2018-03-07
AUTHORSChristian Badertscher , Ueli Maurer
ABSTRACTThe security of data outsourcing mechanisms has become a crucial aspect of today’s IT infrastructures and they are the cryptographic foundations of real-world applications. The very fundamental goals are ensuring storage integrity and auditability, confidentiality, and access pattern hiding, as well as combinations of all of them. Despite sharing a common setting, security analyses of these tasks are often performed in a stand-alone fashion expressed in different models, which makes it hard to assess the overall security of a protocol or application involving several security schemes at once. In this work, we fill this gap and propose a composable framework suitable to capture various aspects of outsourced storage security and its applications. We instantiate the basic client-server setting in this model, where the goal of the honest client is to retain security in the presence of a malicious server. Three specific contributions of this paper are:We present a novel definition for secure and robust outsourcing schemes and underline why this is needed in practice. Our definition is stronger than previous definitions for oblivious RAM or software protection in that it assures strong security guarantees against active attacks. Schemes meeting the definition not only assure that an attacker cannot learn the access pattern, but guarantee resilience to errors and the prevention of targeted attacks to specific locations. Unfortunately, several existing schemes cannot achieve this high level of security. For completeness, we provide a protocol based on Path ORAM that showcases that stronger security is actually achievable.We present a novel definition for auditable storage, capturing the guarantee that a successful audit implies that the current server state allows the client to retrieve his data. We develop an audit mechanism, based on secure and robust outsourcing schemes, that is similar to the construction by Cash et al. (Eurocrpyt 2013), but is universally composable and fault-tolerant.We revisit the security claim of a widely-used challenge-response audit mechanism, in which the server has to compute a hash H(F||c) on the file F concatenated with a uniformly random challenge c chosen by the client. Being concerned with composable security, we prove that this audit mechanism is not secure, even in the random oracle model, without additional assumptions. The composable security of this basic audit scheme was implicitly assumed in Ristenpart et al. (Eurocrypt 2011). To complete the picture, we state the additional assumptions for this audit mechanism to be provably secure and discuss the implication on practical security. More... »
PAGES354-373
Topics in Cryptology – CT-RSA 2018
ISBN
978-3-319-76952-3
978-3-319-76953-0
http://scigraph.springernature.com/pub.10.1007/978-3-319-76953-0_19
DOIhttp://dx.doi.org/10.1007/978-3-319-76953-0_19
DIMENSIONShttps://app.dimensions.ai/details/publication/pub.1101436379
JSON-LD is the canonical representation for SciGraph data.
TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT
[
{
"@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json",
"about": [
{
"id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08",
"inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/",
"name": "Information and Computing Sciences",
"type": "DefinedTerm"
},
{
"id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0803",
"inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/",
"name": "Computer Software",
"type": "DefinedTerm"
},
{
"id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0804",
"inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/",
"name": "Data Format",
"type": "DefinedTerm"
}
],
"author": [
{
"affiliation": {
"alternateName": "Department of Computer Science, ETH Z\u00fcrich, Z\u00fcrich, Switzerland",
"id": "http://www.grid.ac/institutes/grid.5801.c",
"name": [
"Department of Computer Science, ETH Z\u00fcrich, Z\u00fcrich, Switzerland"
],
"type": "Organization"
},
"familyName": "Badertscher",
"givenName": "Christian",
"id": "sg:person.010232721040.24",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010232721040.24"
],
"type": "Person"
},
{
"affiliation": {
"alternateName": "Department of Computer Science, ETH Z\u00fcrich, Z\u00fcrich, Switzerland",
"id": "http://www.grid.ac/institutes/grid.5801.c",
"name": [
"Department of Computer Science, ETH Z\u00fcrich, Z\u00fcrich, Switzerland"
],
"type": "Organization"
},
"familyName": "Maurer",
"givenName": "Ueli",
"id": "sg:person.01316567627.91",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01316567627.91"
],
"type": "Person"
}
],
"datePublished": "2018-03-07",
"datePublishedReg": "2018-03-07",
