Towards a secure and efficient search over encrypted cloud data

Includes bibliographical references.2016 Summer.Cloud computing enables new types of services where the computational and network resources are available online through the Internet. One of the most popular services of cloud computing is data outsourcing. For reasons of cost and convenience, public as well as private organizations can now outsource their large amounts of data to the cloud and enjoy the benefits of remote storage and management. At the same time, confidentiality of remotely stored data on untrusted cloud server is a big concern. In order to reduce these concerns, sensitive data, such as, personal health records, emails, income tax and financial reports, are usually outsourced in encrypted form using well-known cryptographic techniques. Although encrypted data storage protects remote data from unauthorized access, it complicates some basic, yet essential data utilization services such as plaintext keyword search. A simple solution of downloading the data, decrypting and searching locally is clearly inefficient since storing data in the cloud is meaningless unless it can be easily searched and utilized. Thus, cloud services should enable efficient search on encrypted data to provide the benefits of a first-class cloud computing environment. This dissertation is concerned with developing novel searchable encryption techniques that allow the cloud server to perform multi-keyword ranked search as well as substring search incorporating position information. We present results that we have accomplished in this area, including a comprehensive evaluation of existing solutions and searchable encryption schemes for ranked search and substring position search

LIPIcs, Volume 251, ITCS 2023, Complete Volume

LIPIcs, Volume 251, ITCS 2023, Complete Volum

PRIVACY-PRESERVING QUERY PROCESSING ON OUTSOURCED DATABASES IN CLOUD COMPUTING

Database-as-a-Service (DBaaS) is a category of cloud computing services that enables IT providers to deliver database functionality as a service. In this model, a third party service provider known as a cloud server hosts a database and provides the associated software and hardware supports. Database outsourcing reduces the workload of the data owner in answering queries by delegating the tasks to powerful third-party servers with large computational and network resources. Despite the economic and technical benefits, privacy is the primary challenge posed by this category of services. By using these services, the data owners will lose the control of their databases. Moreover, the privacy of clients may be compromised since a curious cloud operator can follow the queries of a client and infer what the client is after. The challenge is to fulfill the main privacy goals of both the data owner and the clients without undermining the ability of the cloud server to return the correct query results. This thesis considers the design of protocols that protect the privacy of the clients and the data owners in the DBaaS model. Such protocols must protect the privacy of the clients so that the data owner and the cloud server cannot infer the constants contained in the query predicate as well as the query result. Moreover, the data owner privacy should be preserved by ensuring that the sensitive information in the database is not leaked to the cloud server and nothing beyond the query result is revealed to the clients. The results of the complexity and performance analysis indicates that the proposed protocols incur reasonable communication and computation overhead on the client and the data owner, considering the added advantage of being able to perform the symmetrically-private database search

On the foundations of proof-of-work based blockchain protocols

Proof-of-work (PoW) based blockchain protocols, are protocols that organize data into blocks, connected through the use of a hash function to form chains, and which make use of PoW to reach agreement, i.e., proofs that require spending some amount of computational power to be generated. This type of protocols rose into prominence with the advent of Bitcoin, the first protocol that provably implements a distributed transaction ledger against an adversary that controls less than half of the total computational power in the network, in a setting where protocol participants join and leave dynamically without the need for a registration service. Protocols in this class were also the first to be shown sufficient to solve consensus under similar conditions, a problem of fundamental importance in distributed computing. In this thesis, we explore foundational issues of PoW-based blockchain protocols that mainly have to do with the assumptions required to ensure their safe operation. We start by examining whether a common random string that is shared at the start of the protocol execution among the protocol participants is required to efficiently run such protocols. Bitcoin's security is based on the existence of such a string, called the genesis block. On the other hand, protocols found in previous works that do not assume such a setup are inefficient, in the sense that their round complexity strongly depends on the number of protocol participants. Our first contribution is the construction of efficient PoW-based blockchain protocols that provably implement a distributed ledger and consensus without such setup. Next, we turn our attention to the PoW primitive. All previous analyses model PoW using a random oracle. While satisfactory as a sanity check, the random oracle methodology has received significant criticism and shown not to be sound. We make progress by introducing a non-idealized security model and appropriate computational assumptions that are sufficient to implement a distributed ledger or consensus when combined with the right PoW-based protocol. Finally, we analyze GHOST, a recently proposed blockchain protocol, and prove its security against a byzantine adversary under similar assumptions as Bitcoin. Previous works only considered specific attacks

The application of hash chains and hash structures to cryptography

In this thesis we study how hash chains and other hash structures can be used in various cryptographic applications. In particular we focus on the applications of entity authentication, signatures and key establishment. We study recursive application of hash functions to create hash chains, hash trees and other hash structures. We collate all these to form a catalogue of structures that we apply to various cryptographic applications. We study existing work on authentication and create many entity authentication schemes based on structures from our catalogue. We present a novel algorithm to find efficient signature schemes from any given hash structure. We study some suggestions for suitable hash structures and define a particular scalable hash structure complete with a simple message to signature map that is the most efficient such scheme of which we know. We explore k-time signature schemes and identify two new properties, which we call perforated and porous. We look at the application of hash structures to key establishment schemes. We compare the existing schemes and make improvements on many. We present a new key establishment scheme, and show a link between certain k-time signatures and certain key establishment schemes. We look at the other applications of hash structures, and suggest areas in which our catalogue could be used for further development

