nach oben

Erschienen in:

2020 | OriginalPaper | Buchkapitel

Privacy-Preserving Authentication for Tree-Structured Data with Designated Verification in Outsourced Environments

verfasst von : Fei Zhu, Xun Yi, Sharif Abuadbba, Ibrahim Khalil, Xu Yang, Surya Nepal, Xinyi Huang

Erschienen in: Provable and Practical Security

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Nowadays, the use of database outsourcing is on the rise. Since the service provider may not be fully trusted, a crucial requirement in outsourced data sharing is therefore to ensure that users can verify the integrity and authenticity of their query results. In outsourced healthcare data sharing, because the data contains sensitive information, an equally significant issue is to guarantee that the sharing process does not lead to any information leakages. Though some privacy-preserving authentication solutions have been presented to address these issues, unfortunately, none of them consider the risk of privacy leakage during the dissemination of authenticated healthcare data. That is, the queried data may be leaked by the user since any third party getting hold of a signed data would be convinced of its validity. In other words, for privacy concerns, we need a secure mechanism to ensure that only a specific receiver can check the integrity and authenticity of shared outsourced data.

To address the these concerns, in our work, we propose a privacy-preserving authentication scheme with designated verification for tree-structured data (i.e., XML-based healthcare records). We provide the formal definition and related security properties of our scheme. We further put forward our concrete construction and prove its security under the standard cryptographic assumption in the random oracle model. The comparison analysis of theory and practice shows that our scheme provides stronger privacy protection than existing schemes while having the shortest key length and signature size. Therefore, our construction is efficient and practical for outsourced environments.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Watermarkable Signature with Computational Function Preserving

Nächstes Kapitel Semi-Adaptively Secure Offline Witness Encryption from Puncturable Witness PRF

Nur mit Berechtigung zugänglich

Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and verifiably encrypted signatures from bilinear maps. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 416–432. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-39200-9_26CrossRef

Brzuska, C., et al.: Redactable signatures for tree-structured data: definitions and constructions. In: Zhou, J., Yung, M. (eds.) ACNS 2010. LNCS, vol. 6123, pp. 87–104. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13708-2_6CrossRef

Chatterjee, S., Hankerson, D., Knapp, E., Menezes, A.: Comparing two pairing-based aggregate signature schemes. Des. Codes Crypt. 55(2–3), 141–167 (2010)MathSciNetCrossRef

Chatterjee, S., Menezes, A.: On cryptographic protocols employing asymmetric pairings - the role of \(\Psi \) revisited. Discret. Appl. Math. 159(13), 1311–1322 (2011)MathSciNetCrossRef

Derler, D., Krenn, S., Slamanig, D.: Signer-anonymous designated-verifier redactable signatures for cloud-based data sharing. In: Foresti, S., Persiano, G. (eds.) CANS 2016. LNCS, vol. 10052, pp. 211–227. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-48965-0_13CrossRef

Ferrara, A.L., Green, M., Hohenberger, S., Pedersen, M.Ø.: Practical short signature batch verification. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 309–324. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-00862-7_21CrossRef

Goodrich, M.T., Tamassia, R., Triandopoulos, N.: Efficient authenticated data structures for graph connectivity and geometric search problems. Algorithmica 60(3), 505–552 (2011)MathSciNetCrossRef

Groß, T.: Efficient certification and zero-knowledge proofs of knowledge on infrastructure topology graphs. In: CCSW 2014, pp. 69–80. ACM (2014)

Hachicha, M., Darmont, J.: A survey of XML tree patterns. IEEE Trans. Knowl. Data Eng. 25(1), 29–46 (2013)CrossRef

10.

Johnson, R., Molnar, D., Song, D., Wagner, D.: Homomorphic signature schemes. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 244–262. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45760-7_17CrossRef

11.

Kundu, A., Atallah, M.J., Bertino, E.: Efficient leakage-free authentication of trees, graphs and forests. IACR Cryptology ePrint Archive 2012, 36 (2012)

12.

Kundu, A., Atallah, M.J., Bertino, E.: Leakage-free redactable signatures. In: CODASPY 2012, pp. 307–316. ACM (2012)

13.

