Publicly verifiable databases with efficient insertion/deletion operations

The notion of verifiable database (VDB) enables a resource-constrained client to securely outsource a very large database to an untrusted server and the client could later retrieve a database record and update it efficiently. Meanwhile, any tampering with the database by the server will be detected by the client. We argue that all existing VDB schemes can only support the updating operation called replacement. That is, the client can efficiently update a data record by assigning a new value. However, the proposed solutions are not applicable for other updating operations such as insertion and deletion. In this paper, we first propose a new VDB scheme that supports all updating operations of replacement, deletion, and insertion by incorporating the techniques of commitment binding and hierarchical commitment. Security evaluation shows that the proposed construction can achieve the desired security properties in the standard computational DiffieHellman assumption. We introduce the concept of hierarchical vector commitment.A concrete VDB scheme that supports all updating operations is proposed.Our scheme can simultaneously support all updating operations and resist FAU attack.

[1]  Jianfeng Ma,et al.  New Publicly Verifiable Databases Supporting Insertion Operation , 2015, 2015 18th International Conference on Network-Based Information Systems.

[2]  Marek R. Ogiela,et al.  Shadow Generation Protocol in Linguistic Threshold Schemes , 2009, FGIT-SecTech.

[3]  Kyriakos Mouratidis,et al.  Scalable Verification for Outsourced Dynamic Databases , 2009, Proc. VLDB Endow..

[4]  Jianfeng Ma,et al.  Verifiable Computation over Large Database with Incremental Updates , 2014, IEEE Transactions on Computers.

[5]  Gene Tsudik,et al.  Authentication and integrity in outsourced databases , 2006, TOS.

[6]  Shucheng Yu,et al.  Flexible and publicly verifiable aggregation query for outsourced databases in cloud , 2013, 2013 IEEE Conference on Communications and Network Security (CNS).

[7]  Kian-Lee Tan,et al.  Verifying completeness of relational query results in data publishing , 2005, SIGMOD '05.

[8]  Mikhail J. Atallah,et al.  Secure and Efficient Outsourcing of Sequence Comparisons , 2012, ESORICS.

[9]  David Naccache,et al.  Secure Delegation of Elliptic-Curve Pairing , 2010, IACR Cryptol. ePrint Arch..

[10]  Robert H. Deng,et al.  Authenticating Query Results in Data Publishing , 2005, ICICS.

[11]  Yevgeniy Vahlis,et al.  Verifiable Delegation of Computation over Large Datasets , 2011, IACR Cryptol. ePrint Arch..

[12]  Ilsun You,et al.  Verifiable Auditing for Outsourced Database in Cloud Computing , 2015, IEEE Transactions on Computers.

[13]  M.R. Ogiela,et al.  Linguistic Extension for Secret Sharing (m, n)-Threshold Schemes , 2008, 2008 International Conference on Security Technology.

[14]  Jin Li,et al.  Efficient Fair Conditional Payments for Outsourcing Computations , 2012, IEEE Transactions on Information Forensics and Security.

[15]  Jianfeng Ma,et al.  New Algorithms for Secure Outsourcing of Modular Exponentiations , 2014, IEEE Trans. Parallel Distributed Syst..

[16]  Jianfeng Ma,et al.  New Publicly Verifiable Databases with Efficient Updates , 2015, IEEE Transactions on Dependable and Secure Computing.

[17]  Dario Fiore,et al.  Vector Commitments and Their Applications , 2013, Public Key Cryptography.

[18]  Michael Gertz,et al.  Authentic Third-party Data Publication , 2000, DBSec.

[19]  Anna Lysyanskaya,et al.  How to Securely Outsource Cryptographic Computations , 2005, TCC.

[20]  Tao Jiang,et al.  Towards secure and reliable cloud storage against data re-outsourcing , 2015, Future Gener. Comput. Syst..

[21]  Bogdan Carbunar,et al.  Fair Payments for Outsourced Computations , 2010, 2010 7th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks (SECON).

[22]  Feifei Li,et al.  Dynamic authenticated index structures for outsourced databases , 2006, SIGMOD Conference.

[23]  Jonathan Katz,et al.  IntegriDB: Verifiable SQL for Outsourced Databases , 2015, CCS.

[24]  Michael Gertz,et al.  Authentic Data Publication Over the Internet , 2003, J. Comput. Secur..

[25]  Duncan S. Wong,et al.  Secure Outsourced Attribute-Based Signatures , 2014, IEEE Transactions on Parallel and Distributed Systems.

[26]  Eugene H. Spafford,et al.  Secure outsourcing of scientific computations , 2001, Adv. Comput..