1 / 27

DSAC (Digital Signature Aggregation and Chaining)

DSAC (Digital Signature Aggregation and Chaining). Digital Signature Aggregation & Chaining An approach to ensure integrity of outsourced databases. Contents. Signature Aggregation Mechanisms Chaining Mechanism Comparison of the results with previous work. ODB.

heinz
Download Presentation

DSAC (Digital Signature Aggregation and Chaining)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. DSAC(Digital Signature Aggregation and Chaining) Digital Signature Aggregation & Chaining An approach to ensure integrity of outsourced databases

  2. Contents • Signature Aggregation Mechanisms • Chaining Mechanism • Comparison of the results with previous work

  3. ODB • Outsourced Data Base(ODB) model : Client stores its data at an external data base service provider. • Concern: Ensure the database security & integrity.

  4. Authenticity: The tuples in the result set have not been tampered i.e correctness. • Integrity: No valid tuples have been omitted from the result set i.e completeness

  5. Result set & Size of a result set • Result result includes all the tuples matching the query predicates. • Size : 0-n, or 2^n subsets, where, n is total number of tuples in the database.

  6. Merkle Hash Tree • Use to prove existence of an element in a set. For eg. prove x1 exists in the set y={x2, x6, x1, x9} • Constructed as binary tree where leaves are hash value of corresponding element. • Non leaf & Leaf nodes • Root of the MHT is digitally signed using public key signature scheme (RSA/ DSA)

  7. MHT example…

  8. Auth DS (Authenticated Data Structures) • Approach to prove correctness • Uses MHT to prove correctness of the result set. • Limitation : Need to pre-compute and store a potentially large number of authenticated data structures to answer queries. • Completeness issue not answered

  9. VB Tree Approach • Uses a modified MHT • Not only root of MHT is signed but all nodes as well • Limitation: Consumes large storage space and increased verification time. • Provides proof of correctness • Completeness issue not answered !

  10. Drawbacks… • Overheads associated with building, storing and updating data structures in AuthDS and VB tree. • Signs each individual tuple before storing. • Server stores tuples along with its corresponding signature. • In response to a query, server sends both tuple and its signature.

  11. Drawbacks(contd.) • Query reply set consists of thousands of tuples. • Sending/ receiving and verifying signature of each tuple. • Expensive for the querier.

  12. DSAC: Correctness • Combines multiple individual signatures in the result set into a unified/ aggregated signature. • Verifying a unified signature is same as verifying signatures of each individual tuple in the result set.

  13. DSAC: Completeness • Includes the boundary tuples as well to ensure all the tuples matching the query is returned. • Link the tuple level signatures to form a signature chain.

  14. Constructing signature chains • If h() is a hash function such as SHA, • || denotes concatenation, • IPRi denotes immediate predecessor tuple along dimension ‘i’ , • l being number of searchable dimensions, • SK is private signing key of the data owner

  15. then the signature of a tuple ‘r’ can be computed as follows

  16. Computing IPR of a tuple • Sort tuple in increasing order of the attribute value for each dimension. • IPR of a given tuple in a given dimension is a tuple with highest value of the attribute that is less than the value of that tuple. • Each tuple has as many IPRs as the number of searchable dimensions.

  17. Example of signature chaining • Consider tuple R5

  18. Completeness (contd.) • In this way, server answers range queries by releasing all matching tuples, boundary tuples as well as aggregated signature. • Signature chain proves querier that server has returned all tuples in the query range proving completeness.

  19. Compleness(contd.) • Querier on receiving the result set: • Verifies the values in boundary tuples are just beyond the query range.

  20. Building a result set • Compute the tuple set Ts={Ra…Rz} • Compute Tn consisting of immediate predecessor and successor nodes Tn= {R(a-1), R(b+1)} • Obtain corresponding signature of each tuple • Calculate the aggregate the signature

  21. (Contd) • Chain the signature of all tuples along with its corresponding IPR Now, the result consists of {Ts, Tn, Sign(r), ∑}

  22. Analysis of DSAC scheme • We compare the DSAC scheme with other prominent correctness/ completeness guarantee schemes such as AuthDS and VB tree.

  23. Query Verification Time (Naïve approach vs DSAC)

  24. VO Size (Naïve approach vs DSAC approach)

  25. Freshness • Freshness : The result set in response to a query should be the recent snapshot of the database. • Prevents the server from replaying the old signature chains, hence freshness is part of data integrity concerns.

  26. Further scope • How to reduce the size of the verification object. {Ts, Tn, Sign(r), ∑} • Freshness Issues

  27. Reference • DSAC : An approach to ensure integrity of outsourced databases using signature aggregation and chaining • Authors : Maithili Narasimha & Gene Tsudik Computer Science Department University of California, Irvine

More Related