Cryptographic techniques for privacy and access control in cloud-based applications

Digitization is one of the key challenges for today’s industries and society. It affects more and more business areas and also user data and, in particular, sensitive information. Due to its sensitivity, it is important to treat personal information as secure and private as possible yet enabling cloud-based software to use that information when requested by the user. In this thesis, we focus on the privacy-preserving outsourcing and sharing of data, the querying of outsourced protected data, and the usage of personal information as an access control mechanism for rating platforms, which should be protected from coercion attacks. In those three categories, we present cryptographic techniques and protocols that push the state of the art. In particular, we first present multi-client oblivious RAM (ORAM), which augments standard ORAM with selective data sharing through access control, confidentiality, and integrity. Second, we investigate on recent work in frequency-hiding order-preserving encryption and show that the state of the art misses rigorous treatment, allowing for simple attacks against the security of the existing scheme. As a remedy, we show how to fix the security definition and that the existing scheme, slightly adapted, fulfills it. Finally, we design and develop a coercion-resistant rating platform. Coercion-resistance has been dealt with mainly in the context of electronic voting yet also affects other areas of digital life such as rating platforms.Die Digitalisierung ist eine der größten Herausforderungen für Industrie und Gesellschaft. Neben vielen Geschäftsbereichen betrifft diese auch, insbesondere sensible, Nutzerdaten. Daher sollten persönliche Informationen so gut wie möglich gesichert werden. Zugleich brauchen Cloud-basierte Software-Anwendungen, die der Nutzer verwenden möchte, Zugang zu diesen Daten. Diese Dissertation fokussiert sich auf das sichere Auslagern und Teilen von Daten unter Wahrung der Privatsphäre, auf das Abfragen von geschützten, ausgelagerten Daten und auf die Nutzung persönlicher Informationen als Zugangsberechtigung für erpressungsresistente Bewertungsplattformen. Zu diesen drei Themen präsentieren wir kryptographische Techniken und Protokolle, die den Stand der Technik voran treiben. Der erste Teil stellt Multi-Client Oblivious RAM (ORAM) vor, das ORAM durch die Möglichkeit, Daten unter Wahrung von Vertraulichkeit und Integrität mit anderen Nutzern zu teilen, erweitert. Der zweite Teil befasst sich mit Freuquency-hiding Order-preserving Encryption. Wir zeigen, dass dem Stand der Technik eine formale Betrachtung fehlt, was zu Angriffen führt. Um Abhilfe zu schaffen, verbessern wir die Sicherheitsdefinition und beweisen, dass das existierende Verschlüsselungsschema diese durch minimale Änderung erfüllt. Abschließend entwickeln wir ein erpressungsresistentes Bewertungsportal. Erpressungsresistenz wurde bisher hauptsächlich im Kontext von elektronischen Wahlen betrachtet

IST Austria Thesis

Many security definitions come in two flavors: a stronger “adaptive” flavor, where the adversary can arbitrarily make various choices during the course of the attack, and a weaker “selective” flavor where the adversary must commit to some or all of their choices a-priori. For example, in the context of identity-based encryption, selective security requires the adversary to decide on the identity of the attacked party at the very beginning of the game whereas adaptive security allows the attacker to first see the master public key and some secret keys before making this choice. Often, it appears to be much easier to achieve selective security than it is to achieve adaptive security. A series of several recent works shows how to cleverly achieve adaptive security in several such scenarios including generalized selective decryption [Pan07][FJP15], constrained PRFs [FKPR14], and Yao’s garbled circuits [JW16]. Although the above works expressed vague intuition that they share a common technique, the connection was never made precise. In this work we present a new framework (published at Crypto ’17 [JKK+17a]) that connects all of these works and allows us to present them in a unified and simplified fashion. Having the framework in place, we show how to achieve adaptive security for proxy re-encryption schemes (published at PKC ’19 [FKKP19]) and provide the first adaptive security proofs for continuous group key agreement protocols (published at S&P ’21 [KPW+21]). Questioning optimality of our framework, we then show that currently used proof techniques cannot lead to significantly better security guarantees for "graph-building" games (published at TCC ’21 [KKPW21a]). These games cover generalized selective decryption, as well as the security of prominent constructions for constrained PRFs, continuous group key agreement, and proxy re-encryption. Finally, we revisit the adaptive security of Yao’s garbled circuits and extend the analysis of Jafargholi and Wichs in two directions: While they prove adaptive security only for a modified construction with increased online complexity, we provide the first positive results for the original construction by Yao (published at TCC ’21 [KKP21a]). On the negative side, we prove that the results of Jafargholi and Wichs are essentially optimal by showing that no black-box reduction can provide a significantly better security bound (published at Crypto ’21 [KKPW21c])