Authenticated Range \& Closest Point Queries in Zero-Knowledge

We present an efficient method for answering one-dimensional range and closest-point queries in a verifiable and privacy-preserving manner. We consider a model where a data owner outsources a dataset of key-value pairs to a server, who answers range and closest-point queries issued by a client and provides proofs of the answers. The client verifies the correctness of the answers while learning nothing about the dataset besides the answers to the current and previous queries. Our work yields for the first time a zero-knowledge privacy assurance to authenticated range and closest-point queries. Previous work leaked the size of the dataset and used an inefficient proof protocol. Our construction is based on hierarchical identity-based encryption. We prove its security and analyze its efficiency both theoretically and with experiments.

[1]  Mario Di Raimondo,et al.  Zero-Knowledge Sets With Short Proofs , 2008, IEEE Transactions on Information Theory.

[2]  Elisa Bertino,et al.  Leakage-free redactable signatures , 2012, CODASPY '12.

[3]  Moni Naor,et al.  Primary-Secondary-Resolver Membership Proof Systems , 2015, TCC.

[4]  Abhi Shelat,et al.  Computing on Authenticated Data , 2012, Journal of Cryptology.

[5]  Elaine Shi,et al.  Multi-Dimensional Range Query over Encrypted Data , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[6]  Rafail Ostrovsky,et al.  Efficient Consistency Proofs for Generalized Queries on a Committed Database , 2004, ICALP.

[7]  Zhiwei Wang Improvement on Ahn et al.'s RSA P-Homomorphic Signature Scheme , 2012, SecureComm.

[8]  Tal Malkin,et al.  Mercurial Commitments with Applications to Zero-Knowledge Sets , 2005, Journal of Cryptology.

[9]  Roberto Tamassia,et al.  Optimal Verification of Operations on Dynamic Sets , 2011, CRYPTO.

[10]  Moni Naor,et al.  Revocation and Tracing Schemes for Stateless Receivers , 2001, CRYPTO.

[11]  Peter Steenkiste,et al.  Exploiting Hierarchical Identity-Based Encryption for Access Control to Pervasive Computing Information , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[12]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[13]  Elisa Bertino,et al.  Structural signatures for tree data structures , 2008, Proc. VLDB Endow..

[14]  Craig Gentry,et al.  Hierarchical ID-Based Cryptography , 2002, ASIACRYPT.

[15]  Stefan Katzenbeisser,et al.  Redactable Signatures for Tree-Structured Data: Definitions and Constructions , 2010, ACNS.

[16]  Michael Gertz,et al.  Authentic Third-party Data Publication , 2000, DBSec.

[17]  Roberto Tamassia,et al.  Zero-Knowledge Authenticated Order Queries and Order Statistics on a List , 2015, ACNS.

[18]  Michael T. Goodrich,et al.  Fully-Dynamic Verifiable Zero-Knowledge Order Queries for Network Data , 2015, IACR Cryptol. ePrint Arch..

[19]  Alex X. Liu,et al.  This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination. IEEE/ACM TRANSACTIONS ON NETWORKING 1 Privacy- and Integrity-Preserving Range Queries in Sensor Networks , 2022 .

[20]  Dan Boneh,et al.  Hierarchical Identity Based Encryption with Constant Size Ciphertext , 2005, EUROCRYPT.

[21]  Gene Tsudik,et al.  A Privacy-Preserving Index for Range Queries , 2004, VLDB.

[22]  CHATLA. LEELA SHANKAR,et al.  Privacy-and Integrity-Preserving Range Queries in Sensor Networks , 2014 .

[23]  Moti Yung,et al.  Concise Mercurial Vector Commitments and Independent Zero-Knowledge Sets with Short Proofs , 2010, TCC.

[24]  Bo Sheng,et al.  Verifiable Privacy-Preserving Range Query in Two-Tiered Sensor Networks , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[25]  Feifei Li,et al.  Dynamic authenticated index structures for outsourced databases , 2006, SIGMOD Conference.

[26]  Stavros Papadopoulos,et al.  Taking Authenticated Range Queries to Arbitrary Dimensions , 2014, CCS.

[27]  Jia Xu,et al.  Short Redactable Signatures Using Random Trees , 2009, CT-RSA.

[28]  Roberto Tamassia,et al.  Zero-Knowledge Accumulators and Set Operations , 2015, IACR Cryptol. ePrint Arch..

[29]  Thomas Peters,et al.  Computing on Authenticated Data: New Privacy Definitions and Constructions , 2012, ASIACRYPT.

[30]  Ernest F. Brickell,et al.  Gradual and Verifiable Release of a Secret , 1987, CRYPTO.

[31]  Silvio Micali,et al.  Zero-knowledge sets , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[32]  Moni Naor,et al.  NSEC5: Provably Preventing DNSSEC Zone Enumeration , 2014, NDSS.

[33]  Roberto Tamassia,et al.  Authenticated Data Structures , 2003, ESA.