A General Model for Authenticated Data Structures

Abstract Query answers from on-line databases can easily be corrupted by hackers or malicious database publishers. Thus it is important to provide mechanisms which allow clients to trust the results from on-line queries. Authentic publication allows untrusted publishers to answer securely queries from clients on behalf of trusted off-line data owners. Publishers validate answers using hard-to-forge verification objects VOs), which clients can check efficiently. This approach provides greater scalability, by making it easy to add more publishers, and better security, since on-line publishers do not need to be trusted. To make authentic publication attractive, it is important for the VOs to be small, efficient to compute, and efficient to verify. This has lead researchers to develop independently several different schemes for efficient VO computation based on specific data structures. Our goal is to develop a unifying framework for these disparate results, leading to a generalized security result. In this paper we characterize a broad class of data structures which we call Search DAGs, and we develop a generalized algorithm for the construction of VOs for Search DAGs. We prove that the VOs thus constructed are secure, and that they are efficient to compute and verify. We demonstrate how this approach easily captures existing work on simple structures such as binary trees, multi-dimensional range trees, tries, and skip lists. Once these are shown to be Search DAGs, the requisite security and efficiency results immediately follow from our general theorems. Going further, we also use Search DAGs to produce and prove the security of authenticated versions of two complex data models for efficient multi-dimensional range searches. This allows efficient VOs to be computed (size O(log N + T)) for typical one- and two-dimensional range queries, where the query answer is of size T and the database is of size N. We also show I/O-efficient schemes to construct the VOs. For a system with disk blocks of size B, we answer one-dimensional and three-sided range queries and compute the VOs with O(logB N + T/B) I/O operations using linear size data structures.

[1]  Dan E. Willard,et al.  New Data Structures for Orthogonal Range Queries , 1985, SIAM J. Comput..

[2]  Michael Gertz,et al.  Flexible authentication of XML documents , 2001, CCS '01.

[3]  Jeffrey Scott Vitter,et al.  On two-dimensional indexability and optimal range search indexing , 1999, PODS '99.

[4]  William Pugh,et al.  Skip Lists: A Probabilistic Alternative to Balanced Trees , 1989, WADS.

[5]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[6]  Premkumar T. Devanbu,et al.  Stack and queue integrity on hostile platforms , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[7]  Konstantin V. Shvachko,et al.  Different Modifications of Pointer Machines and Their Computational Power , 1991, MFCS.

[8]  Mary Baker,et al.  Secure History Preservation Through Timeline Entanglement , 2002, USENIX Security Symposium.

[9]  David Thomas,et al.  The Art in Computer Programming , 2001 .

[10]  Arnold Schönhage,et al.  Storage Modification Machines , 1979, SIAM J. Comput..

[11]  M. V. Kreveld Computational Geometry , 2000, Springer Berlin Heidelberg.

[12]  V. A. Uspenski,et al.  On the Definition of an Algorithm , 1963 .

[13]  Dan Gusfield,et al.  Algorithms on Strings, Trees, and Sequences - Computer Science and Computational Biology , 1997 .

[14]  Michael T. Goodrich,et al.  Persistent Authenticated Dictionaries and Their Applications , 2001, ISC.

[15]  Michael T. Goodrich,et al.  Education forum: Web Enhanced Textbooks , 1998, SIGA.

[16]  Ralph C. Merkle,et al.  Protocols for Public Key Cryptosystems , 1980, 1980 IEEE Symposium on Security and Privacy.

[17]  Leonidas J. Guibas,et al.  Fractional cascading: I. A data structuring technique , 1986, Algorithmica.

[18]  Sridhar Ramaswamy,et al.  Indexing for Data Models with Constraints and Classes , 1996, J. Comput. Syst. Sci..

[19]  Amir M. Ben-Amram,et al.  What is a “pointer machine”? , 1995, SIGA.

[20]  Michael T. Goodrich,et al.  Implementation of an authenticated dictionary with skip lists and commutative hashing , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[21]  Stuart Haber,et al.  How to time-stamp a digital document , 1990, Journal of Cryptology.

[22]  Dan Gusfield,et al.  Algorithms on strings , 1997 .

[23]  Michael T. Goodrich,et al.  Authenticated Data Structures for Graph and Geometric Searching , 2003, CT-RSA.

[24]  Donald E. Knuth,et al.  The art of computer programming: V.1.: Fundamental algorithms , 1997 .

[25]  Donald E. Knuth The art of computer programming: fundamental algorithms , 1969 .

[26]  Peeter Laud,et al.  Eliminating Counterevidence with Applications to Accountable Certificate Management , 2002, J. Comput. Secur..

[27]  Moni Naor,et al.  Certificate revocation and certificate update , 1998, IEEE Journal on Selected Areas in Communications.

[28]  Michael Gertz,et al.  Authentic Third-party Data Publication , 2000, DBSec.