Bloom Filters in Adversarial Environments

Naor, Moni; Yogev, Eylon

doi:10.1007/978-3-662-48000-7_28

Cited by 36 publications

(36 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Similar to [5], we assume that the adversary cannot find a never-before-queried element that is a false positive of the filter with probability greater than ε. Many hash functions satisfy this property, e.g., if the adversary is a polynomial-time algorithm then one-way hash functions are sufficient [29]. Cryptographic hash functions satisfy this property in practice, and it is likely that even simple hash functions (like Murmurhash used in this paper) suffice for most applications.…”

Section: Adaptivitymentioning

confidence: 98%

“…Naor and Yogev [29] study Bloom filters in the context of a repeat-free adaptive adversary that queries elements until it finds a never-before-queried element that has a false-positive probability greater than ε. They show how to protect a filter from repeat-free adaptive adversaries using cryptographically-secure hash functions so that new queries are indistinguishable from uniformly selected queries [29].…”

Section: A3 Additional Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Telescoping Filter: A Practical Adaptive Filter

Lee,

McCauley,

Singh

et al. 2021

Preprint

View full text Add to dashboard Cite

Filters are small, fast, and approximate set membership data structures. They are often used to filter out expensive accesses to a remote set S for negative queries (that is, filtering out queries x / ∈ S). Filters have one-sided errors: on a negative query, a filter may say "present" with a tunable false-positive probability of ε. Correctness is traded for space: filters only use log(1/ε) + O(1) bits per element.The false-positive guarantees of most filters, however, hold only for a single query. In particular, if x is a false positive, a subsequent query to x is a false positive with probability 1, not ε. With this in mind, recent work has introduced the notion of an adaptive filter. A filter is adaptive if each query is a false positive with probability ε, regardless of answers to previous queries. This requires "fixing" false positives as they occur.Adaptive filters not only provide strong false positive guarantees in adversarial environments but also improve query performance on practical workloads by eliminating repeated false positives.Existing work on adaptive filters falls into two categories. On the one hand, there are practical filters, based on the cuckoo filter, that attempt to fix false positives heuristically without meeting the adaptivity guarantee. On the other hand, the broom filter is a very complex adaptive filter that meets the optimal theoretical bounds.In this paper, we bridge this gap by designing the telescoping adaptive filter (TAF), a practical, provably adaptive filter. We provide theoretical false-positive and space guarantees for our filter, along with empirical results where we compare its performance against state-of-the-art filters. We also implement the broom filter and compare it to the TAF . Our experiments show that theoretical adaptivity can lead to improved false-positive performance on practical inputs, and can be achieved while maintaining throughput that is similar to non-adaptive filters.

show abstract

Section: Adaptivitymentioning

confidence: 98%

Section: A3 Additional Related Workmentioning

confidence: 99%

Telescoping Filter: A Practical Adaptive Filter

Lee,

McCauley,

Singh

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

“…Now, if the adversary can distinguish the bit b, she can only try to break the security of the authenticate key encryption scheme ASE. So we can build an algorithm C running A,BF (T , κ) can be found in [3,28,36,37]. Game 0.…”

Section: Proof Of Theorem 42mentioning

confidence: 99%

Group Time-based One-time Passwords and its Application to Efficient Privacy-Preserving Proof of Location

Yang

Jin

Ning

et al. 2021

Annual Computer Security Applications Conference

View full text Add to dashboard Cite

Time-based One-Time Password (TOTP) provides a strong second factor for user authentication. In TOTP, a prover authenticates to a verifier by using the current time and a secret key to generate an authentication token (or password) which is valid for a short time period. Our goal is to extend TOTP to the group setting, and to provide both authentication and privacy. To this end, we introduce a new authentication scheme, called Group TOTP (GTOTP), that allows the prover to prove that it is a member of an authenticated group without revealing its identity. We propose a novel construction that transforms any asymmetric TOTP scheme into a GTOTP scheme. Our approach combines Merkle tree and Bloom filter to reduce the verifier's states to constant sizes.As a promising application of GTOTP, we show that GTOTP can be used to construct an efficient privacy-preserving Proof of Location (PoL) scheme. We utilize a commitment protocol, a privacypreserving location proximity scheme, and our GTOTP scheme to build the PoL scheme, in which GTOTP is used not only for user authentication but also as a tool to glue up other building blocks. In the PoL scheme, with the help of some witnesses, a user can prove its location to a verifier, while ensuring the identity and location privacy of both the prover and witnesses. Our PoL scheme outperforms the alternatives based on group digital signatures. We evaluate our schemes on Raspberry Pi hardware, and demonstrate that they achieve practical performance. In particular, the password generation and verification time are in the order of microseconds

show abstract

“…Will not guess No Futile guess Reasonable guess joins that of Naor and Yogev [27] who studied the ability of an adversary to find a False Positive in a Bloom Filter, i.e., to find an element that does not reside in the set though the Bloom Filter thinks it does. In particular, they considered the advantage of the adversary to find a False-Positive, and in our terms, to upper bound the probability to guess reasonably.…”

Section: Yesmentioning

confidence: 99%

Keep That Card in Mind: Card Guessing with Limited Memory

Menuhin¹,

Naor²

2021

Preprint

Self Cite

View full text Add to dashboard Cite

A card guessing game is played between two players, Guesser and Dealer. At the beginning of the game, the Dealer holds a deck of n cards (labeled 1, ..., n). For n turns, the Dealer draws a card from the deck, the Guesser guesses which card was drawn, and then the card is discarded from the deck. The Guesser receives a point for each correctly guessed card.With perfect memory, a Guesser can keep track of all cards that were played so far and pick at random a card that has not appeared so far, yielding in expectation ln n correct guesses. With no memory, the best a Guesser can do will result in a single guess in expectation.We consider the case of a memory bounded Guesser that has m < n memory bits. We show that the performance of such a memory bounded Guesser depends much on the behavior of the Dealer. In more detail, we show that there is a gap between the static case, where the Dealer draws cards from a properly shuffled deck or a prearranged one, and the adaptive case, where the Dealer draws cards thoughtfully, in an adversarial manner. Specifically:1. We show a Guesser with O(log 2 n) memory bits that scores a near optimal result against any static Dealer.2. We show that no Guesser with m bits of memory can score better than O( √ m) correct guesses, thus, no Guesser can score better than min{ √ m, ln n}, i.e., the above Guesser is optimal.3. We show an efficient adaptive Dealer against which no Guesser with m memory bits can make more than ln m + 2 ln log n + O(1) correct guesses in expectation.These results are (almost) tight, and we prove them using compression arguments that harness the guessing strategy for encoding.

show abstract

Bloom Filters in Adversarial Environments

Cited by 36 publications

References 34 publications

Telescoping Filter: A Practical Adaptive Filter

Telescoping Filter: A Practical Adaptive Filter

Group Time-based One-time Passwords and its Application to Efficient Privacy-Preserving Proof of Location

Keep That Card in Mind: Card Guessing with Limited Memory

Contact Info

Product

Resources

About