCS ’13
, 2013
"... In the setting of searchable symmetric encryption (SSE), a data owner D outsources a database (or document/file collection) to a remote server E in encrypted form such that D can later search the collection at E while hiding information about the database and queries from E. Leakage to E is to be co ..."
Abstract
-
Cited by 17 (3 self)
- Add to MetaCart
(Show Context)
In the setting of searchable symmetric encryption (SSE), a data owner D outsources a database (or document/file collection) to a remote server E in encrypted form such that D can later search the collection at E while hiding information about the database and queries from E. Leakage to E is to be confined to well-defined forms of data-access and query patterns while preventing disclosure of explicit data and query plaintext values. Recently, Cash et al. presented a protocol, OXT, which can run arbitrary boolean queries in the SSE setting and which is remarkably efficient even for very large databases. In this paper we investigate a richer setting in which the data owner D outsources its data to a server E but D is now interested to allow clients (third parties) to search the database such that clients learn the information D authorizes them to learn but nothing else while E still does not learn about the data or queried values as in the basic SSE setting. Furthermore, motivated by a wide range of applications, we extend this model and requirements to a setting where, similarly to private information retrieval, the client’s queried values need to be hidden also from the data owner D even though the latter still needs to authorize the query. Finally, we consider the scenario in which authorization can be enforced by the data owner D without D learning the policy, a setting that arises in court-issued search warrants. We extend the OXT protocol of Cash et al. to support arbitrary boolean queries in all of the above models while withstanding adversarial non-colluding servers (D and E) and arbitrarily malicious clients, and while preserving the remarkable performance of the protocol. 1
Supporting Publication and Subscription Confidentiality in Pub/Sub Networks
- In SECURECOMM
, 2010
"... Abstract. The publish/subscribe model offers a loosely-coupled communication paradigm where applications interact indirectly and asynchronously. Publisher applications generate events that are sent to interested applications through a network of brokers. Subscriber applications express their interes ..."
Abstract
-
Cited by 15 (0 self)
- Add to MetaCart
(Show Context)
Abstract. The publish/subscribe model offers a loosely-coupled communication paradigm where applications interact indirectly and asynchronously. Publisher applications generate events that are sent to interested applications through a network of brokers. Subscriber applications express their interest by specifying filters that brokers can use for routing the events. Supporting confidentiality of messages being exchanged is still challenging. First of all, it is desirable that any scheme used for protecting the confidentiality of both the events and filters should not require the publishers and subscribers to share secret keys. In fact, such a restriction is against the loose-coupling of the model. Moreover, such a scheme should not restrict the expressiveness of filters and should allow the broker to perform event filtering to route the events to the interested parties. Existing solutions do not fully address these issues. In this paper, we provide a novel scheme that supports (i) confidentiality for events and filters; (ii) filters can express very complex constraints on events even if brokers are not able to access any information on both events and filters; (iii) and finally it does not require publishers and subscribers to share keys. 1
Privacy-preserving multi-keyword text search in the cloud supporting similaritybased ranking
- IN ASIACCS 2013
, 2013
"... With the increasing popularity of cloud computing, huge amount of documents are outsourced to the cloud for re-duced management cost and ease of access. Although en-cryption helps protecting user data confidentiality, it leaves the well-functioning yet practically-efficient secure search functions o ..."
Abstract
-
Cited by 15 (4 self)
- Add to MetaCart
(Show Context)
With the increasing popularity of cloud computing, huge amount of documents are outsourced to the cloud for re-duced management cost and ease of access. Although en-cryption helps protecting user data confidentiality, it leaves the well-functioning yet practically-efficient secure search functions over encrypted data a challenging problem. In this paper, we present a privacy-preserving multi-keyword text search (MTS) scheme with similarity-based ranking to address this problem. To support multi-keyword search and search result ranking, we propose to build the search in-dex based on term frequency and the vector space model with cosine similarity measure to achieve higher search re-sult accuracy. To improve the search efficiency, we propose a tree-based index structure and various adaption methods for multi-dimensional (MD) algorithm so that the practical search efficiency is much better than that of linear search. To further enhance the search privacy, we propose two secure index schemes to meet the stringent privacy requirements under strong threat models, i.e., known ciphertext model and known background model. Finally, we demonstrate the effectiveness and efficiency of the proposed schemes through extensive experimental evaluation.
SafeQ: Secure and efficient query processing in sensor networks
- In Proc. IEEE Int. Conf. on Computer Communications (INFOCOM
, 2010
"... Abstract—The architecture of two-tiered sensor networks, where storage nodes serve as an intermediate tier between sensors and a sink for storing data and processing queries, has been widely adopted because of the benefits of power and storage saving for sensors as well as the efficiency of query pr ..."
