Dominique Schroeder
Heike Schroeder
ABSTRACT
In a verifiable data streaming protocol, the client streams a long string to the server who stores it in its database. The stream is verifiable in the sense that the server can neither change the order of the elements nor manipulate them. The client may also retrieve data from the database and update them. The content of the database is publicly verifiable such that any party in possession of some value $s$ and a proof Ö can check that s is indeed in the database.
We introduce the notion of verifiable data streaming and present an efficient instantiation that supports an exponential number of values based on general assumptions. Our main technique is an authentication tree in which the leaves are not fixed in advanced such that the user, knowing some trapdoor, can authenticate a new element on demand without pre- or re-computing all other leaves. We call this data structure chameleon authentication tree (CAT). We instantiate our scheme with primitives that are secure under the discrete logarithm assumption. The algebraic properties of this assumption allow us to obtain a very efficient verification algorithm. As a second application of CATs, we present a new transformation from any one-time to many-time signature scheme that is more efficient than previously known solutions.
- Giuseppe Ateniese and Breno de Medeiros. On the key exposure problem in chameleon hashes. In Carlo Blundo and Stelvio Cimato, editors, SCN 04: 4th International Conference on Security in Communication Networks, volume 3352 of Lecture Notes in Computer Science, pages 165--179, Amalfi, Italy, September 8--10, 2004. Springer, Berlin, Germany. Google Scholar
Digital Library
- Johannes Buchmann, Erik Dahmen, Elena Klintsevich, Katsuyuki Okeya, and Camille Vuillaume. Merkle signatures with virtually unlimited signature capacity. In Jonathan Katz and Moti Yung, editors, ACNS 07: 5th International Conference on Applied Cryptography and Network Security, volume 4521 of Lecture Notes in Computer Science, pages 31--45, Zhuhai, China, June 5-8, 2007. Springer, Berlin, Germany. Google ScholarDigital Library
- Mihir Bellare, Juan A. Garay, and Tal Rabin. Fast batch verification for modular exponentiation and digital signatures. In Kaisa Nyberg, editor, Advances in Cryptology - EUROCRYPT'98, volume 1403 of Lecture Notes in Computer Science, pages 236--250, Espoo, Finland, May 31 - June 4, 1998. Springer, Berlin, Germany.Google Scholar
- Siavosh Benabbas, Rosario Gennaro, and Yevgeniy Vahlis. Verifiable delegation of computation over large datasets. In Phillip Rogaway, editor, Advances in Cryptology - CRYPTO 2011, volume 6841 of Lecture Notes in Computer Science, pages 111--131, Santa Barbara, CA, USA, August 14-18, 2011. Springer, Berlin, Germany. Google ScholarDigital Library
- Colin Boyd and Chris Pavlovski. Attacking and repairing batch verification schemes. In Tatsuaki Okamoto, editor, Advances in Cryptology - ASIACRYPT 2000, volume 1976 of Lecture Notes in Computer Science, pages 58--71, Kyoto, Japan, December 3-7, 2000. Springer, Berlin, Germany. Google ScholarDigital Library
- Dario Catalano and Dario Fiore. Vector commitments and their applications. Cryptology ePrint Archive, Report 2011/495, 2011. http://eprint.iacr.org/.Google Scholar
- Jan Camenisch, Susan Hohenberger, and Michael Ostergaard Pedersen. Batch verification of short signatures. In Moni Naor, editor, Advances in Cryptology - EUROCRYPT 2007, volume 4515 of Lecture Notes in Computer Science, pages 246--263, Barcelona, Spain, May 20-24, 2007. Springer, Berlin, Germany. Google ScholarDigital Library
- Kai-Min Chung, Yael Tauman Kalai, Feng-Hao Liu, and Ran Raz. Memory delegation. In Phillip Rogaway, editor, Advances in Cryptology - CRYPTO 2011, volume 6841 of Lecture Notes in Computer Science, pages 151--168, Santa Barbara, CA, USA, August 14-18, 2011. Springer, Berlin, Germany. Google ScholarDigital Library
- Jan Camenisch, Markulf Kohlweiss, and Claudio Soriente. An accumulator based on bilinear maps and efficient revocation for anonymous credentials. In Stanislaw Jarecki and Gene Tsudik, editors, PKC 2009: 12th International Conference on Theory and Practice of Public Key Cryptography, volume 5443 of Lecture Notes in Computer Science, pages 481--500, Irvine, CA, USA, March 18-20, 2009. Springer, Berlin, Germany. Google ScholarDigital Library
- Jan Camenisch and Anna Lysyanskaya. Dynamic accumulators and application to efficient revocation of anonymous credentials. In Moti Yung, editor, Advances in Cryptology - CRYPTO 2002, volume 2442 of Lecture Notes in Computer Science, pages 61--76, Santa Barbara, CA, USA, August 18-22, 2002. Springer, Berlin, Germany. Google ScholarDigital Library
- Graham Cormode, Michael Mitzenmacher, and Justin Thaler. Practical verified computation with streaming interactive proofs. In Innovations in Theoretical Computer Science (ITCS), 2012. Google ScholarDigital Library
- Decio Luiz Gazzoni Filho and Paulo Sergio Licciardi Messeder Barreto. Demonstrating data possession and uncheatable data transfer. Cryptology ePrint Archive, Report 2006/150, 2006. http://eprint.iacr.org/.Google Scholar
- Anna Lisa Ferrara, Matthew Green, Susan Hohenberger, and Michael Ostergaard Pedersen. Practical short signature batch verification. In Marc Fischlin, editor, Topics in Cryptology - CT-RSA 2009, volume 5473 of Lecture Notes in Computer Science, pages 309--324, San Francisco, CA, USA, April 20-24, 2009. Springer, Berlin, Germany. Google ScholarDigital Library
- Shafi Goldwasser, Silvio Micali, and Ronald L. Rivest. A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing, 17(2):281--308, April 1988. Google ScholarDigital Library
- Hugo Krawczyk and Tal Rabin. Chameleon signatures. In ISOC Network and Distributed System Security Symposium - NDSS 2000, San Diego, California, USA, February 2-4, 2000. The Internet Society.Google Scholar
- Leslie Lamport. Constructing digital signatures from a one-way function. Technical Report SRI-CSL-98, SRI International Computer Science Laboratory, October 1979.Google Scholar
- Ralph C. Merkle. A digital signature based on a conventional encryption function. In Carl Pomerance, editor, Advances in Cryptology - CRYPTO'87, volume 293 of Lecture Notes in Computer Science, pages 369--378, Santa Barbara, CA, USA, August 16-20, 1988. Springer, Berlin, Germany. Google ScholarDigital Library
- Ralph C. Merkle. A certified digital signature. In Gilles Brassard, editor, Advances in Cryptology - CRYPTO'89, volume 435 of Lecture Notes in Computer Science, pages 218--238, Santa Barbara, CA, USA, August 20-24, 1990. Springer, Berlin, Germany. Google ScholarDigital Library
- Chip Martel, Glen Nuckolls, Prem Devanbu, Michael Gertz, April Kwong, and Stuart G. Stubblebine. A general model for authenticated data structures. Algorithmica, 39:2004, 2001. Google ScholarDigital Library
- Moni Naor. Bit commitment using pseudorandomness. Journal of Cryptology, 4(2):151--158, 1991.Google ScholarDigital Library
- Lan Nguyen. Accumulators from bilinear pairings and applications. In Alfred Menezes, editor, Topics in Cryptology - CT-RSA 2005, volume 3376 of Lecture Notes in Computer Science, pages 275--292, San Francisco, CA, USA, February 14-18, 2005. Springer, Berlin, Germany. Google ScholarDigital Library
- Moni Naor and Kobbi Nissim. Certificate revocation and certificate update. IEEE Journal on Selected Areas in Communications, 18(4):561--570, 2000. Google ScholarDigital Library
- Moni Naor and Moti Yung. Universal one-way hash functions and their cryptographic applications. In 21st Annual ACM Symposium on Theory of Computing, pages 33--43, Seattle, Washington, USA, May 15-17, 1989. ACM Press. Google ScholarDigital Library
- University of California Museum of Paleontology. The effects of mutations. understanding evolution., 2012. Last access 05/03/12 - http://evolution.berkeley.edu/evolibrary/article/0_0_0/mutations_05.Google Scholar
- Charalampos Papamanthou and Roberto Tamassia. Time and space efficient algorithms for two-party authenticated data structures. In Proceedings of the 9th international conference on Information and communications security, ICICS'07, pages 1--15, Berlin, Heidelberg, 2007. Springer-Verlag. Google ScholarDigital Library
- Michael O. Rabin. Digital signatures and public key functions as intractable as factorization. Technical Report MIT/LCS/TR-212, Massachusetts Institute of Technology, January 1979. Google ScholarDigital Library
- Andy Rupp, Gregor Leander, Endre Bangerter, Alexander W. Dent, and Ahmad-Reza Sadeghi. Sufficient conditions for intractability over black-box groups: Generic lower bounds for generalized DL and DH problems. In Josef Pieprzyk, editor, Advances in Cryptology - ASIACRYPT 2008, volume 5350 of Lecture Notes in Computer Science, pages 489--505, Melbourne, Australia, December 7-11, 2008. Springer, Berlin, Germany. Google ScholarDigital Library
- Thomas Schwarz and Ethan L. Miller. Store, forget, and check: Using algebraic signatures to check remotely administered storage. Proceedings of the IEEE Int'l Conference on Distributed Computing Systems (ICDCS '06), July 2006. Google ScholarDigital Library
- Dominique Schroder and Heike Schroder. Verifiable data streaming. Cryptology ePrint Archive, Report 2012, 2012. Full version, available at http://eprint.iacr.org/.Google Scholar
- Hovav Shacham and Brent Waters. Compact proofs of retrievability. In Josef Pieprzyk, editor, Advances in Cryptology - ASIACRYPT 2008, volume 5350 of Lecture Notes in Computer Science, pages 90--107, Melbourne, Australia, December 7-11, 2008. Springer, Berlin, Germany. Google ScholarDigital Library
- Michael Szydlo. Merkle tree traversal in log space and time. In Christian Cachin and Jan Camenisch, editors, Advances in Cryptology - EUROCRYPT 2004, volume 3027 of Lecture Notes in Computer Science, pages 541--554, Interlaken, Switzerland, May 2-6, 2004. Springer, Berlin, Germany.Google Scholar
- Roberto Tamassia and Nikos Triandopoulos. Certification and authentication of data structures. In AMW, 2010.Google Scholar
Index Terms
- Verifiable data streaming
Recommendations
Verifiable outsourced ciphertext-policy attribute-based encryption in cloud computing
In the attribute-based encryption (ABE) systems, users can encrypt and decrypt messages based on their attributes. Because of the flexibility of ABE, it is more and more widely used in various network environments. However, complex functionality of ABE ...
Publicly verifiable ciphertexts
Advances in Security for Communication NetworksIn many applications where encrypted traffic flows from an open public domain to a protected private domain there exists a gateway that bridges these two worlds, faithfully forwarding all incoming traffic to the receiver. We observe that the notion of ...
Efficient verifiable data streaming
In 2012, D. Schröder and H. Schröder introduced verifiable data streaming VDS that enables a client to append, search, verify, and update the streamed data efficiently. After storing the data with a server, a client issues a query to receive a proof ...
Comments