Recently, Halevi et al. (CCS '11) proposed a cryptographic primitive called proofs of ownership (PoW) to enhance security of client-side deduplication in cloud storage. In a proof of ownership scheme, any owner of the same file F can prove to the cloud storage that he/she owns file F in a robust and efficient way, in the bounded leakage setting where a certain amount of efficiently-extractable information about file F is leaked. Following this work, we propose a secure client-side deduplication scheme, with the following advantages:• our scheme protects data confidentiality (and some partial information) against both outside adversaries and honestbut-curious cloud storage server, while Halevi et al. trusts cloud storage server in data confidentiality;• our scheme is proved secure w.r.t. any distribution with sufficient min-entropy, while Halevi et al. (the last and the most practical construction) is particular to a specific type of distribution (a generalization of "block-fixing" distribution) of input files.The cost of our improvements is that we adopt a weaker leakage setting: We allow a bounded amount one-time leakage of a target file before our scheme starts to execute, while Halevi et al. allows a bounded amount multi-time leakage of the target file before and after their scheme starts to execute. To the best of our knowledge, previous works on client-side deduplication prior Halevi et al. do not consider any leakage setting.
Proofs of Retrievability (POR) is a cryptographic formulation for remotely auditing the integrity of files stored in the cloud, without keeping a copy of the original files in local storage. In a POR scheme, a user Alice backups her data file together with some authentication data to a potentially dishonest cloud storage server Bob. Later, Alice can periodically and remotely verify the integrity of her data file using the authentication data, without retrieving back the data file. Besides security, performances in communication, storage overhead and computation are major considerations. Shacham and Waters (Asiacrypt '08) gave a fast scheme with O(sλ) bits communication cost and a factor of 1/s file size expansion where λ is the security parameter. In this paper, we incorporate a recent construction of constant size polynomial commitment scheme (Kate, Zaverucha and Goldberg, Asiacrypt '10) into Shacham and Waters scheme. The resulting scheme requires O(λ) communication bits (particularly, 920 bits if a 160 bits elliptic curve group is used or 3512 bits if a 1024 bits modulo group is used) per verification and a factor of 1/s file size expansion. Experiment results show that our proposed scheme is indeed efficient and practical. Our security proof is based on Strong Diffie-Hellman Assumption.
COVID-19 is a pandemic caused by severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2). Early reported symptoms include fever, cough, and respiratory symptoms. There were few reports of digestive symptoms. However, with COVID-19 spreading worldwide, symptoms such as vomiting, diarrhoea, and abdominal pain have gained increasing attention. Research has found that angiotensin-converting enzyme 2 (ACE2), the SARS-CoV-2 receptor, is strongly expressed in the gastrointestinal tract and liver. Whether theoretically or clinically, many studies have suggested a close connection between COVID-19 and the digestive system. In this review, we summarize the digestive symptoms reported in existing research, discuss the impact of SARS-CoV-2 on the gastrointestinal tract and liver, and determine the possible mechanisms and aetiology, such as cytokine storm. In-depth exploration of the relationship between COVID-19 and the digestive system is urgently needed.
Abstract. We are interested in this problem: a verifier, with a small and reliable storage, wants to periodically check whether a remote server is keeping a large file x. A dishonest server, by adapting the challenges and responses, tries to discard partial information of x and yet evades detection. Besides the security requirements, there are considerations on communication, storage size and computation time. Juels et al.[10] gave a security model for Proof of Retrievability (POR) system. The model imposes a requirement that the original x can be recovered from multiple challenges-responses. Such requirement is not necessary in our problem. Hence, we propose an alternative security model for Remote Integrity Check (RIC). We study a few schemes and analyze their efficiency and security. In particular, we prove the security of a proposed scheme HENC. This scheme can be deployed as a POR system and it also serves as an example of an effective POR system whose "extraction" is not verifiable. We also propose a combination of the RSA-based scheme by Filho et al.[7] and the ECC-based authenticator by Naor et al. [12], which achieves good asymptotic performance. This scheme is not a POR system and seems to be a secure RIC. In-so-far, all schemes that have been proven secure can also be adopted as POR systems. This brings out the question of whether there are fundamental differences between the two models. To highlight the differences, we introduce a notion, trap-door compression, that captures a property on compressibility.
Abstract. A redactable signature scheme for a string of objects supports verification even if multiple substrings are removed from the original string. It is important that the redacted string and its signature do not reveal anything about the content of the removed substrings. Existing schemes completely or partially leak a piece of information: the lengths of the removed substrings. Such length information could be crucial in many applications, especially when the removed substring has low entropy. We propose a scheme that can hide the length. Our scheme consists of two components. The first component H, which is a "collision resistant" hash, maps a string to an unordered set, whereby existing schemes on unordered sets can then be applied. However, a sequence of random numbers has to be explicitly stored and thus it produces a large signature of size at least (mk)-bits where m is the number of objects and k is the size of a key sufficiently large for cryptographic operations. The second component uses RGGM tree, a variant of GGM tree, to generate the pseudo random numbers from a short seed, expected to be of size O(k + tk log m) where t is the number of removed substrings. Unlike GGM tree, the structure of the proposed RGGM tree is random. By an intriguing statistical property of the random tree, the redacted tree does not reveal the lengths of the substrings removed. The hash function H and the RGGM tree can be of independent interests.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.