Abstract
-
Cited by 14 (5 self)
- Add to MetaCart
(Show Context)
Abstract—The architecture of two-tiered sensor networks, where storage nodes serve as an intermediate tier between sensors and a sink for storing data and processing queries, has been widely adopted because of the benefits of power and storage saving for sensors as well as the efficiency of query processing. However, the importance of storage nodes also makes them attractive to attackers. In this paper, we propose SafeQ, a protocol that prevents attackers from gaining information from both sensor collected data and sink issued queries. SafeQ also allows a sink to detect compromised storage nodes when they misbehave. To preserve privacy, SafeQ uses a novel technique to encode both data and queries such that a storage node can correctly process encoded queries over encoded data without knowing their values. To preserve integrity, we propose a new data structure called neighborhood chains that allows a sink to verify whether the result of a query contains exactly the data items that satisfy the query. In addition, we propose a solution to adapt SafeQ for event-driven sensor networks.
Function-Private Subspace-Membership Encryption and Its Applications
"... Boneh, Raghunathan, and Segev (CRYPTO ’13) have recently put forward the notion of function privacy and applied it to identity-based encryption, motivated by the need for providing predicate privacy in public-key searchable encryption. Intuitively, their notion asks that decryption keys reveal essen ..."
Abstract
-
Cited by 9 (2 self)
- Add to MetaCart
Boneh, Raghunathan, and Segev (CRYPTO ’13) have recently put forward the notion of function privacy and applied it to identity-based encryption, motivated by the need for providing predicate privacy in public-key searchable encryption. Intuitively, their notion asks that decryption keys reveal essentially no information on their corresponding identities, beyond the absolute minimum necessary. While Boneh et al. showed how to construct function-private identity-based encryption (which implies predicate-private encrypted keyword search), searchable encryption typically requires a richer set of predicates. In this paper we significantly extend the function privacy framework. First, we introduce the new notion of subspace-membership encryption, a generalization of inner-product encryption, and formalize a meaningful and realistic notion for capturing its function privacy. Then, we present a generic construction of a function-private subspace-membership encryption scheme based on any inner-product encryption scheme. This is the first generic construction that yields a functionprivate encryption scheme based on a non-function-private one. Finally, we present various applications of function-private subspace-membership encryption.
The Blind Stone Tablet: Outsourcing Durability toUntrusted Parties
"... We introduce a new paradigm for outsourcingthe durability property of a multi-client transactional database to an untrusted service provider. Specifically, we enable untrusted service providers to support transaction serialization, backup and recovery for clients, with full data confidentialityandco ..."
Abstract
-
Cited by 9 (0 self)
- Add to MetaCart
(Show Context)
We introduce a new paradigm for outsourcingthe durability property of a multi-client transactional database to an untrusted service provider. Specifically, we enable untrusted service providers to support transaction serialization, backup and recovery for clients, with full data confidentialityandcorrectness. Moreover,providerslearnnothing about transactions (except their size and timing), thus achievingreadandwrite accesspatternprivacy. We build a proof-of-conceptimplementation of this protocolfortheMySQLdatabasemanagementsystem, achievingtensoftransactionspersecondin atwo-clientscenario with full transaction privacy and guaranteed correctness. Thisshowsthemethodisreadyforproductionuse,creating anovelclassof securedatabaseoutsourcingmodels. 1
RASP: Efficient Multidimensional Range Query on Attack-Resilient Encrypted Databases
"... Range query is one of the most frequently used queries for online data analytics. Providing such a query service could be expensive for the data owner. With the development of services computing and cloud computing, it has become possible to outsource large databases to database service providers an ..."
Abstract
-
Cited by 9 (3 self)
- Add to MetaCart
Range query is one of the most frequently used queries for online data analytics. Providing such a query service could be expensive for the data owner. With the development of services computing and cloud computing, it has become possible to outsource large databases to database service providers and let the providers maintain the range-query service. With outsourced services, the data owner can greatly reduce the cost in maintaining computing infrastructure and data-rich applications. However, the service provider, although honestly processing queries, may be curious about the hosted data and received queries. Most existing encryption based approaches require linear scan over the entire database, which is inappropriate for online data analytics on large databases. While a few encryption solutions are more focused on efficiency side, they are vulnerable to attackers equipped with certain prior knowledge. We propose the Random Space Encryption (RASP) approach that allows efficient range search with stronger attack resilience than existing efficiency-focused approaches. We use RASP to generate indexable auxiliary data that is resilient to prior knowledge enhanced attacks. Range queries are securely transformed to the encrypted data space and then efficiently processed with a two-stage processing algorithm. We thoroughly studied the potential attacks on the encrypted data and queries at three different levels of prior knowledge available to an attacker. Experimental results on synthetic and real datasets show that this encryption approach allows efficient processing of range queries with high resilience to attacks. Categories and Subject Descriptors H.2.0 [Database Management]: General—Security, integrity, and
