research-article

Authenticated hash tables

Authors:

Charalampos Papamanthou,

Roberto Tamassia,

Nikos TriandopoulosAuthors Info & Claims

CCS '08: Proceedings of the 15th ACM conference on Computer and communications security

Pages 437 - 448

https://doi.org/10.1145/1455770.1455826

Published: 27 October 2008 Publication History

Abstract

Hash tables are fundamental data structures that optimally answer membership queries. Suppose a client stores n elements in a hash table that is outsourced at a remote server so that the client can save space or achieve load balancing. Authenticating the hash table functionality, i.e., verifying the correctness of queries answered by the server and ensuring the integrity of the stored data, is crucial because the server, lying outside the administrative control of the client, can be malicious.

We design efficient and secure protocols for optimally authenticating membership queries on hash tables: for any fixed constants 0 < ε < 1 and κ > 1/ε, the server can provide a proof of integrity of the answer to a (non-)membership query in constant time, requiring O(n^ε/log^κε--1 n) time to treat updates, yet keeping the communication and verification costs constant. This is the first construction for authenticating a hash table with constant query cost and sublinear update cost. Our solution employs the RSA accumulator in a nested way over the stored data, strictly improving upon previous accumulator-based solutions. Our construction applies to two concrete data authentication models and lends itself to a scheme that achieves different trade-offs---namely, constant update time and O(n^ε/log^κε n) query time for fixed ε > 0 and κ > 0. An experimental evaluation of our solution shows very good scalability.

References

[1]

G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song. Provable data possession at untrusted stores. In Proc. ACM Conf. on Computer and Communications Security (CCS), pp. 598--609, 2007.

Digital Library

[2]

N. Baric and B. Pfitzmann. Collision-free accumulators and fail-stop signature schemes without trees. In Proc. EUROCRYPT, pp. 480--494, 1997.

[3]

J. Benaloh and M. de Mare. One-way accumulators: A decentralized alternative to digital signatures. In Proc. EUROCRYPT, pp. 274--285, 1993.

Digital Library

[4]

M. Blum, W. Evans, P. Gemmell, S. Kannan, and M. Naor. Checking the correctness of memories. In Proc.IEEE Symp. on Foundations of Computer Science (FOCS), pp. 90--99, 1991.

Digital Library

[5]

A. Buldas, P. Laud, and H. Lipmaa. Accountable certificate management using undeniable attestations. In Proc. ACM Conf. on Computer and Communications Security (CCS), pp. 9--18, 2000.

Digital Library

[6]

J. Camenisch and A. Lysyanskaya. Dynamic accumulators and application to efficient revocation of anonymous credentials. In Proc. CRYPTO, pp. 61--76, 2002.

Digital Library

[7]

I. L. Carter and M. N. Wegman. Universal classes of hash functions. In Proc. ACM Symp. on Theory of Computing (STOC), pp. 106--112, 1977.

Digital Library

[8]

T. H. Cormen, C. E. Leiserson, R. L. Rivest, and C. Stein. Introduction to Algorithms. MIT Press, Cambridge, MA, 2nd edition, 2001.

Digital Library

[9]

M. Dietzfelbinger, A. Karlin, K. Mehlhorn, F. Meyer auf der Heide, H. Rohnert, and R.E. Tarjan. Dynamic perfect hashing: upper and lower bounds. SIAM J. Comput., 23:738--761, 1994.

Digital Library

[10]

C. Dwork, M. Naor, G.N. Rothblum, and V. Vaikuntanathan. How efficient can memory checking be? Manuscript, 2008.

[11]

R. Gennaro, S. Halevi, and T. Rabin. Secure hash-and-sign signatures without the random oracle. In Proc. EUROCRYPT, pp. 123--139, 1999.

[12]

M. T. Goodrich, C. Papamanthou, and R. Tamassia. On the cost of persistence and authentication in skip lists. In Proc. Workshop on Experimental Algorithms (WEA), pp. 94--107, 2007.

[13]

M. T. Goodrich, C. Papamanthou, R. Tamassia, and N. Triandopoulos. Athos: Efficient authentication of outsourced file systems. In Proc. Information Security Conf. (ISC), pp. 80--96, 2008.

Digital Library

[14]

M.T. Goodrich, R. Tamassia, and J. Hasic. An efficient dynamic and distributed cryptographic accumulator. In Proc. Information Security Conf. (ISC), pp. 372--388, 2002.

Digital Library

[15]

M.T. Goodrich, R. Tamassia, and A. Schwerin. Implementation of an authenticated dictionary with skip lists and commutative hashing. In Proc. DARPA Information Survivability Conference and Exposition II (DISCEX II), pp 68--82, 2001.

[16]

M.T. Goodrich, R. Tamassia, and N. Triandopoulos. Super-efficient verification of dynamic outsourced databases. In Proc. CT-RSA, pp. 407--424, 2008.

[17]

M.T. Goodrich, R. Tamassia, N. Triandopoulos, and R. Cohen. Authenticated data structures for graph and geometric searching. In Proc. CT-RSA, pp. 295--313, 2003.

[18]

A. Hutflesz, H.-W. Six, and P. Widmayer. Globally order preserving multidimensional linear hashing. In Proc. IEEE Int. Conf. on Data Engineering (ICDE), pp. 572--579, 1988.

Digital Library

[19]

C. M. Kenyon and J.S. Vitter. Maximum queue size and hashing with lazy deletion. Algorithmica, 6:597--619, 1991.

Digital Library

[20]

J. Li, N. Li, and R. Xue. Universal accumulators with efficient nonmembership proofs. In Proc. Applied Cryptography and Network Security (ACNS), pp. 253--269, 2007.

Digital Library

[21]

N. Linial and O. Sasson. Non-expansive hashing. In Proc. ACM Symp. on Theory of Computing (STOC), pp. 509--517, 1996.

Digital Library

[22]

C. Martel, G. Nuckolls, P. Devanbu, M. Gertz, A. Kwong, and S.G. Stubblebine. A general model for authenticated data structures. Algorithmica, 39(1):21--41, 2004.

Digital Library

[23]

R.C. Merkle. A certified digital signature. In Proc. CRYPTO, pp. 218---238, 1989.

Digital Library

[24]

J.K. Mullin. Spiral storage: Efficient dynamic hashing with constant-performance. Computer J., 28:330--334, 1985.

[25]

M. Naor and K. Nissim. Certificate revocation and certificate update. In Proc. USENIX Security Symposium, pp. 217--228, 1998.

Digital Library

[26]

L. Nguyen. Accumulators from bilinear pairings and applications. In Proc. CT-RSA, pp. 275--292, 2005.

Digital Library

[27]

G. Nuckolls. Verified query results from hybrid authentication trees. In Proc. Data and Applications Security (DBSec), pages 84--98, 2005.

Digital Library

[28]

C. Papamanthou and R. Tamassia. Time and space efficient algorithms for two-party authenticated data structures. In Proc. Int. Conf. on Information and Communications Security (ICICS), pp. 1--15, 2007.

Digital Library

[29]

T. Sander. Efficient accumulators without trapdoor (Extended abstract). In Proc. Int. Conf. on Information and Communications Security (ICICS), pp. 252--262, 1999.

Digital Library

[30]

T. Sander, A. Ta-Shma, and M. Yung. Blind, auditable membership proofs. In Proc. Financial Cryptography (FC), pp. 53--71, 2000.

Digital Library

[31]

V. Shoup. NTL: A library for doing number theory. http://www.shoup.net/ntl/.

[32]

R. Tamassia. Authenticated data structures. In Proc. European Symp. on Algorithms (ESA), pp. 2--5, 2003.

[33]

R. Tamassia and N. Triandopoulos. Computational bounds on hierarchical data processing with applications to information security. In Proc. Int. Colloquium on Automata, Languages and Programming (ICALP), pp. 153--165, 2005.

Digital Library

[34]

R. Tamassia and N. Triandopoulos. Efficient content authentication in peer-to-peer networks. In Proc. Applied Cryptography and Network Security (ACNS), pp. 354--372, 2007.

Digital Library

[35]

P. Wang, H. Wang, and J. Pieprzyk. A new dynamic accumulator for batch updates. In Proc. Int. Conf. on Information and Communications Security (ICICS), pp. 98--112, 2007.

Digital Library

Cited By

Liu HHuang HZhou YChen Q(2023)Improvement of blockchain-based multi-layer location data sharing scheme for Internet of ThingsComputer Communications10.1016/j.comcom.2023.02.005201(131-142)Online publication date: Mar-2023
https://doi.org/10.1016/j.comcom.2023.02.005
Libert BLing SNguyen KWang H(2023)Zero-Knowledge Arguments for Lattice-Based Accumulators: Logarithmic-Size Ring Signatures and Group Signatures Without TrapdoorsJournal of Cryptology10.1007/s00145-023-09470-636:3Online publication date: 25-May-2023
https://dl.acm.org/doi/10.1007/s00145-023-09470-6
Khan SLuo FZhang ZRahim MKhan SQadri SWu K(2022)A Privacy-Preserving and Transparent Identity Management Scheme for Vehicular Social NetworkingIEEE Transactions on Vehicular Technology10.1109/TVT.2022.319090871:11(11555-11570)Online publication date: Nov-2022
https://doi.org/10.1109/TVT.2022.3190908
Show More Cited By

Index Terms

Authenticated hash tables
1. Computer systems organization
  1. Architectures
    1. Distributed architectures
2. Software and its engineering
  1. Software organization and properties
    1. Software system structures
      1. Distributed systems organizing principles

Recommendations

Authenticated Hash Tables Based on Cryptographic Accumulators

Suppose a client stores $$n$$n elements in a hash table that is outsourced to an untrusted server. We address the problem of authenticating the hash table operations, where the goal is to design protocols capable of verifying the correctness of queries ...
An Improved and Secure Two-factor Dynamic ID Based Authenticated Key Agreement Scheme for Multiserver Environment

The smart card based password authentication scheme is one of the most important and efficient security mechanism, which is used for providing security to authorized users over an insecure network. In this paper, we analyzed major security flaws of ...
New identity-based three-party authenticated key agreement protocol with provable security

Key agreement allows multi-parties exchanging public information to create a common secret key that is known only to those entities over an insecure network. In the recent years, several identity-based (ID-based) authenticated key agreement protocols ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '08: Proceedings of the 15th ACM conference on Computer and communications security

October 2008

590 pages

ISBN:9781595938107

DOI:10.1145/1455770

General Chair:
Peng Ning
North Carolina State University, USA
,
Program Chairs:
Paul Syverson
Naval Research Laboratory, USA
,
Somesh Jha
University of Wisconsin, USA

Copyright © 2008 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 27 October 2008

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS08

Sponsor:

CCS08: 15th ACM Conference on Computer and Communications Security 2008

October 27 - 31, 2008

Virginia, Alexandria, USA

Acceptance Rates

CCS '08 Paper Acceptance Rate 51 of 280 submissions, 18%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

89
Total Citations
View Citations
1,160
Total Downloads

Downloads (Last 12 months)36
Downloads (Last 6 weeks)2

Reflects downloads up to 09 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Liu HHuang HZhou YChen Q(2023)Improvement of blockchain-based multi-layer location data sharing scheme for Internet of ThingsComputer Communications10.1016/j.comcom.2023.02.005201(131-142)Online publication date: Mar-2023
https://doi.org/10.1016/j.comcom.2023.02.005
Libert BLing SNguyen KWang H(2023)Zero-Knowledge Arguments for Lattice-Based Accumulators: Logarithmic-Size Ring Signatures and Group Signatures Without TrapdoorsJournal of Cryptology10.1007/s00145-023-09470-636:3Online publication date: 25-May-2023
https://dl.acm.org/doi/10.1007/s00145-023-09470-6
Khan SLuo FZhang ZRahim MKhan SQadri SWu K(2022)A Privacy-Preserving and Transparent Identity Management Scheme for Vehicular Social NetworkingIEEE Transactions on Vehicular Technology10.1109/TVT.2022.319090871:11(11555-11570)Online publication date: Nov-2022
https://doi.org/10.1109/TVT.2022.3190908
Chen FLi ZJiang CLi J(2022)Verifiable Cloud Data Access: Design, Analysis, and ImplementationIEEE Systems Journal10.1109/JSYST.2020.303410516:1(1135-1146)Online publication date: Mar-2022
https://doi.org/10.1109/JSYST.2020.3034105
Li KTang YZhang QXu JChen JZhang KGherbi AVenkatasubramanian NVeiga L(2021)Authenticated key-value stores with hardware enclavesProceedings of the 22nd International Middleware Conference: Industrial Track10.1145/3491084.3491425(1-8)Online publication date: 6-Dec-2021
https://dl.acm.org/doi/10.1145/3491084.3491425
Chen XLi HLi JWang QHuang XSusilo WXiang Y(2021)Publicly Verifiable Databases With All Efficient Updating OperationsIEEE Transactions on Knowledge and Data Engineering10.1109/TKDE.2020.297577733:12(3729-3740)Online publication date: 1-Dec-2021
https://doi.org/10.1109/TKDE.2020.2975777
Chen FWang DLin QChen JMing ZYu WQin J(2021)Towards Dynamic Verifiable Pattern MatchingIEEE Transactions on Big Data10.1109/TBDATA.2018.28686577:2(421-435)Online publication date: 1-Jun-2021
https://doi.org/10.1109/TBDATA.2018.2868657
Li KTang YChen JYuan ZXu CXu J(2020)Cost-Effective Data Feeds to Blockchains via Workload-Adaptive Data ReplicationProceedings of the 21st International Middleware Conference10.1145/3423211.3425696(371-385)Online publication date: 7-Dec-2020
https://dl.acm.org/doi/10.1145/3423211.3425696
Etemad MKüpçü A(2020)Generic Dynamic Data Outsourcing Framework for Integrity VerificationACM Computing Surveys10.1145/336599853:1(1-32)Online publication date: 6-Feb-2020
https://dl.acm.org/doi/10.1145/3365998
Khan SZhu LYu XZhang ZRahim MKhan MDu XGuizani M(2020)Accountable Credential Management System for Vehicular CommunicationVehicular Communications10.1016/j.vehcom.2020.100279(100279)Online publication date: Jul-2020
https://doi.org/10.1016/j.vehcom.2020.100279
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents