skip to main content
research-article

History-Independent Dynamic Partitioning: Operation-Order Privacy in Ordered Data Structures

Published: 14 May 2024 Publication History

Abstract

A data structure is history independent if its internal representation reveals nothing about the history of operations beyond what can be determined from the current contents of the data structure. History independence is typically viewed as a security or privacy guarantee, with the intent being to minimize risks incurred by a security breach or audit. Despite widespread advances in history independence, there is an important data-structural primitive that previous work has been unable to replace with an equivalent history-independent alternative---dynamic partitioning. In dynamic partitioning, we are given a dynamic set S of ordered elements and a size-parameter B, and the objective is to maintain a partition of S into ordered groups, each of size Θ(B). Dynamic partitioning is important throughout computer science, with applications to B-tree rebalancing, write-optimized dictionaries, log-structured merge trees, other external-memory indexes, geometric and spatial data structures, cache-oblivious data structures, and order-maintenance data structures. The lack of a history-independent dynamic-partitioning primitive has meant that designers of history-independent data structures have had to resort to complex alternatives. In this paper, we achieve history-independent dynamic partitioning. Our algorithm runs asymptotically optimally against an oblivious adversary, processing each insert/delete with O(1) operations in expectation and O(B log N/loglog N) with high probability in set size N.

References

[1]
Umut A Acar, Guy E Blelloch, Robert Harper, Jorge L Vittes, and Shan Leung Maverick Woo. 2004. Dynamizing static algorithms, with applications to dynamic trees and history independence. In Proc. of the 15th Annual ACM-SIAM Symposium on Discrete Algorithms (SODA). 531--540.
[2]
Ole Amble and Donald Ervin Knuth. 1974. Ordered hash tables. Comput. J., Vol. 17, 2 (1974), 135--142.
[3]
Arne Andersson, Peter Bro Miltersen, and Mikkel Thorup. 1999. Fusion Trees Can Be Implemented With AC0 Instructions Only. Theoretical Computer Science, Vol. 215, 1--2 (1999), 337--344. https://doi.org/10.1016/S0304--3975(98)00172--8
[4]
Arne Andersson and Thomas Ottmann. 1991. Faster uniquely represented dictionaries. In Proc. of the 32nd Annual IEEE Symposium on Foundations of Computer Science (FOCS). 642--649.
[5]
Arne Andersson and Thomas Ottmann. 1995. New tight bounds on uniquely represented dictionaries. SIAM J. Comput., Vol. 24, 5 (1995), 1091--1103.
[6]
Arne Andersson and Mikkel Thorup. 2007. Dynamic Ordered Sets with Exponential Search Trees. J. ACM, Vol. 54, 3 (2007), 1--40.
[7]
Cecilia R Aragon and Raimund G Seidel. 1989. Randomized search trees. In Proc. of the 30th Annual IEEE Symposium on Foundations of Computer Science (FOCS). 540--545.
[8]
Sumeet Bajaj, Anrin Chakraborti, and Radu Sion. 2015. The Foundations of History Independence. arXiv preprint arXiv:1501.06508 (2015).
[9]
Sumeet Bajaj, Anrin Chakraborti, and Radu Sion. 2016. Practical Foundations of History Independence. IEEE Trans. Inf. Forensics Secur., Vol. 11, 2 (2016), 303--312. https://doi.org/10.1109/TIFS.2015.2491309
[10]
Sumit Bajaj and Radu Sion. 2013a. Ficklebase: Looking into the future to erase the past. In Proc. of the 29th IEEE International Conference on Data Engineering (ICDE). 86--97.
[11]
Sumeet Bajaj and Radu Sion. 2013b. HIFS: History independence for file systems. In Proc. of the ACM SIGSAC Conference on Computer & Communications Security (CCS). 1285--1296.
