Verifying the Consistency of Remote Untrusted Services with Commutative Operations

A group of mutually trusting clients outsources a computation service to a remote server, which they do not fully trust and that may be subject to attacks. The clients do not communicate with each other and would like to verify the correctness of the remote computation and the consistency of the server’s responses. This paper first presents the Commutative-Operation verification Protocol (COP) that ensures linearizability when the server is correct and preserves fork-linearizability in any other case. All clients that observe each other’s operations are consistent, in the sense that their own operations and those operations of other clients that they see are linearizable. Second, this work extends COP through authenticated data structures to Authenticated COP , which allows consistency verification of outsourced services whose state is kept only remotely, by the server. This yields the first fork-linearizable consistency verification protocol for generic outsourced services that (1) relieves clients from storing the state, (2) supports wait-free client operations, and (3) handles sequences of arbitrary commutative operations.

[1]  Idit Keidar,et al.  Venus: verification for untrusted cloud storage , 2010, CCSW '10.

[2]  Peter Williams,et al.  The Blind Stone Tablet: Outsourcing Durability to Untrusted Parties , 2009, NDSS.

[3]  Srinath T. V. Setty,et al.  Depot: Cloud Storage with Minimal Trust , 2010, TOCS.

[4]  Ariel J. Feldman,et al.  SPORC: Group Collaboration using Untrusted Cloud Resources , 2010, OSDI.

[5]  Roberto Tamassia,et al.  Optimal Verification of Operations on Dynamic Sets , 2011, CRYPTO.

[6]  Maurice Herlihy,et al.  Linearizability: a correctness condition for concurrent objects , 1990, TOPL.

[7]  Roberto Tamassia,et al.  Authenticated Data Structures , 2003, ESA.

[8]  Omer Paneth,et al.  Verifiable Set Operations over Outsourced Databases , 2014, IACR Cryptol. ePrint Arch..

[9]  David Mazières,et al.  Beyond One-Third Faulty Replicas in Byzantine Fault Tolerant Systems , 2007, NSDI.

[10]  Benjamin Braun,et al.  Verifying computations with state , 2013, IACR Cryptol. ePrint Arch..

[11]  H SchollMarc,et al.  Transactional information systems , 2001 .

[12]  Dan Dobre,et al.  Abortable Fork-Linearizable Storage , 2009, OPODIS.

[13]  Maurice Herlihy,et al.  Obstruction-free synchronization: double-ended queues as an example , 2003, 23rd International Conference on Distributed Computing Systems, 2003. Proceedings..

[14]  Maurice Herlihy,et al.  Wait-free synchronization , 1991, TOPL.

[15]  Michael Gertz,et al.  A General Model for Authenticated Data Structures , 2004, Algorithmica.

[16]  Christian Cachin,et al.  Integrity and Consistency for Untrusted Services - (Extended Abstract) , 2011, SOFSEM.

[17]  Elaine Shi,et al.  TRUESET: Faster Verifiable Set Computations , 2014, USENIX Security Symposium.

[18]  Idit Keidar,et al.  Fail-Aware Untrusted Storage , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.

[19]  Abhi Shelat,et al.  Efficient fork-linearizable access to untrusted shared memory , 2007, PODC '07.

[20]  Benjamin Braun,et al.  Taking Proof-Based Verified Computation a Few Steps Closer to Practicality , 2012, USENIX Security Symposium.

[21]  William E. Weihl,et al.  Commutativity-based concurrency control for abstract data types , 1988, [1988] Proceedings of the Twenty-First Annual Hawaii International Conference on System Sciences. Volume II: Software track.

[22]  Marcos K. Aguilera,et al.  Abortable and query-abortable objects and their efficient implementation , 2007, PODC '07.

[23]  Craig Gentry,et al.  Quadratic Span Programs and Succinct NIZKs without PCPs , 2013, IACR Cryptol. ePrint Arch..

[24]  Moni Naor,et al.  Certificate revocation and certificate update , 1998, IEEE Journal on Selected Areas in Communications.

[25]  Elaine Shi,et al.  TRUESET: Nearly Practical Verifiable Set Computations , 2014, IACR Cryptol. ePrint Arch..

[26]  Idit Keidar,et al.  Fork sequential consistency is blocking , 2009, Inf. Process. Lett..

[27]  Austin T. Clements,et al.  The scalable commutativity rule: designing scalable software for multicore processors , 2013, SOSP.

[28]  Graham Cormode,et al.  Practical verified computation with streaming interactive proofs , 2011, ITCS '12.

[29]  Rachid Guerraoui,et al.  Introduction to Reliable and Secure Distributed Programming , 2011 .

[30]  Michael K. Reiter,et al.  Zzyzx: Scalable fault tolerance through Byzantine locking , 2010, 2010 IEEE/IFIP International Conference on Dependable Systems & Networks (DSN).

[31]  P. Gács,et al.  Algorithms , 1992 .

[32]  Dan S. Wallach,et al.  Authenticated Dictionaries: Real-World Costs and Trade-Offs , 2011, TSEC.

[33]  Seif Haridi,et al.  Distributed Algorithms , 1992, Lecture Notes in Computer Science.

[34]  Dennis Shasha,et al.  Secure Untrusted Data Repository (SUNDR) , 2004, OSDI.

[35]  Dennis Shasha,et al.  Building secure file systems out of byzantine storage , 2002, PODC '02.