Efficient Leakage-free Authentication of Trees, Graphs and Forests

Leakage-free authentication of trees and graphs have been studied in the literature. Such schemes have several practical applications especially in the cloud computing area. In this paper, we propose an authentication scheme that computes only one signature (optimal). Our scheme is not only super-efficient in the number of signatures it computes and in its runtime, but also is highly versatile – it can be applied not only to trees, but also to graphs and forests (disconnected trees and graphs). While achieving such efficiency and versatility, we must also mention that our scheme achieves the desired security – leakage-free authentication of data objects represented as trees, graphs and forests. This is achieved by another novel scheme that we have proposed in this paper – a secure naming scheme for nodes of such data structures. Such a scheme assigns "secure names" to nodes such that these secure names can be used to verify the order between the nodes efficiently without leaking information about other nodes. As far as we know, our scheme is the first such scheme in literature that is optimal in its efficiency, supports two important security concerns – authenticity and leakage-free (privacy-preserving/confidentiality), and is versatile in its applicability as it is to trees, graphs as well as forests. We have carried out complexity as well as experimental analysis of this scheme that corroborates its performance.

[1]  Elisa Bertino,et al.  How to authenticate graphs without leaking , 2010, EDBT '10.

[2]  Dawn Xiaodong Song,et al.  Homomorphic Signature Schemes , 2002, CT-RSA.

[3]  Stefan Katzenbeisser,et al.  Redactable Signatures for Tree-Structured Data: Definitions and Constructions , 2010, ACNS.

[4]  Jonathan Katz,et al.  Introduction to Modern Cryptography: Principles and Protocols , 2007 .

[5]  Ran Canetti,et al.  Perfectly one-way probabilistic hash functions (preliminary version) , 1998, STOC '98.

[6]  Michael Gertz,et al.  Flexible authentication of XML documents , 2001, CCS '01.

[7]  Hovav Shacham,et al.  Aggregate and Verifiably Encrypted Signatures from Bilinear Maps , 2003, EUROCRYPT.

[8]  Michael Gertz,et al.  A General Model for Authenticated Data Structures , 2004, Algorithmica.

[9]  Hakan Hacigümüs,et al.  Providing database as a service , 2002, Proceedings 18th International Conference on Data Engineering.

[10]  Sven Laur,et al.  Knowledge-Binding Commitments with Applications in Time-Stamping , 2007, Public Key Cryptography.

[11]  Elisa Bertino,et al.  Selective and authentic third-party distribution of XML documents , 2004, IEEE Transactions on Knowledge and Data Engineering.

[12]  Kian-Lee Tan,et al.  Verifying Completeness of Relational Query Answers from Online Servers , 2008, TSEC.

[13]  Gene Tsudik,et al.  Authentication and integrity in outsourced databases , 2006, TOS.

[14]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[15]  Joachim Posegga,et al.  On Structural Signatures for Tree Data Structures , 2012, ACNS.

[16]  Randy H. Katz,et al.  Above the Clouds: A Berkeley View of Cloud Computing , 2009 .