[12]
Rudolf Bayer and Edward M. McCreight. 1972. Organization and Maintenance of Large Ordered Indexes. Acta Informatica, Vol. 1, 3 (Feb. 1972), 173--189. https://doi.org/10.1145/1734663.1734671
[13]
Michael A. Bender, Jonathan W. Berry, Rob Johnson, Thomas M. Kroeger, Samuel McCauley, Cynthia A. Phillips, Bertrand Simon, Shikha Singh, and David Zage. 2016. Anti-Persistence on Persistent Storage: History-Independent Sparse Tables and Dictionaries. In Proc. 35th ACM SIGMOD-SIGACT-SIGAI Symposium on Principles of Database Systems (PODS). 289--302.
[14]
Michael A Bender, Richard Cole, Erik D Demaine, Martin Farach-Colton, and Jack Zito. 2002. Two simplified algorithms for maintaining order in a list. In Proc. 10th European Symposium on Algorithms (ESA). Springer, 152--164.
[15]
Michael A. Bender, Alex Conway, Mart'in Farach-Colton, Hanna Komlós, William Kuszmaul, and Nicole Wein. 2022. Online List Labeling: Breaking the $łog^2 n$ Barrier. In Proc. 63rd IEEE Annual Symposium on Foundations of Computer Science (FOCS). 980--990. https://doi.org/10.1109/FOCS54457.2022.00096
[16]
Michael A Bender, Erik D Demaine, and Martin Farach-Colton. 2000. Cache-oblivious B-trees. In Proc. of the 41st Annual IEEE Symposium on Foundations of Computer Science (FOCS). 399--409.
[17]
Michael A. Bender and Martin Farach-Colton. 2000. The LCA Problem Revisited. In Proc. Latin American Theoretical INformatics (LATIN). 88--94.
[18]
Michael A. Bender, Martin Farach-Colton, Jeremy T. Fineman, Yonatan R. Fogel, Bradley C. Kuszmaul, and Jelani Nelson. 2007. Cache-oblivious streaming B-trees. In SPAA. ACM, 81--92.
[19]
Michael A. Bender, Martin Farach-Colton, William Jannen, Rob Johnson, Bradley C. Kuszmaul, Donald E. Porter, Jun Yuan, and Yang Zhan. 2015. An Introduction to B$^ε$-Trees and Write-Optimization. :login; magazine, Vol. 40, 5 (Oct. 2015), 22--28.
[20]
John Bethencourt, Dan Boneh, and Brent Waters. 2007. Cryptographic methods for storing ballots on a voting machine. In Proc. of the 14th Network and Distributed System Security Symposium (NDSS).
[21]
Guy E Blelloch and Daniel Golovin. 2007. Strongly history-independent hashing with applications. In Proc. 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS). 272--282.
[22]
Gerth Stølting Brodal and Rolf Fagerberg. 2003. Lower Bounds for External Memory Dictionaries. In Proceedings of the Fourteenth Annual ACM-SIAM Symposium on Discrete Algorithms (SODA '03). Baltimore, MD, 546--554.
[23]
Niv Buchbinder and Erez Petrank. 2003. Lower and Upper Bounds on Obtaining History Independence. In Advances in Cryptology. 445--462.
[24]
Pedro Celis, Per-Åke Larson, and J. Ian Munro. 1985. Robin Hood Hashing (Preliminary Report). In 26th Annual Symposium on Foundations of Computer Science (FOCS'85). Portland, Oregon, USA, 281--288. https://doi.org/10.1109/SFCS.1985.48
[25]
Bo Chen and Radu Sion. 2015. HiFlash: A History Independent Flash Device. CoRR, Vol. abs/1511.05180 (2015). showeprint[arXiv]1511.05180 http://arxiv.org/abs/1511.05180
[26]
Douglas Comer. 1979. The Ubiquitous B-Tree. Comput. Surveys, Vol. 11, 2 (June 1979), 121--137.
[27]
Paul Dietz and Daniel Sleator. 1987. Two algorithms for maintaining order in a list. In Proc. of the 19th Annual ACM Symposium on Theory of Computing (STOC). 365--372.
[28]
M. L. Fredman and D. E. Willard. 1993. Surpassing the Information Theoretic Bound with Fusion Trees. J. Comput. System Sci., Vol. 47 (1993), 424--436.
[29]
