Abstract
Cloud database is now a rapidly growing trend in cloud computing market recently. It enables the clients run their computation on out-sourcing databases or access to some distributed database service on the cloud. At the same time, the security and privacy concerns is major challenge for cloud database to continue growing. To enhance the security and privacy of the cloud database technology, the pseudo-random number generation (PRNG) plays an important roles in data encryptions and privacy-preserving data processing as solutions. In this paper, we focus on the security and privacy risks in cloud database and provide a solution for the clients who want to generate the pseudo-random number collaboratively in a distributed way which can be reasonably secure, fast and low cost to meet requirement of cloud database. We provide two solutions in this paper, the first one is a construction of distributed PRNG which is faster than the traditional Linux PRNG. The second one is a protocol for users to execute the random data perturbation collaboratively before uploading the data to the cloud database.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Blum, L., Blum, M., Shub, M.: Comparison of two pseudo-random number generators, pp. 61–78. Plenum Press, New York (1983)
Barak, B., Shaltiel, R., Tromer, E.: True Random Number Generators Secure in a Changing Environment. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 166–180. Springer, Heidelberg (2003)
Barak, B., Halevi, S.: A model and architecture for pseudo-random generation with applications to /dev/random. In: ACM Conference on Computer and Communications Security, pp. 203–212 (2005)
Bellare, M., Rompel, J.: Randomness-Efficient Oblivious Sampling FOCS, pp. 276–287 (1994)
Chor, B., Goldwasser, S., Micali, S., Awerbuch, B.: Verifiable Secret Sharing and Achieving Simultaneity in The Presence of Faults. In: Proceedings of the 26th Annual IEEE Symposium on Foundations of Computer Science, pp. 383–395 (1985)
Davis, D., Ihaka, R., Fenstermacher, P.: Cryptographic Randomness from Air Turbulence in Disk Drives. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 114–120. Springer, Heidelberg (1994)
Dwork, C.: Differential privacy: A survey of results. In: Agrawal, M., Du, D.-Z., Duan, Z., Li, A. (eds.) TAMC 2008. LNCS, vol. 4978, pp. 1–19. Springer, Heidelberg (2008)
Dodis, Y., Pointcheval, D., Ruhault, S., Vergnaud, D., Wichs, D.: Security analysis of pseudo-random number generators with input: dev/random is not robust. In: Proceedings of the 2013 Conference on Computer & Communications Security, USA, pp. 647–658 (2013)
Ellison, C.: IEEE. P1363 Appendix E Cryptographic Random Numbers cme/P1363/ ranno.html (1995), http://theworld.com/~cme/P1363/ranno.html (online; accessed 2009)
Gutterman, Z., Pinkas, B., Reinman, T.: Analysis of the Linux Random Number Generator. In: Proc. of IEEE Security and Privacy, pp. 371–385 (2006)
Gutmann, P.: Cryptographic Security Architecture Design and Verification (2004) ISBN: 978-0-387-95387-8
Krawczyk, H.: How to predict congruential generators. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 138–153. Springer, Heidelberg (1990)
Krhovjak, J., Kur, J., Lorenc, V., Matyas, V., Pecho, P., Riha, Z., Staudek, J., Svenda, P.: Zizkovsky. Smartcards, final report for the Czech National Security Authority (December 2008)
Knuth, D.E.: Seminumerical Algorithms, 3rd edn. The Art of Computer Programming, vol. 2. Addison-Wesley (2001)
Lehmer, D.H.: Mathematical methods in large-scale computing units. In: Proc. 2nd Sympos. on Large-Scale Digital Calculating Machinery, Cambridge, MA, pp. 141–146. Harvard University Press (1949, 1951)
The LavaRnd Random Number Generator (2000), http: //, http://www.lavarnd.org/ (online; accessed 2009)
Lacharme, P.: Post-Processing Functions for a Biased Physical Random Number Generator. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 334–342. Springer, Heidelberg (2008)
Lewis, T.G., Payne, W.H.: Generalized feedback shift register pseudorandom number algorithm. Journal of the ACM 20(3), 456–468 (1973)
Lacharme, P., Rock, A., Strubel, V., Videau, M.: The linux pseudorandom number generator revisited. Cryptology ePrint Archive, Report 2012/251 (2012)
Matsumoto, M., Kurita, Y.: Twisted GFSR generators. ACM Transactions on Modeling and Computer Simulation 2(3), 179–194 (1992)
Matsumoto, M., Nishimura, T.: Mersenne Twister: A 623-Dimensionally Equidistributed Uniform Pseudo-Random Number Generator. ACM Transactions on Modeling and Computer Simulation (TOMACS) 8(1), 3–30 (1998)
Mackall, M., Ts’o, T.: random.c A strong random number generator, /driver/char/random.c in Linux Kernel 2.6.30.7 (2009), http://www.kernel.org/
Shamir, A.: On the generation of cryptographically strong pseudo-random sequences. In: Even, S., Kariv, O. (eds.) ICALP 1981. LNCS, vol. 115, pp. 544–550. Springer, Heidelberg (1981)
Ts’o, T.: random.c Linux kernel random number generator, http://www.kernel.org
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Chen, J., Miyaji, A., Su, C. (2014). Distributed Pseudo-Random Number Generation and Its Application to Cloud Database. In: Huang, X., Zhou, J. (eds) Information Security Practice and Experience. ISPEC 2014. Lecture Notes in Computer Science, vol 8434. Springer, Cham. https://doi.org/10.1007/978-3-319-06320-1_28
Download citation
DOI: https://doi.org/10.1007/978-3-319-06320-1_28
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-06319-5
Online ISBN: 978-3-319-06320-1
eBook Packages: Computer ScienceComputer Science (R0)