nach oben

International Journal of Information Security

Erschienen in:

02.05.2017 | Regular Contribution

Outsourced pattern matching

verfasst von: Sebastian Faust, Carmit Hazay, Daniele Venturi

Erschienen in: International Journal of Information Security | Ausgabe 3/2018

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

In secure delegatable computation, computationally weak devices (or clients) wish to outsource their computation and data to an untrusted server in the cloud. While most earlier work considers the general question of how to securely outsource any computation to the cloud server, we focus on concrete and important functionalities and give the first protocol for the pattern matching problem in the cloud. Loosely speaking, this problem considers a text T that is outsourced to the cloud \({\textsc {S}}\) by a sender \({\textsc {SEN}}\). In a query phase, receivers \({\textsc {REC}}_1, \ldots , {\textsc {REC}}_l\) run an efficient protocol with the server \({\textsc {S}}\) and the sender \({\textsc {SEN}}\) in order to learn the positions at which a pattern of length m matches the text (and nothing beyond that). This is called the outsourced pattern matching problem which is highly motivated in the context of delegatable computing since it offers storage alternatives for massive databases that contain confidential data (e.g., health-related data about patient history). Our constructions are simulation-based secure in the presence of semi-honest and malicious adversaries (in the random oracle model) and limit the communication in the query phase to O(m) bits plus the number of occurrences—which is optimal. In contrast to generic solutions for delegatable computation, our schemes do not rely on fully homomorphic encryption but instead use novel ideas for solving pattern matching, based on a reduction to the subset sum problem. Interestingly, we do not rely on the hardness of the problem, but rather we exploit instances that are solvable in polynomial time. A follow-up result demonstrates that the random oracle is essential in order to meet our communication bound.

Vorheriger Artikel Distributed star coloring of network for IP traceback

Nächster Artikel Verifiably encrypted cascade-instantiable blank signatures to secure progressive decision management

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Namely, a two-rounds solution based on FHE would need a circuit that tolerates the worst case output size, which in pattern matching implies a maximal number of matches that is proportional to the length of the text (or the database).

This definition is more applicable for search engines where the first few results are typically more relevant, whereas the former variant is more applicable for a DNA search where it is important to find all matched positions. For simplicity we only consider the first variant, and our solutions support both variants.

We remark that this definition considers a function that is not pseudorandom in the classic sense of it being indistinguishable from a random function whose range is composed of all strings of a given length. Rather, it is indistinguishable from a random function whose range is the group generated by g as defined below.

As specified in the introduction, we can define a search functionality that only returns the first few and most relevant matches. Our discussion and formalization below can be easily adapted for this functionality as well.

Taking a look ahead, this solution can only support short texts as otherwise either the collision probability (cf. Lemma 1) is large and we cannot achieve correctness, or the subset sum problem cannot be solved efficiently as the instance is not low density.

In the basic form of the protocol, it does not make any difference whether we commit to \(R_p\) or to \(R_p'\). However, in the extension based on packaging committing to \(R_p'\) yields a better communication complexity in the setup phase.

Applebaum, B., Ishai, Y., Kushilevitz, E.: From secrecy to soundness: Efficient verification via secure computation. In: ICALP, pp. 152–163 (2010)

Asharov, G., Jain, A., López-Alt, A., Tromer, E., Vaikuntanathan, V., Wichs, D.: Multiparty computation with low communication, computation and interaction via threshold FHE. In: EUROCRYPT, pp. 483–501 (2012)

Au, M.H., Tsang, P.P., Susilo, W., Mu, Y.: Dynamic universal accumulators for DDH groups and their application to attribute-based anonymous credential systems. In: CT-RSA, pp. 295–308 (2009)

Benabbas, S., Gennaro, R., Vahlis, Y.: Verifiable delegation of computation over large datasets. In: CRYPTO, pp. 111–131 (2011)

Boyer, R.S., Moore, J.S.: A fast string searching algorithm. Commun. ACM 20(10), 762–772 (1977)CrossRefMATH

Buldas, A., Laud, P., Lipmaa, H.: Accountable certificate management using undeniable attestations. In: CCS, pp. 9–17 (2000)

Buldas, A., Laud, P., Lipmaa, H.: Eliminating counterevidence with applications to accountable certificate management. J. Comput. Secur. 10(3), 273–296 (2002)CrossRef

Camacho, P., Hevia, A., Kiwi, M.A., Opazo, R.: Strong accumulators from collision-resistant hashing. Int. J. Inf. Secur. 11(5), 349–363 (2012)CrossRef

Canetti, R.: Security and composition of multi-party cryptographic protocols. J. Cryptol. 13, 143–202 (2000)MathSciNetCrossRefMATH

10.