Kundu, A., Bertino, E.: Structural signatures for tree data structures. Proc. VLDB Endow. 1(1), 138–150 (2008)CrossRef

14.

Kundu, A., Bertino, E.: How to authenticate graphs without leaking. In: EDBT 2010, pp. 609–620. ACM (2010)

15.

Kundu, A., Bertino, E.: Privacy-preserving authentication of trees and graphs. Int. J. Inf. Secur. 12(6), 467–494 (2013). https://doi.org/10.1007/s10207-013-0198-5CrossRef

16.

Liu, J., Ma, J., Zhou, W., Xiang, Y., Huang, X.: Dissemination of authenticated tree-structured data with privacy protection and fine-grained control in outsourced databases. In: Lopez, J., Zhou, J., Soriano, M. (eds.) ESORICS 2018. LNCS, vol. 11099, pp. 167–186. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98989-1_9CrossRef

17.

de Meer, H., Pöhls, H.C., Posegga, J., Samelin, K.: Redactable signature schemes for trees with signer-controlled non-leaf-redactions. In: Obaidat, M.S., Filipe, J. (eds.) ICETE 2012. CCIS, vol. 455, pp. 155–171. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44791-8_10CrossRef

18.

Merkle, R.C.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, New York (1990). https://doi.org/10.1007/0-387-34805-0_21CrossRef

19.

Mihara, A., Tanaka, K.: Universal designated-verifier signature with aggregation. In: ICITA 2005, pp. 514–519. IEEE (2005)

20.

Mykletun, E., Narasimha, M., Tsudik, G.: Signature bouquets: immutability for aggregated/condensed signatures. In: Samarati, P., Ryan, P., Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol. 3193, pp. 160–176. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30108-0_10CrossRef

21.

Samelin, K., Pöhls, H.C., Bilzhause, A., Posegga, J., de Meer, H.: On structural signatures for tree data structures. In: Bao, F., Samarati, P., Zhou, J. (eds.) ACNS 2012. LNCS, vol. 7341, pp. 171–187. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31284-7_11CrossRefMATH

22.

Samelin, K., Pöhls, H.C., Bilzhause, A., Posegga, J., de Meer, H.: Redactable signatures for independent removal of structure and content. In: Ryan, M.D., Smyth, B., Wang, G. (eds.) ISPEC 2012. LNCS, vol. 7232, pp. 17–33. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29101-2_2CrossRefMATH

23.

Steinfeld, R., Bull, L., Wang, H., Pieprzyk, J.: Universal designated-verifier signatures. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 523–542. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-40061-5_33CrossRef

24.

Uzunkol, O., Kiraz, M.S.: Still wrong use of pairings in cryptography. Appl. Math. Comput. 333, 467–479 (2018)MathSciNetCrossRef

25.

Wang, J., Chen, X., Huang, X., You, I., Xiang, Y.: Verifiable auditing for outsourced database in cloud computing. IEEE Trans. Comput. 64(11), 3293–3303 (2015)MathSciNetCrossRef

26.

Zhu, F., Wu, W., Zhang, Y., Chen, X.: Privacy-preserving authentication for general directed graphs in industrial IoT. Inf. Sci. 502, 218–228 (2019)MathSciNetCrossRef

27.

Zhu, F., Zhang, Y., Lin, C., Wu, W., Meng, R.: A universal designated multi-verifier transitive signature scheme. In: Chen, X., Lin, D., Yung, M. (eds.) Inscrypt 2017. LNCS, vol. 10726, pp. 180–195. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-75160-3_12CrossRef

Titel: Privacy-Preserving Authentication for Tree-Structured Data with Designated Verification in Outsourced Environments
verfasst von: Fei Zhu
Xun Yi
Sharif Abuadbba
Ibrahim Khalil
Xu Yang
Surya Nepal
Xinyi Huang
Verlag: Springer International Publishing
Buch: Provable and Practical Security
Print ISBN: 978-3-030-62575-7

Electronic ISBN: 978-3-030-62576-4

Copyright-Jahr: 2020
DOI: https://doi.org/10.1007/978-3-030-62576-4_8

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"