148 research outputs found
Public cloud data auditing with practical key update and zero knowledge privacy
Data integrity is extremely important for cloud based storage services, where cloud users no longer have physical possession of their outsourced files. A number of data auditing mechanisms have been proposed to solve this problem. However, how to update a cloud user\u27s private auditing key (as well as the authenticators those keys are associated with) without the user\u27s re-possession of the data remains an open problem. In this paper, we propose a key-updating and authenticator-evolving mechanism with zero-knowledge privacy of the stored files for secure cloud data auditing, which incorporates zero knowledge proof systems, proxy re-signatures and homomorphic linear authenticators. We instantiate our proposal with the state-of-the-art Shacham-Waters auditing scheme. When the cloud user needs to update his key, instead of downloading the entire file and re-generating all the authenticators, the user can just download and update the authenticators. This approach dramatically reduces the communication and computation cost while maintaining the desirable security. We formalize the security model of zero knowledge data privacy for auditing schemes in the key-updating context and prove the soundness and zero-knowledge privacy of the proposed construction. Finally, we analyze the complexity of communication, computation and storage costs of the improved protocol which demonstrates the practicality of the proposal
Trustee: Full Privacy Preserving Vickrey Auction on top of Ethereum
The wide deployment of tokens for digital assets on top of Ethereum implies
the need for powerful trading platforms. Vickrey auctions have been known to
determine the real market price of items as bidders are motivated to submit
their own monetary valuations without leaking their information to the
competitors. Recent constructions have utilized various cryptographic protocols
such as ZKP and MPC, however, these approaches either are partially
privacy-preserving or require complex computations with several rounds. In this
paper, we overcome these limits by presenting Trustee as a Vickrey auction on
Ethereum which fully preserves bids' privacy at relatively much lower fees.
Trustee consists of three components: a front-end smart contract deployed on
Ethereum, an Intel SGX enclave, and a relay to redirect messages between them.
Initially, the enclave generates an Ethereum account and ECDH key-pair.
Subsequently, the relay publishes the account's address and ECDH public key on
the smart contract. As a prerequisite, bidders are encouraged to verify the
authenticity and security of Trustee by using the SGX remote attestation
service. To participate in the auction, bidders utilize the ECDH public key to
encrypt their bids and submit them to the smart contract. Once the bidding
interval is closed, the relay retrieves the encrypted bids and feeds them to
the enclave that autonomously generates a signed transaction indicating the
auction winner. Finally, the relay submits the transaction to the smart
contract which verifies the transaction's authenticity and the parameters'
consistency before accepting the claimed auction winner. As part of our
contributions, we have made a prototype for Trustee available on Github for the
community to review and inspect it. Additionally, we analyze the security
features of Trustee and report on the transactions' gas cost incurred on
Trustee smart contract.Comment: Presented at Financial Cryptography and Data Security 2019, 3rd
Workshop on Trusted Smart Contract
MSIGT: Most Significant Index Generation Technique for cloud environment
Cloud Computing is a computing paradigm for delivering computational power, storage and applications as services via Internet on a pay-as-you-go basis to consumers. The data owner outsources local data to the public cloud server to reduce the cost of the data management. Critical data has to be encrypted to ensure privacy before outsourcing. The state-of-the-art SSE schemes search only over encrypted data through keywords, hence they do not provide effective data utilisation for large dataset files in cloud. We propose a Most Significant Index Generation Technique (MSIGT), that supports secure and efficient index generation time using a Most Significant Digit (MSD) radix sort. MSD radix sort is simple and faster in sorting array strings. A mathematical model is developed to encrypt the indexed keywords for secure index generation without the overhead of learning from the attacker/cloud provider. It is seen that the MSIGT scheme can reduce the cost of data on owner side to O(NT × 3) with a score calculation of O(NT). The proposed scheme is effective and efficient in comparison with the existing algorithms
Blockchain for Genomics:A Systematic Literature Review
Human genomic data carry unique information about an individual and offer
unprecedented opportunities for healthcare. The clinical interpretations
derived from large genomic datasets can greatly improve healthcare and pave the
way for personalized medicine. Sharing genomic datasets, however, pose major
challenges, as genomic data is different from traditional medical data,
indirectly revealing information about descendants and relatives of the data
owner and carrying valid information even after the owner passes away.
Therefore, stringent data ownership and control measures are required when
dealing with genomic data. In order to provide secure and accountable
infrastructure, blockchain technologies offer a promising alternative to
traditional distributed systems. Indeed, the research on blockchain-based
infrastructures tailored to genomics is on the rise. However, there is a lack
of a comprehensive literature review that summarizes the current
state-of-the-art methods in the applications of blockchain in genomics. In this
paper, we systematically look at the existing work both commercial and
academic, and discuss the major opportunities and challenges. Our study is
driven by five research questions that we aim to answer in our review. We also
present our projections of future research directions which we hope the
researchers interested in the area can benefit from
- …