A General Model for Authenticated Data Structures

Martel, Charles U.; Nuckolls, Glen; Dévanbu, Prémkumar; Gertz, Michael; Kwong, April; Stubblebine, Stuart G.

doi:10.1007/s00453-003-1076-8

Cited by 159 publications

(144 citation statements)

References 25 publications

(53 reference statements)

Supporting

Mentioning

141

Contrasting

Order By: Relevance

“…Finally, other trust models have been considered. The area of authenticated data structures [61,43,57] aims to provide delegation solutions for data storage, modification, and retrieval. These works additionally study a three-party model, where the owner maintains a large state, and acts as a trusted third party, but delegates his data to an untrusted server that can be queried by weak clients.…”

Section: Related Workmentioning

confidence: 99%

“…Our construction requires the server to perform a linear amount of work to answer one type of queries (update/retrieve), while the other type of queries requires only a constant amount of work. Finally, we note that the work on accumulators [16,49,56] and authenticated data structures [50,43,55,62] can be used to construct verifiable databases with similar efficiency under "non-constant size" assumptions (such as Strong Diffie-Hellman), or under the strong RSA assumption, but requiring generation of random primes to perform certain update operations. We direct the reader to [56] for a good survey of accumulator based data structures.…”

Section: Related Workmentioning

confidence: 99%

“…On a high level, the main technical difficulty stems from the fact that the client must revoke any authenticating data that the server has for the previous value of the updated cell. This issue has been addressed in the line of works on cryptographic accumulators [16,49,56], and, using different techniques, in the authenticated datastructures literature [50,43,55,62].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Verifiable Delegation of Computation over Large Datasets

Benabbas

Gennaro²,

Vahlis

2011

Lecture Notes in Computer Science

268

282

View full text Add to dashboard Cite

We study the problem of computing on large datasets that are stored on an untrusted server. We follow the approach of amortized verifiable computation introduced by Gennaro, Gentry, and Parno in CRYPTO 2010. We present the first practical verifiable computation scheme for high degree polynomial functions. Such functions can be used, for example, to make predictions based on polynomials fitted to a large number of sample points in an experiment. In addition to the many non-cryptographic applications of delegating high degree polynomials, we use our verifiable computation scheme to obtain new solutions for verifiable keyword search, and proofs of retrievability. Our constructions are based on the DDH assumption and its variants, and achieve adaptive security, which was left as an open problem by Gennaro et al (albeit for general functionalities).Our second result is a primitive which we call a verifiable database (VDB). Here, a weak client outsources a large table to an untrusted server, and makes retrieval and update queries. For each query, the server provides a response and a proof that the response was computed correctly. The goal is to minimize the resources required by the client. This is made particularly challenging if the number of update queries is unbounded. We present a VDB scheme based on the hardness of the subgroup membership problem in composite order bilinear groups. This is the first such construction that relies on a "constant-size" assumption, and does not require expensive generation of primes per operation.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Verifiable Delegation of Computation over Large Datasets

Benabbas

Gennaro²,

Vahlis

2011

Lecture Notes in Computer Science

268

282

View full text Add to dashboard Cite

show abstract

“…These are checked in the verification and ensure range completeness. This approach is described in [11]. The additional split values would introduce a significant amount of additional proof overhead and it is not clear that much privacy can be gained over the inclusion of boundary key values.…”

Section: Completeness and Covering Node Adjacencymentioning

confidence: 99%

Verified Query Results from Hybrid Authentication Trees

Nuckolls

2005

Data and Applications Security XIX

Self Cite

View full text Add to dashboard Cite

Abstract. We address the problem of verifying the accuracy of query results provided by an untrusted third party Publisher on behalf of a trusted data Owner. We propose a flexible database verification structure, the Hybrid Authentication Tree (HAT), based on fast cryptographic hashing and careful use of a more expensive one-way accumulator. This eliminates the dependence on tree height of earlier Merkle tree based proposals and improves on the VB tree, a recent proposal to reduce proof sizes, by eliminating a trust assumption and reliance on signatures. An evaluation of the Hybrid Authentication Tree against the VB tree and Authentic Publication showing that a HAT provides the smallest proofs and faster verification than the VB tree. With moderate bandwidth limitations, the HATs low proof overhead reduces transfer time to significantly outweigh the faster verification time of Authentic Publication. A HAT supports two verification modes that can vary per query and per Client to match Client resources and applications. This flexibility allows the HAT to match the best performance of both hash based and accumulator based methods.

show abstract

“…The work of [10] explores the applicability of Merkle Hash Tree-s (MHT-s) as a technique for providing authenticity and integrity in third-party data publication settings. The use of authenticated data structures for providing data integrity in general has been studied extensively in [18].…”

Section: Related Workmentioning

confidence: 99%

Signature Bouquets: Immutability for Aggregated/Condensed Signatures

Mykletun

Narasimha

Tsudik

2004

Computer Security – ESORICS 2004

View full text Add to dashboard Cite

Abstract. Database outsourcing is a popular industry trend which involves organizations delegating their data management needs to an external service provider. Since a service provider is almost never fully trusted, security and privacy of outsourced data are important concerns. This paper focuses on integrity and authenticity issues in outsourced databases. Whenever someone queries a hosted database, the returned results must be demonstrably authentic: the querier needs to establish -in an efficient manner -that both integrity and authenticity (with respect to the actual data owner) are assured. To this end, some recent work [19] examined two relevant signature schemes: a condensed variant of batch RSA [3] and an aggregated signature scheme based on bilinear maps [6] In this paper, we introduce the notion of immutability for aggregated signature schemes. Immutability refers to the difficulty of computing new valid aggregated signatures from a set of other aggregated signatures. This is an important feature, particularly for outsourced databases, since lack thereof enables a frequent querier to eventually amass enough aggregated signatures to answer other (un-posed) queries, thus becoming a de facto service provider. Since prior work does not offer immutability, we propose several practical techniques to achieve it.

show abstract

A General Model for Authenticated Data Structures

Cited by 159 publications

References 25 publications

Verifiable Delegation of Computation over Large Datasets

Verifiable Delegation of Computation over Large Datasets

Verified Query Results from Hybrid Authentication Trees

Signature Bouquets: Immutability for Aggregated/Condensed Signatures

Contact Info

Product

Resources

About