Catalano, D., Fiore, D.: Vector commitments and their applications. In: PKC, pp. 55–72 (2013)

11.

Chaimovich, M., Freiman, G., Galil, Z.: Solving dense subset-sum problems by using analytical number theory. J. Complex. 5(3), 271–282 (1989)MathSciNetCrossRefMATH

12.

Chase, M., Shen, E.: Substring-searchable symmetric encryption. PoPETs 2015(2), 263–281 (2015)

13.

Chen, Y., Nguyen, P.Q.: Bkz 2.0: Better lattice security estimates. In: ASIACRYPT, pp. 1–20 (2011)

14.

Choi, S.G., Katz, J., Kumaresan, R., Cid, C.: Multi-client non-interactive verifiable computation. In: TCC, pp. 499–518 (2013)

15.

Chung, K.M., Kalai, Y.T., Vadhan, S.P.: Improved delegation of computation using fully homomorphic encryption. In: CRYPTO, pp. 483–501 (2010)

16.

Coster, M.J., Joux, A., LaMacchia, B.A., Odlyzko, A.M., Schnorr, C.P., Stern, J.: Improved low-density subset sum algorithms. Comput. Complex. 2, 111–128 (1992)MathSciNetCrossRefMATH

17.

Curtmola, R., Garay, J.A., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. J. Comput. Secur. 19(5), 895–934 (2011)CrossRef

18.

Damgård, I., Triandopoulos, N.: Supporting non-membership proofs with bilinear-map accumulators. IACR Cryptol. ePrint Archive 2008, 538 (2008). URL http://eprint.iacr.org/2008/538

19.

Derler, D., Hanser, C., Slamanig, D.: Revisiting cryptographic accumulators, additional properties and relations to other primitives. In: CT-RSA, pp. 127–144 (2015)

20.

Faust, S., Hazay, C., Venturi, D.: Outsourced pattern matching. In: ICALP, pp. 545–556 (2013)

21.

Fiore, D., Gennaro, R., Pastro, V.: Efficiently verifiable computation on encrypted data. In: CCS, pp. 844–855 (2014)

22.

Flaxman, A., Przydatek, B.: Solving medium-density subset sum problems in expected polynomial time. In: STACS, pp. 305–314 (2005)

23.

Freedman, M.J., Ishai, Y., Pinkas, B., Reingold, O.: Keyword search and oblivious pseudorandom functions. In: TCC, pp. 303–324 (2005)

24.

Frieze, A.M.: On the Lagarias–Odlyzko algorithm for the subset sum problem. SIAM J. Comput. 15(2), 536–539 (1986)MathSciNetCrossRefMATH

25.

Galil, Z., Margalit, O.: An almost linear-time algorithm for the dense subset-sum problem. In: ICALP, pp. 719–727 (1991)

26.

Gama, N., Nguyen, P.Q.: Predicting lattice reduction. In: EUROCRYPT, pp. 31–51 (2008)

27.

Gennaro, R., Gentry, C., Parno, B.: Non-interactive verifiable computing: Outsourcing computation to untrusted workers. In: CRYPTO, pp. 465–482 (2010)

28.

Gennaro, R., Hazay, C., Sorensen, J.S.: Text search protocols with simulation based security. In: PKC, pp. 332–350 (2010)

29.

Gentry, C.: Fully homomorphic encryption using ideal lattices. In: STOC, pp. 169–178 (2009)

30.

Gordon, S.D., Katz, J., Liu, F., Shi, E., Zhou, H.: Multi-client verifiable computation with stronger security guarantees. In: TCC, pp. 144–168 (2015)

31.

Hazay, C., Lindell, Y.: Efficient protocols for set intersection and pattern matching with security against malicious and covert adversaries. J. Cryptol. 23(3), 422–456 (2010)MathSciNetCrossRefMATH

32.

Hazay, C., Toft, T.: Computationally secure pattern matching in the presence of malicious adversaries. In: ASIACRYPT, pp. 195–212 (2010)

33.

Hazay, C., Zarosim, H.: The feasibility of outsourced database search in the plain model. In: SCN, pp. 313–332 (2016)

34.

Impagliazzo, R., Naor, M.: Efficient cryptographic schemes provably as secure as subset sum. J. Cryptol. 9(4), 199–216 (1996)MathSciNetCrossRefMATH

35.

