TU Darmstadt / ULB / TUbiblio

ELSA: efficient long-term secure storage of large datasets (full version)

Muth, Philipp ; Geihs, Matthias ; Arul, Tolga ; Buchmann, Johannes ; Katzenbeisser, Stefan (2021)
ELSA: efficient long-term secure storage of large datasets (full version).
In: EURASIP Journal on Information Security, 2020, 2020 (9)
doi: 10.26083/tuprints-00017511
Artikel, Zweitveröffentlichung, Verlagsversion

Kurzbeschreibung (Abstract)

An increasing amount of information today is generated, exchanged, and stored digitally. This also includes long-lived and highly sensitive information (e.g., electronic health records, governmental documents) whose integrity and confidentiality must be protected over decades or even centuries. While there is a vast amount of cryptography-based data protection schemes, only few are designed for long-term protection. Recently, Braun et al. (AsiaCCS’17) proposed the first long-term protection scheme that provides renewable integrity protection and information-theoretic confidentiality protection. However, computation and storage costs of their scheme increase significantly with the number of stored data items. As a result, their scheme appears suitable only for protecting databases with a small number of relatively large data items, but unsuitable for databases that hold a large number of relatively small data items (e.g., medical record databases). In this work, we present a solution for efficient long-term integrity and confidentiality protection of large datasets consisting of relatively small data items. First, we construct a renewable vector commitment scheme that is information-theoretically hiding under selective decommitment. We then combine this scheme with renewable timestamps and information-theoretically secure secret sharing. The resulting solution requires only a single timestamp for protecting a dataset while the state of the art requires a number of timestamps linear in the number of data items. Furthermore, we extend the scheme, that supports a single client, to a multi-client setting. Subsequently, we characterize the arising challenges with respect to integrity and confidentiality and discuss how our multi-client scheme tackles them. We implemented our solution and measured its performance in a scenario where 9600 data items are aggregated, stored, protected, and verified over a time span of 80 years. Our measurements show that our new solution completes this evaluation scenario an order of magnitude faster than the state of the art.

Typ des Eintrags: Artikel
Erschienen: 2021
Autor(en): Muth, Philipp ; Geihs, Matthias ; Arul, Tolga ; Buchmann, Johannes ; Katzenbeisser, Stefan
Art des Eintrags: Zweitveröffentlichung
Titel: ELSA: efficient long-term secure storage of large datasets (full version)
Sprache: Englisch
Publikationsjahr: 2021
Publikationsdatum der Erstveröffentlichung: 2020
Verlag: Springer
Titel der Zeitschrift, Zeitung oder Schriftenreihe: EURASIP Journal on Information Security
Jahrgang/Volume einer Zeitschrift: 2020
(Heft-)Nummer: 9
DOI: 10.26083/tuprints-00017511
URL / URN: https://tuprints.ulb.tu-darmstadt.de/17511
Zugehörige Links:
Herkunft: Zweitveröffentlichung aus gefördertem Golden Open Access
Kurzbeschreibung (Abstract):

An increasing amount of information today is generated, exchanged, and stored digitally. This also includes long-lived and highly sensitive information (e.g., electronic health records, governmental documents) whose integrity and confidentiality must be protected over decades or even centuries. While there is a vast amount of cryptography-based data protection schemes, only few are designed for long-term protection. Recently, Braun et al. (AsiaCCS’17) proposed the first long-term protection scheme that provides renewable integrity protection and information-theoretic confidentiality protection. However, computation and storage costs of their scheme increase significantly with the number of stored data items. As a result, their scheme appears suitable only for protecting databases with a small number of relatively large data items, but unsuitable for databases that hold a large number of relatively small data items (e.g., medical record databases). In this work, we present a solution for efficient long-term integrity and confidentiality protection of large datasets consisting of relatively small data items. First, we construct a renewable vector commitment scheme that is information-theoretically hiding under selective decommitment. We then combine this scheme with renewable timestamps and information-theoretically secure secret sharing. The resulting solution requires only a single timestamp for protecting a dataset while the state of the art requires a number of timestamps linear in the number of data items. Furthermore, we extend the scheme, that supports a single client, to a multi-client setting. Subsequently, we characterize the arising challenges with respect to integrity and confidentiality and discuss how our multi-client scheme tackles them. We implemented our solution and measured its performance in a scenario where 9600 data items are aggregated, stored, protected, and verified over a time span of 80 years. Our measurements show that our new solution completes this evaluation scenario an order of magnitude faster than the state of the art.

Freie Schlagworte: Solutions, S6
Status: Verlagsversion
URN: urn:nbn:de:tuda-tuprints-175111
Sachgruppe der Dewey Dezimalklassifikatin (DDC): 000 Allgemeines, Informatik, Informationswissenschaft > 004 Informatik
Fachbereich(e)/-gebiet(e): 20 Fachbereich Informatik
20 Fachbereich Informatik > Security Engineering
DFG-Sonderforschungsbereiche (inkl. Transregio)
DFG-Sonderforschungsbereiche (inkl. Transregio) > Sonderforschungsbereiche
DFG-Sonderforschungsbereiche (inkl. Transregio) > Sonderforschungsbereiche > SFB 1119: CROSSING – Kryptographiebasierte Sicherheitslösungen als Grundlage für Vertrauen in heutigen und zukünftigen IT-Systemen
Hinterlegungsdatum: 09 Feb 2021 09:34
Letzte Änderung: 23 Sep 2021 10:22
PPN:
Zugehörige Links:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen