Composable and Robust Outsourced Storage View Full Text


Ontology type: schema:Chapter     


Chapter Info

DATE

2018-03-07

AUTHORS

Christian Badertscher , Ueli Maurer

ABSTRACT

The security of data outsourcing mechanisms has become a crucial aspect of today’s IT infrastructures and they are the cryptographic foundations of real-world applications. The very fundamental goals are ensuring storage integrity and auditability, confidentiality, and access pattern hiding, as well as combinations of all of them. Despite sharing a common setting, security analyses of these tasks are often performed in a stand-alone fashion expressed in different models, which makes it hard to assess the overall security of a protocol or application involving several security schemes at once. In this work, we fill this gap and propose a composable framework suitable to capture various aspects of outsourced storage security and its applications. We instantiate the basic client-server setting in this model, where the goal of the honest client is to retain security in the presence of a malicious server. Three specific contributions of this paper are:We present a novel definition for secure and robust outsourcing schemes and underline why this is needed in practice. Our definition is stronger than previous definitions for oblivious RAM or software protection in that it assures strong security guarantees against active attacks. Schemes meeting the definition not only assure that an attacker cannot learn the access pattern, but guarantee resilience to errors and the prevention of targeted attacks to specific locations. Unfortunately, several existing schemes cannot achieve this high level of security. For completeness, we provide a protocol based on Path ORAM that showcases that stronger security is actually achievable.We present a novel definition for auditable storage, capturing the guarantee that a successful audit implies that the current server state allows the client to retrieve his data. We develop an audit mechanism, based on secure and robust outsourcing schemes, that is similar to the construction by Cash et al. (Eurocrpyt 2013), but is universally composable and fault-tolerant.We revisit the security claim of a widely-used challenge-response audit mechanism, in which the server has to compute a hash H(F||c) on the file F concatenated with a uniformly random challenge c chosen by the client. Being concerned with composable security, we prove that this audit mechanism is not secure, even in the random oracle model, without additional assumptions. The composable security of this basic audit scheme was implicitly assumed in Ristenpart et al. (Eurocrypt 2011). To complete the picture, we state the additional assumptions for this audit mechanism to be provably secure and discuss the implication on practical security. More... »

PAGES

354-373

Book

TITLE

Topics in Cryptology – CT-RSA 2018

ISBN

978-3-319-76952-3
978-3-319-76953-0

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-319-76953-0_19

DOI

http://dx.doi.org/10.1007/978-3-319-76953-0_19

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1101436379


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0803", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Computer Software", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0804", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Data Format", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "Department of Computer Science, ETH Z\u00fcrich, Z\u00fcrich, Switzerland", 
          "id": "http://www.grid.ac/institutes/grid.5801.c", 
          "name": [
            "Department of Computer Science, ETH Z\u00fcrich, Z\u00fcrich, Switzerland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Badertscher", 
        "givenName": "Christian", 
        "id": "sg:person.010232721040.24", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010232721040.24"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Department of Computer Science, ETH Z\u00fcrich, Z\u00fcrich, Switzerland", 
          "id": "http://www.grid.ac/institutes/grid.5801.c", 
          "name": [
            "Department of Computer Science, ETH Z\u00fcrich, Z\u00fcrich, Switzerland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Maurer", 
        "givenName": "Ueli", 
        "id": "sg:person.01316567627.91", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01316567627.91"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2018-03-07", 
    "datePublishedReg": "2018-03-07", 
    "description": "The security of data outsourcing mechanisms has become a crucial aspect of today\u2019s IT infrastructures and they are the cryptographic foundations of real-world applications. The very fundamental goals are ensuring storage integrity and auditability, confidentiality, and access pattern hiding, as well as combinations of all of them. Despite sharing a common setting, security analyses of these tasks are often performed in a stand-alone fashion expressed in different models, which makes it hard to assess the overall security of a protocol or application involving several security schemes at once. In this work, we fill this gap and propose a composable framework suitable to capture various aspects of outsourced storage security and its applications. We instantiate the basic client-server setting in this model, where the goal of the honest client is to retain security in the presence of a malicious server. Three specific contributions of this paper are:We present a novel definition for secure and robust outsourcing schemes and underline why this is needed in practice. Our definition is stronger than previous definitions for oblivious RAM or software protection in that it assures strong security guarantees against active attacks. Schemes meeting the definition not only assure that an attacker cannot learn the access pattern, but guarantee resilience to errors and the prevention of targeted attacks to specific locations. Unfortunately, several existing schemes cannot achieve this high level of security. For completeness, we provide a protocol based on Path ORAM that showcases that stronger security is actually achievable.We present a novel definition for auditable storage, capturing the guarantee that a successful audit implies that the current server state allows the client to retrieve his data. We develop an audit mechanism, based on secure and robust outsourcing schemes, that is similar to the construction by Cash et al. (Eurocrpyt 2013), but is universally composable and fault-tolerant.We revisit the security claim of a widely-used challenge-response audit mechanism, in which the server has to compute a hash H(F||c) on the file F concatenated with a uniformly random challenge c chosen by the client. Being concerned with composable security, we prove that this audit mechanism is not secure, even in the random oracle model, without additional assumptions. The composable security of this basic audit scheme was implicitly assumed in Ristenpart et al. (Eurocrypt 2011). To complete the picture, we state the additional assumptions for this audit mechanism to be provably secure and discuss the implication on practical security.", 
    "editor": [
      {
        "familyName": "Smart", 
        "givenName": "Nigel P.", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-319-76953-0_19", 
    "inLanguage": "en", 
    "isAccessibleForFree": false, 
    "isPartOf": {
      "isbn": [
        "978-3-319-76952-3", 
        "978-3-319-76953-0"
      ], 
      "name": "Topics in Cryptology \u2013 CT-RSA 2018", 
      "type": "Book"
    }, 
    "keywords": [
      "outsourcing scheme", 
      "access patterns", 
      "audit mechanism", 
      "composable security", 
      "client-server setting", 
      "strong security guarantees", 
      "random oracle model", 
      "real-world applications", 
      "Cash et al", 
      "outsourced storage", 
      "stand-alone fashion", 
      "malicious servers", 
      "honest client", 
      "software protection", 
      "strong security", 
      "outsourcing mechanism", 
      "Oblivious RAM", 
      "security analysis", 
      "cryptographic foundations", 
      "overall security", 
      "composable framework", 
      "security scheme", 
      "active attacks", 
      "security guarantees", 
      "Path ORAM", 
      "oracle model", 
      "novel definition", 
      "storage security", 
      "practical security", 
      "file F", 
      "security claims", 
      "security", 
      "server state", 
      "server", 
      "storage integrity", 
      "guarantees", 
      "scheme", 
      "clients", 
      "attacks", 
      "hash", 
      "attacker", 
      "auditability", 
      "crucial aspect", 
      "applications", 
      "confidentiality", 
      "fundamental goal", 
      "ORAM", 
      "Audit Scheme", 
      "protocol", 
      "common setting", 
      "task", 
      "previous definitions", 
      "specific locations", 
      "goal", 
      "different models", 
      "definition", 
      "storage", 
      "framework", 
      "showcase", 
      "model", 
      "rams", 
      "completeness", 
      "error", 
      "aspects", 
      "today", 
      "et al", 
      "work", 
      "successful audit", 
      "assumption", 
      "foundation", 
      "data", 
      "fashion", 
      "construction", 
      "location", 
      "setting", 
      "additional assumptions", 
      "resilience", 
      "integrity", 
      "specific contribution", 
      "patterns", 
      "mechanism", 
      "protection", 
      "state", 
      "gap", 
      "picture", 
      "contribution", 
      "combination", 
      "practice", 
      "audit", 
      "analysis", 
      "high levels", 
      "claims", 
      "al", 
      "levels", 
      "underlines", 
      "implications", 
      "prevention", 
      "presence", 
      "paper"
    ], 
    "name": "Composable and Robust Outsourced Storage", 
    "pagination": "354-373", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1101436379"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-319-76953-0_19"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-319-76953-0_19", 
      "https://app.dimensions.ai/details/publication/pub.1101436379"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-05-20T07:47", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20220519/entities/gbq_results/chapter/chapter_376.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-319-76953-0_19"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-76953-0_19'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-76953-0_19'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-76953-0_19'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-76953-0_19'


 

This table displays all metadata directly associated to this object as RDF triples.

170 TRIPLES      23 PREDICATES      125 URIs      117 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-319-76953-0_19 schema:about anzsrc-for:08
2 anzsrc-for:0803
3 anzsrc-for:0804
4 schema:author Nef827b37e22e4a70962e3d7d60099a79
5 schema:datePublished 2018-03-07
6 schema:datePublishedReg 2018-03-07
7 schema:description The security of data outsourcing mechanisms has become a crucial aspect of today’s IT infrastructures and they are the cryptographic foundations of real-world applications. The very fundamental goals are ensuring storage integrity and auditability, confidentiality, and access pattern hiding, as well as combinations of all of them. Despite sharing a common setting, security analyses of these tasks are often performed in a stand-alone fashion expressed in different models, which makes it hard to assess the overall security of a protocol or application involving several security schemes at once. In this work, we fill this gap and propose a composable framework suitable to capture various aspects of outsourced storage security and its applications. We instantiate the basic client-server setting in this model, where the goal of the honest client is to retain security in the presence of a malicious server. Three specific contributions of this paper are:We present a novel definition for secure and robust outsourcing schemes and underline why this is needed in practice. Our definition is stronger than previous definitions for oblivious RAM or software protection in that it assures strong security guarantees against active attacks. Schemes meeting the definition not only assure that an attacker cannot learn the access pattern, but guarantee resilience to errors and the prevention of targeted attacks to specific locations. Unfortunately, several existing schemes cannot achieve this high level of security. For completeness, we provide a protocol based on Path ORAM that showcases that stronger security is actually achievable.We present a novel definition for auditable storage, capturing the guarantee that a successful audit implies that the current server state allows the client to retrieve his data. We develop an audit mechanism, based on secure and robust outsourcing schemes, that is similar to the construction by Cash et al. (Eurocrpyt 2013), but is universally composable and fault-tolerant.We revisit the security claim of a widely-used challenge-response audit mechanism, in which the server has to compute a hash H(F||c) on the file F concatenated with a uniformly random challenge c chosen by the client. Being concerned with composable security, we prove that this audit mechanism is not secure, even in the random oracle model, without additional assumptions. The composable security of this basic audit scheme was implicitly assumed in Ristenpart et al. (Eurocrypt 2011). To complete the picture, we state the additional assumptions for this audit mechanism to be provably secure and discuss the implication on practical security.
8 schema:editor Na331b2e09fd34622a8d9680199e870cc
9 schema:genre chapter
10 schema:inLanguage en
11 schema:isAccessibleForFree false
12 schema:isPartOf N4aab594644744897baec52a9da9f1d6b
13 schema:keywords Audit Scheme
14 Cash et al
15 ORAM
16 Oblivious RAM
17 Path ORAM
18 access patterns
19 active attacks
20 additional assumptions
21 al
22 analysis
23 applications
24 aspects
25 assumption
26 attacker
27 attacks
28 audit
29 audit mechanism
30 auditability
31 claims
32 client-server setting
33 clients
34 combination
35 common setting
36 completeness
37 composable framework
38 composable security
39 confidentiality
40 construction
41 contribution
42 crucial aspect
43 cryptographic foundations
44 data
45 definition
46 different models
47 error
48 et al
49 fashion
50 file F
51 foundation
52 framework
53 fundamental goal
54 gap
55 goal
56 guarantees
57 hash
58 high levels
59 honest client
60 implications
61 integrity
62 levels
63 location
64 malicious servers
65 mechanism
66 model
67 novel definition
68 oracle model
69 outsourced storage
70 outsourcing mechanism
71 outsourcing scheme
72 overall security
73 paper
74 patterns
75 picture
76 practical security
77 practice
78 presence
79 prevention
80 previous definitions
81 protection
82 protocol
83 rams
84 random oracle model
85 real-world applications
86 resilience
87 scheme
88 security
89 security analysis
90 security claims
91 security guarantees
92 security scheme
93 server
94 server state
95 setting
96 showcase
97 software protection
98 specific contribution
99 specific locations
100 stand-alone fashion
101 state
102 storage
103 storage integrity
104 storage security
105 strong security
106 strong security guarantees
107 successful audit
108 task
109 today
110 underlines
111 work
112 schema:name Composable and Robust Outsourced Storage
113 schema:pagination 354-373
114 schema:productId Nbf40712bba79430f81614ff0606807e7
115 Nc6e56029f734458c8dab60fa56d2dbfa
116 schema:publisher Na2e98243d8c74b44a1888bd72d34abd7
117 schema:sameAs https://app.dimensions.ai/details/publication/pub.1101436379
118 https://doi.org/10.1007/978-3-319-76953-0_19
119 schema:sdDatePublished 2022-05-20T07:47
120 schema:sdLicense https://scigraph.springernature.com/explorer/license/
121 schema:sdPublisher N04ec8dc0da724db6abbb8424087b2454
122 schema:url https://doi.org/10.1007/978-3-319-76953-0_19
123 sgo:license sg:explorer/license/
124 sgo:sdDataset chapters
125 rdf:type schema:Chapter
126 N04ec8dc0da724db6abbb8424087b2454 schema:name Springer Nature - SN SciGraph project
127 rdf:type schema:Organization
128 N4a334d4465844e00865aa29ab4ff37b2 schema:familyName Smart
129 schema:givenName Nigel P.
130 rdf:type schema:Person
131 N4aab594644744897baec52a9da9f1d6b schema:isbn 978-3-319-76952-3
132 978-3-319-76953-0
133 schema:name Topics in Cryptology – CT-RSA 2018
134 rdf:type schema:Book
135 Na2e98243d8c74b44a1888bd72d34abd7 schema:name Springer Nature
136 rdf:type schema:Organisation
137 Na331b2e09fd34622a8d9680199e870cc rdf:first N4a334d4465844e00865aa29ab4ff37b2
138 rdf:rest rdf:nil
139 Nbf40712bba79430f81614ff0606807e7 schema:name doi
140 schema:value 10.1007/978-3-319-76953-0_19
141 rdf:type schema:PropertyValue
142 Nc6e56029f734458c8dab60fa56d2dbfa schema:name dimensions_id
143 schema:value pub.1101436379
144 rdf:type schema:PropertyValue
145 Nccd4c3ffb68a48bf87937cb389cd33c6 rdf:first sg:person.01316567627.91
146 rdf:rest rdf:nil
147 Nef827b37e22e4a70962e3d7d60099a79 rdf:first sg:person.010232721040.24
148 rdf:rest Nccd4c3ffb68a48bf87937cb389cd33c6
149 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
150 schema:name Information and Computing Sciences
151 rdf:type schema:DefinedTerm
152 anzsrc-for:0803 schema:inDefinedTermSet anzsrc-for:
153 schema:name Computer Software
154 rdf:type schema:DefinedTerm
155 anzsrc-for:0804 schema:inDefinedTermSet anzsrc-for:
156 schema:name Data Format
157 rdf:type schema:DefinedTerm
158 sg:person.010232721040.24 schema:affiliation grid-institutes:grid.5801.c
159 schema:familyName Badertscher
160 schema:givenName Christian
161 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010232721040.24
162 rdf:type schema:Person
163 sg:person.01316567627.91 schema:affiliation grid-institutes:grid.5801.c
164 schema:familyName Maurer
165 schema:givenName Ueli
166 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01316567627.91
167 rdf:type schema:Person
168 grid-institutes:grid.5801.c schema:alternateName Department of Computer Science, ETH Zürich, Zürich, Switzerland
169 schema:name Department of Computer Science, ETH Zürich, Zürich, Switzerland
170 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...