"description": "The security of data outsourcing mechanisms has become a crucial aspect of today\u2019s IT infrastructures and they are the cryptographic foundations of real-world applications. The very fundamental goals are ensuring storage integrity and auditability, confidentiality, and access pattern hiding, as well as combinations of all of them. Despite sharing a common setting, security analyses of these tasks are often performed in a stand-alone fashion expressed in different models, which makes it hard to assess the overall security of a protocol or application involving several security schemes at once. In this work, we fill this gap and propose a composable framework suitable to capture various aspects of outsourced storage security and its applications. We instantiate the basic client-server setting in this model, where the goal of the honest client is to retain security in the presence of a malicious server. Three specific contributions of this paper are:We present a novel definition for secure and robust outsourcing schemes and underline why this is needed in practice. Our definition is stronger than previous definitions for oblivious RAM or software protection in that it assures strong security guarantees against active attacks. Schemes meeting the definition not only assure that an attacker cannot learn the access pattern, but guarantee resilience to errors and the prevention of targeted attacks to specific locations. Unfortunately, several existing schemes cannot achieve this high level of security. For completeness, we provide a protocol based on Path ORAM that showcases that stronger security is actually achievable.We present a novel definition for auditable storage, capturing the guarantee that a successful audit implies that the current server state allows the client to retrieve his data. We develop an audit mechanism, based on secure and robust outsourcing schemes, that is similar to the construction by Cash et al. (Eurocrpyt 2013), but is universally composable and fault-tolerant.We revisit the security claim of a widely-used challenge-response audit mechanism, in which the server has to compute a hash H(F||c) on the file F concatenated with a uniformly random challenge c chosen by the client. Being concerned with composable security, we prove that this audit mechanism is not secure, even in the random oracle model, without additional assumptions. The composable security of this basic audit scheme was implicitly assumed in Ristenpart et al. (Eurocrypt 2011). To complete the picture, we state the additional assumptions for this audit mechanism to be provably secure and discuss the implication on practical security.",
"editor": [
{
"familyName": "Smart",
"givenName": "Nigel P.",
"type": "Person"
}
],
"genre": "chapter",
"id": "sg:pub.10.1007/978-3-319-76953-0_19",
"inLanguage": "en",
"isAccessibleForFree": false,
"isPartOf": {
"isbn": [
"978-3-319-76952-3",
"978-3-319-76953-0"
],
"name": "Topics in Cryptology \u2013 CT-RSA 2018",
"type": "Book"
},
"keywords": [
"outsourcing scheme",
"access patterns",
"audit mechanism",
"composable security",
"client-server setting",
"strong security guarantees",
"random oracle model",
"real-world applications",
"Cash et al",
"outsourced storage",
"stand-alone fashion",
"malicious servers",
"honest client",
"software protection",
"strong security",
"outsourcing mechanism",
"Oblivious RAM",
"security analysis",
"cryptographic foundations",
"overall security",
"composable framework",
"security scheme",
"active attacks",
"security guarantees",
"Path ORAM",
"oracle model",
"novel definition",
"storage security",
"practical security",
"file F",
"security claims",
"security",
"server state",
"server",
"storage integrity",
"guarantees",
"scheme",
"clients",
"attacks",
"hash",
"attacker",
"auditability",
"crucial aspect",
"applications",
"confidentiality",
"fundamental goal",
"ORAM",
"Audit Scheme",
"protocol",
"common setting",
"task",
"previous definitions",
"specific locations",
"goal",
"different models",
"definition",
"storage",
"framework",
"showcase",
"model",
"rams",
"completeness",
"error",
"aspects",
"today",
"et al",
"work",
"successful audit",
"assumption",
"foundation",
"data",
"fashion",
"construction",
"location",
"setting",
"additional assumptions",
"resilience",
"integrity",
"specific contribution",
"patterns",
"mechanism",
"protection",
"state",
"gap",
"picture",
"contribution",
"combination",
"practice",
"audit",
"analysis",
"high levels",
"claims",
"al",
"levels",
"underlines",
"implications",
"prevention",
"presence",
"paper"
],
"name": "Composable and Robust Outsourced Storage",
"pagination": "354-373",
"productId": [
{
"name": "dimensions_id",
"type": "PropertyValue",
"value": [
"pub.1101436379"
]
},
{
"name": "doi",
"type": "PropertyValue",
"value": [
"10.1007/978-3-319-76953-0_19"
]
}
],
"publisher": {
"name": "Springer Nature",
"type": "Organisation"
},
"sameAs": [
"https://doi.org/10.1007/978-3-319-76953-0_19",
"https://app.dimensions.ai/details/publication/pub.1101436379"
],
"sdDataset": "chapters",
"sdDatePublished": "2022-05-20T07:47",
"sdLicense": "https://scigraph.springernature.com/explorer/license/",
"sdPublisher": {
"name": "Springer Nature - SN SciGraph project",
"type": "Organization"
},
"sdSource": "s3://com-springernature-scigraph/baseset/20220519/entities/gbq_results/chapter/chapter_376.jsonl",
"type": "Chapter",
"url": "https://doi.org/10.1007/978-3-319-76953-0_19"
}
]Download the RDF metadata as: json-ld nt turtle xml License info
JSON-LD is a popular format for linked data which is fully compatible with JSON.
curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-76953-0_19'
N-Triples is a line-based linked data format ideal for batch operations.
curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-76953-0_19'
Turtle is a human-readable linked data format.
curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-76953-0_19'
RDF/XML is a standard XML format for linked data.
curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-76953-0_19'
This table displays all metadata directly associated to this object as RDF triples.
170 TRIPLES
23 PREDICATES
125 URIs
117 LITERALS
7 BLANK NODES
| Subject | Predicate | Object | |
|---|---|---|---|
| 1 | sg:pub.10.1007/978-3-319-76953-0_19 | schema:about | anzsrc-for:08 |
| 2 | ″ | ″ | anzsrc-for:0803 |
| 3 | ″ | ″ | anzsrc-for:0804 |
| 4 | ″ | schema:author | Nef827b37e22e4a70962e3d7d60099a79 |
| 5 | ″ | schema:datePublished | 2018-03-07 |
| 6 | ″ | schema:datePublishedReg | 2018-03-07 |
| 7 | ″ | schema:description | The security of data outsourcing mechanisms has become a crucial aspect of today’s IT infrastructures and they are the cryptographic foundations of real-world applications. The very fundamental goals are ensuring storage integrity and auditability, confidentiality, and access pattern hiding, as well as combinations of all of them. Despite sharing a common setting, security analyses of these tasks are often performed in a stand-alone fashion expressed in different models, which makes it hard to assess the overall security of a protocol or application involving several security schemes at once. In this work, we fill this gap and propose a composable framework suitable to capture various aspects of outsourced storage security and its applications. We instantiate the basic client-server setting in this model, where the goal of the honest client is to retain security in the presence of a malicious server. Three specific contributions of this paper are:We present a novel definition for secure and robust outsourcing schemes and underline why this is needed in practice. Our definition is stronger than previous definitions for oblivious RAM or software protection in that it assures strong security guarantees against active attacks. Schemes meeting the definition not only assure that an attacker cannot learn the access pattern, but guarantee resilience to errors and the prevention of targeted attacks to specific locations. Unfortunately, several existing schemes cannot achieve this high level of security. For completeness, we provide a protocol based on Path ORAM that showcases that stronger security is actually achievable.We present a novel definition for auditable storage, capturing the guarantee that a successful audit implies that the current server state allows the client to retrieve his data. We develop an audit mechanism, based on secure and robust outsourcing schemes, that is similar to the construction by Cash et al. (Eurocrpyt 2013), but is universally composable and fault-tolerant.We revisit the security claim of a widely-used challenge-response audit mechanism, in which the server has to compute a hash H(F||c) on the file F concatenated with a uniformly random challenge c chosen by the client. Being concerned with composable security, we prove that this audit mechanism is not secure, even in the random oracle model, without additional assumptions. The composable security of this basic audit scheme was implicitly assumed in Ristenpart et al. (Eurocrypt 2011). To complete the picture, we state the additional assumptions for this audit mechanism to be provably secure and discuss the implication on practical security. |
| 8 | ″ | schema:editor | Na331b2e09fd34622a8d9680199e870cc |
| 9 | ″ | schema:genre | chapter |
| 10 | ″ | schema:inLanguage | en |
| 11 | ″ | schema:isAccessibleForFree | false |
| 12 | ″ | schema:isPartOf | N4aab594644744897baec52a9da9f1d6b |
| 13 | ″ | schema:keywords | Audit Scheme |
| 14 | ″ | ″ | Cash et al |
| 15 | ″ | ″ | ORAM |
| 16 | ″ | ″ | Oblivious RAM |
| 17 | ″ | ″ | Path ORAM |
| 18 | ″ | ″ | access patterns |
| 19 | ″ | ″ | active attacks |
| 20 | ″ | ″ | additional assumptions |
| 21 | ″ | ″ | al |
| 22 | ″ | ″ | analysis |
| 23 | ″ | ″ | applications |
| 24 | ″ | ″ | aspects |
| 25 | ″ | ″ | assumption |
| 26 | ″ | ″ | attacker |
| 27 | ″ | ″ | attacks |
| 28 | ″ | ″ | audit |
| 29 | ″ | ″ | audit mechanism |
| 30 | ″ | ″ | auditability |
| 31 | ″ | ″ | claims |
| 32 | ″ | ″ | client-server setting |
| 33 | ″ | ″ | clients |
| 34 | ″ | ″ | combination |
| 35 | ″ | ″ | common setting |
| 36 | ″ | ″ | completeness |
| 37 | ″ | ″ | composable framework |
| 38 | ″ | ″ | composable security |
| 39 | ″ | ″ | confidentiality |
| 40 | ″ | ″ | construction |
| 41 | ″ | ″ | contribution |
| 42 | ″ | ″ | crucial aspect |
| 43 | ″ | ″ | cryptographic foundations |
| 44 | ″ | ″ | data |
| 45 | ″ | ″ | definition |
| 46 | ″ | ″ | different models |
| 47 | ″ | ″ | error |
| 48 | ″ | ″ | et al |
| 49 | ″ | ″ | fashion |
| 50 | ″ | ″ | file F |
| 51 | ″ | ″ | foundation |
| 52 | ″ | ″ | framework |
| 53 | ″ | ″ | fundamental goal |
| 54 | ″ | ″ | gap |
| 55 | ″ | ″ | goal |
| 56 | ″ | ″ | guarantees |
| 57 | ″ | ″ | hash |
| 58 | ″ | ″ | high levels |
| 59 | ″ | ″ | honest client |
| 60 | ″ | ″ | implications |
| 61 | ″ | ″ | integrity |
| 62 | ″ | ″ | levels |
| 63 | ″ | ″ | location |
| 64 | ″ | ″ | malicious servers |
| 65 | ″ | ″ | mechanism |
| 66 | ″ | ″ | model |
| 67 | ″ | ″ | novel definition |
| 68 | ″ | ″ | oracle model |
| 69 | ″ | ″ | outsourced storage |
| 70 | ″ | ″ | outsourcing mechanism |
| 71 | ″ | ″ | outsourcing scheme |
| 72 | ″ | ″ | overall security |
| 73 | ″ | ″ | paper |
| 74 | ″ | ″ | patterns |
| 75 | ″ | ″ | picture |
| 76 | ″ | ″ | practical security |
| 77 | ″ | ″ | practice |
| 78 | ″ | ″ | presence |
| 79 | ″ | ″ | prevention |
| 80 | ″ | ″ | previous definitions |
| 81 | ″ | ″ | protection |
| 82 | ″ | ″ | protocol |
| 83 | ″ | ″ | rams |
| 84 | ″ | ″ | random oracle model |
| 85 | ″ | ″ | real-world applications |
| 86 | ″ | ″ | resilience |
| 87 | ″ | ″ | scheme |
| 88 | ″ | ″ | security |
| 89 | ″ | ″ | security analysis |
| 90 | ″ | ″ | security claims |
| 91 | ″ | ″ | security guarantees |
| 92 | ″ | ″ | security scheme |
| 93 | ″ | ″ | server |
| 94 | ″ | ″ | server state |
| 95 | ″ | ″ | setting |
| 96 | ″ | ″ | showcase |
| 97 | ″ | ″ | software protection |
| 98 | ″ | ″ | specific contribution |
| 99 | ″ | ″ | specific locations |
| 100 | ″ | ″ | stand-alone fashion |
| 101 | ″ | ″ | state |
| 102 | ″ | ″ | storage |
| 103 | ″ | ″ | storage integrity |
| 104 | ″ | ″ | storage security |
| 105 | ″ | ″ | strong security |
| 106 | ″ | ″ | strong security guarantees |
| 107 | ″ | ″ | successful audit |
| 108 | ″ | ″ | task |
| 109 | ″ | ″ | today |
| 110 | ″ | ″ | underlines |
| 111 | ″ | ″ | work |
| 112 | ″ | schema:name | Composable and Robust Outsourced Storage |
| 113 | ″ | schema:pagination | 354-373 |
| 114 | ″ | schema:productId | Nbf40712bba79430f81614ff0606807e7 |
| 115 | ″ | ″ | Nc6e56029f734458c8dab60fa56d2dbfa |
| 116 | ″ | schema:publisher | Na2e98243d8c74b44a1888bd72d34abd7 |
| 117 | ″ | schema:sameAs | https://app.dimensions.ai/details/publication/pub.1101436379 |
| 118 | ″ | ″ | https://doi.org/10.1007/978-3-319-76953-0_19 |
| 119 | ″ | schema:sdDatePublished | 2022-05-20T07:47 |
| 120 | ″ | schema:sdLicense | https://scigraph.springernature.com/explorer/license/ |
| 121 | ″ | schema:sdPublisher | N04ec8dc0da724db6abbb8424087b2454 |
| 122 | ″ | schema:url | https://doi.org/10.1007/978-3-319-76953-0_19 |
| 123 | ″ | sgo:license | sg:explorer/license/ |
| 124 | ″ | sgo:sdDataset | chapters |
| 125 | ″ | rdf:type | schema:Chapter |
| 126 | N04ec8dc0da724db6abbb8424087b2454 | schema:name | Springer Nature - SN SciGraph project |
| 127 | ″ | rdf:type | schema:Organization |
| 128 | N4a334d4465844e00865aa29ab4ff37b2 | schema:familyName | Smart |
| 129 | ″ | schema:givenName | Nigel P. |
| 130 | ″ | rdf:type | schema:Person |
| 131 | N4aab594644744897baec52a9da9f1d6b | schema:isbn | 978-3-319-76952-3 |
| 132 | ″ | ″ | 978-3-319-76953-0 |
| 133 | ″ | schema:name | Topics in Cryptology – CT-RSA 2018 |
| 134 | ″ | rdf:type | schema:Book |
| 135 | Na2e98243d8c74b44a1888bd72d34abd7 | schema:name | Springer Nature |
| 136 | ″ | rdf:type | schema:Organisation |
| 137 | Na331b2e09fd34622a8d9680199e870cc | rdf:first | N4a334d4465844e00865aa29ab4ff37b2 |
| 138 | ″ | rdf:rest | rdf:nil |
| 139 | Nbf40712bba79430f81614ff0606807e7 | schema:name | doi |
| 140 | ″ | schema:value | 10.1007/978-3-319-76953-0_19 |
| 141 | ″ | rdf:type | schema:PropertyValue |
| 142 | Nc6e56029f734458c8dab60fa56d2dbfa | schema:name | dimensions_id |
| 143 | ″ | schema:value | pub.1101436379 |
| 144 | ″ | rdf:type | schema:PropertyValue |
| 145 | Nccd4c3ffb68a48bf87937cb389cd33c6 | rdf:first | sg:person.01316567627.91 |
| 146 | ″ | rdf:rest | rdf:nil |
| 147 | Nef827b37e22e4a70962e3d7d60099a79 | rdf:first | sg:person.010232721040.24 |
| 148 | ″ | rdf:rest | Nccd4c3ffb68a48bf87937cb389cd33c6 |
| 149 | anzsrc-for:08 | schema:inDefinedTermSet | anzsrc-for: |
| 150 | ″ | schema:name | Information and Computing Sciences |
| 151 | ″ | rdf:type | schema:DefinedTerm |
| 152 | anzsrc-for:0803 | schema:inDefinedTermSet | anzsrc-for: |
| 153 | ″ | schema:name | Computer Software |
| 154 | ″ | rdf:type | schema:DefinedTerm |
| 155 | anzsrc-for:0804 | schema:inDefinedTermSet | anzsrc-for: |
| 156 | ″ | schema:name | Data Format |
| 157 | ″ | rdf:type | schema:DefinedTerm |
| 158 | sg:person.010232721040.24 | schema:affiliation | grid-institutes:grid.5801.c |
| 159 | ″ | schema:familyName | Badertscher |
| 160 | ″ | schema:givenName | Christian |
| 161 | ″ | schema:sameAs | https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010232721040.24 |
| 162 | ″ | rdf:type | schema:Person |
| 163 | sg:person.01316567627.91 | schema:affiliation | grid-institutes:grid.5801.c |
| 164 | ″ | schema:familyName | Maurer |
| 165 | ″ | schema:givenName | Ueli |
| 166 | ″ | schema:sameAs | https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01316567627.91 |
| 167 | ″ | rdf:type | schema:Person |
| 168 | grid-institutes:grid.5801.c | schema:alternateName | Department of Computer Science, ETH Zürich, Zürich, Switzerland |
| 169 | ″ | schema:name | Department of Computer Science, ETH Zürich, Zürich, Switzerland |
| 170 | ″ | rdf:type | schema:Organization |