Jarecki, S., Jutla, C.S., Krawczyk, H., Rosu, M.C., Steiner, M.: Outsourced symmetric private information retrieval. In: CCS, pp. 875–888 (2013)

36.

Kamara, S., Mohassel, P., Raykova, M.: Outsourcing multi-party computation. IACR Cryptol. ePrint Archive 2011, 272 (2011). URL http://eprint.iacr.org/2011/272

37.

Kamara, S., Mohassel, P., Riva, B.: Salus: a system for server-aided secure function evaluation. In: CCS, pp. 797–808 (2012)

38.

Kamara, S., Papamanthou, C.: Parallel and dynamic searchable symmetric encryption. In: Financial Cryptography, pp. 258–274 (2013)

39.

Kamara, S., Papamanthou, C., Roeder, T.: Dynamic searchable symmetric encryption. In: CCS, pp. 965–976 (2012)

40.

Katz, J., Malka, L.: Secure text processing with applications to private DNA matching. In: CCS, pp. 485–492 (2010)

41.

Knuth, D.E., Morris, J.H.J., Pratt, V.R.: Fast pattern matching in strings. SIAM J. Comput. 6(2), 323–350 (1977)MathSciNetCrossRefMATH

42.

Lagarias, J.C., Odlyzko, A.M.: Solving low-density subset sum problems. J. ACM 32(1), 229–246 (1985)MathSciNetCrossRefMATH

43.

Li, D., Dong, X., Cao, Z.: Secure and privacy-preserving pattern matching in outsourced computing. Secur. Commun. Netw. 9(16), 3444–3451 (2016)CrossRef

44.

Li, J., Li, N., Xue, R.: Universal accumulators with efficient nonmembership proofs. In: ACNS, pp. 253–269 (2007)

45.

López-Alt, A., Tromer, E., Vaikuntanathan, V.: On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption. In: STOC, pp. 1219–1234 (2012)

46.

Lyubashevsky, V.: The parity problem in the presence of noise, decoding random linear codes, and the subset sum problem. In: APPROX-RANDOM, pp. 378–389 (2005)

47.

Lyubashevsky, V., Palacio, A., Segev, G.: Public-key cryptographic primitives provably as secure as subset sum. In: TCC, pp. 382–400 (2010)

48.

Merkle, R.C.: A certified digital signature. In: CRYPTO, pp. 218–238 (1989)

49.

Mohassel, P.: Efficient and secure delegation of linear algebra. IACR Cryptol. ePrint Archive 2011, 605 (2011). URL http://eprint.iacr.org/2011/605

50.

Naor, M., Reingold, O.: Number-theoretic constructions of efficient pseudo-random functions. In: FOCS, pp. 458–467 (1997)

51.

Nguyen, P.Q., Stehlé, D.: LLL on the average. In: ANTS, pp. 238–256 (2006)

52.

Papamanthou, C., Tamassia, R., Triandopoulos, N.: Optimal verification of operations on dynamic sets. In: CRYPTO, pp. 91–110 (2011)

53.

Peikert, C., Vaikuntanathan, V., Waters, B.: A framework for efficient and composable oblivious transfer. In: CRYPTO, pp. 554–571 (2008)

54.

Shallue, A.: An improved multi-set algorithm for the dense subset sum problem. In: ANTS, pp. 416–429 (2008)

55.

Troncoso-Pastoriza, J.R., Katzenbeisser, S., Celik, M.U.: Privacy preserving error resilient DNA searching through oblivious automata. In: CCS, pp. 519–528 (2007)

56.

Zhou, J., Cao, Z., Dong, X.: PPOPM: more efficient privacy preserving outsourced pattern matching. In: ESORICS, pp. 135–153 (2016)

Titel: Outsourced pattern matching
verfasst von: Sebastian Faust
Carmit Hazay
Daniele Venturi
Publikationsdatum: 02.05.2017
Verlag: Springer Berlin Heidelberg
Erschienen in: International Journal of Information Security / Ausgabe 3/2018
Print ISSN: 1615-5262
Elektronische ISSN: 1615-5270
DOI: https://doi.org/10.1007/s10207-017-0374-0

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 3/2018

Verifiably encrypted cascade-instantiable blank signatures to secure progressive decision management

Distributed star coloring of network for IP traceback

Dynamic group size accreditation and group discounts preserving anonymity

Anonymous subject identification and privacy information management in video surveillance

Stealing PINs via mobile sensors: actual risk versus user perception

Design and implementation of a secure and trustworthy platform for privacy-aware video surveillance

Premium Partner