Harold N. Gabow, Jon Louis Bentley, and Robert Endre Tarjan. 1984. Scaling and Related Techniques for Geometry Problems. In Proceedings of the 16th Annual ACM Symposium on Theory of Computing, April 30 - May 2, 1984, Washington, DC, USA, Richard A. DeMillo (Ed.). ACM, 135--143. https://doi.org/10.1145/800057.808675
[30]
Sanjam Garg, Shafi Goldwasser, and Prashant Nalini Vasudevan. 2020. Formalizing data deletion in the context of the right to be forgotten. In Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 373--402.
[31]
Daniel Golovin. 2008. Uniquely Represented Data Structures with Applications to Privacy. Ph.,D. Dissertation. Carnegie Mellon University, Pittsburgh, PA, 2008.
[32]
Daniel Golovin. 2009. B-treaps: A uniquely represented alternative to B-Trees. In Proc. 36th Annual International Colloquium on Automata, Languages, and Programming (ICALP). 487--499.
[33]
Daniel Golovin. 2010. The B-skip-list: A simpler uniquely represented alternative to B-trees. arXiv preprint arXiv:1005.0662 (2010).
[34]
Michael T. Goodrich, Evgenios M. Kornaropoulos, Michael Mitzenmacher, and Roberto Tamassia. 2017. Auditable Data Structures. In Proc. IEEE European Symposium on Security and Privacy (EuroS&P). 285--300. https://doi.org/10.1109/EuroSP.2017.46
[35]
Jason D. Hartline, Edwin S. Hong, Alexander E. Mohr, William R. Pentney, and Emily Rocke. 2002. Characterizing History Independent Data Structures. In Proceedings of the Algorithms and Computation, 13th International Symposium (ISAAC). 229--240. https://doi.org/10.1007/3--540--36136--7_21
[36]
Jason D Hartline, Edwin S Hong, Alexander E Mohr, William R Pentney, and Emily C Rocke. 2005. Characterizing history independent data structures. Algorithmica, Vol. 42, 1 (2005), 57--74.
[37]
Scott Huddleston and Kurt Mehlhorn. 1982. A New Data Structure for Representing Sorted Lists. Acta Informatica, Vol. 17 (1982), 157--184.
[38]
Bert-Jaap Koops. 2011. Forgetting footprints, shunning shadows: A critical analysis of the right to be forgotten in big data practice. SCRIPTed, Vol. 8 (2011), 229.
[39]
William Kuszmaul. 2023. Strongly History Independent Storage Allocation: New Upper and Lower bounds. In Proc. 64rd IEEE Annual Symposium on Foundations of Computer Science (FOCS).
[40]
Daniele Micciancio. 1997. Oblivious data structures: applications to cryptography. In Proc. 29th Annual ACM Symposium on Theory of Computing (STOC). 456--464.
[41]
Tal Moran, Moni Naor, and Gil Segev. 2007. Deterministic history-independent strategies for storing information on write-once memories. In Proc. 34th International Colloquium on Automata, Languages and Programming (ICALP).
[42]
Kiyosh Murata and Yohki Orito. 2011. The right to forget/be forgotten. Ethics in Interdisciplinary and Intercultural Relations, Vol. 192 (2011).
[43]
Moni Naor, Gil Segev, and Udi Wieder. 2008. History-independent cuckoo hashing. In Proc. of the 35th International Colloquium on Automata, Languages and Programming (ICALP). Springer, 631--642.
[44]
Moni Naor and Vanessa Teague. 2001. Anti-persistence: history independent data structures. In Proc. 33rd Annual ACM Symposium on Theory of Computing (STOC). 492--501.
[45]
Patrick O'Neil, Edward Cheng, Dieter Gawlic, and Elizabeth O'Neil. 1996. The Log-Structured Merge-Tree (LSM-tree). Acta Informatica, Vol. 33, 4 (1996), 351--385. https://doi.org/10.1007/s002360050048
[46]
Mihai Patrascu and Mikkel Thorup. 2014. Dynamic Integer Sets with Optimal Rank, Select, and Predecessor Search. In 55th IEEE Symp. on Foundations of Computer Science (FOCS). 166--175.
[47]
Rishabh Poddar, Tobias Boelter, and Raluca Ada Popa. 2016. Arx: A Strongly Encrypted Database System. IACR Cryptol. ePrint Arch. (2016), 591. http://eprint.iacr.org/2016/591
[48]
William Pugh. 1988. Incremental computation and the incremental evaluation of functional programs. Ph.,D. Dissertation. Cornell University.
[49]
William Pugh. 1990. Skip lists: a probabilistic alternative to balanced trees. Commun. ACM, Vol. 33, 6 (1990), 668--676.
[50]
William Pugh and Tim Teitelbaum. 1989. Incremental computation via function caching. In Proc. of the 16th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL). 315--328.
[51]
Rajeev Raman. 1996. Priority Queues: Small, Monotone and Trans-dichotomous. In 4th European Symposium on Algorithms (ESA). 121--137.
[52]
Daniel S Roche, Adam J Aviv, and Seung Geol Choi. 2015. Oblivious Secure Deletion with Bounded History Independence. arXiv preprint arXiv:1505.07391 (2015).
[53]
Daniel S. Roche, Adam J. Aviv, and Seung Geol Choi. 2016. A Practical Oblivious Map Data Structure with Secure Deletion and History Independence. In IEEE Symposium on Security and Privacy (SP). IEEE Computer Society, 178--197. https://doi.org/10.1109/SP.2016.19
[54]
Russell Sears, Mark Callaghan, and Eric Brewer. 2008. Rose: Compressed, log-structured replication. Proceedings of the VLDB Endowment, Vol. 1, 1 (2008), 526--537.
[55]
Sandeep Sen. 1991. Some observations on skip-lists. Inform. Process. Lett., Vol. 39, 4 (1991), 173--176. https://doi.org/10.1016/0020-0190(91)90175-H
[56]
Lawrence Snyder. 1977. On uniquely represented data structures. In Proc. of the 18th Annual IEEE Symposium on Foundations of Computer Science (FOCS). 142--146.
[57]
Rajamani Sundar and Robert Endre Tarjan. 1990. Unique binary search tree representations and equality-testing of sets and sequences. In Proc. of the 22nd Annual ACM Symposium on Theory of Computing (STOC). 18--25.
[58]
Mikkel Thorup. 2003. On AC0 Implementations of Fusion Trees and Atomic Heaps. In 14th ACM-SIAM Symposium on Discrete Algorithms (SODA). 699--707. http://portal.acm.org/citation.cfm?id=644108.644221
[59]
Athanasios K. Tsakalidis. 1984. Maintaining Order in a Generalized Linked List. Acta Informatica, Vol. 21, 1 (May 1984), 101--112.
[60]
Theodoros Tzouramanis. 2012. History-independence: a fresh look at the case of R-trees. In Proc. 27th Annual ACM Symposium on Applied Computing (SAC). 7--12.
[61]
Jean Vuillemin. 1980. A Unifying Look at Data Structures. Commun. ACM, Vol. 23, 4 (1980), 229--239. https://doi.org/10.1145/358841.358852
[62]
Robert Kirk Walker. 2012. The right to be forgotten. Hastings LJ, Vol. 64 (2012), 257.
[63]
Dan E. Willard. 1999. Examining Computational Geometry, van Emde Boas Trees, and Hashing from the Perspective of the Fusion Tree. SIAM J. Comput., Vol. 29 (December 1999), 1030--1049. Issue 3. https://doi.org/10.1137/S0097539797322425

Recommendations

Comments

Information & Contributors

Information

Published In

cover image Proceedings of the ACM on Management of Data
Proceedings of the ACM on Management of Data  Volume 2, Issue 2
PODS
May 2024
852 pages
EISSN:2836-6573
DOI:10.1145/3665155
Issue’s Table of Contents
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 May 2024
Published in PACMMOD Volume 2, Issue 2

Permissions

Request permissions for this article.

Author Tags

  1. algorithms
  2. data structures
  3. external memory
  4. history independence
  5. online algorithms
  6. randomized algorithms

Qualifiers

  • Research-article

Funding Sources

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • 0
    Total Citations
  • 167
    Total Downloads
  • Downloads (Last 12 months)167
  • Downloads (Last 6 weeks)17
Reflects downloads up to 17 Feb 2025

Other Metrics

Citations

View Options

Login options

Full Access

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media