TU Darmstadt / ULB / TUprints

ELSA: efficient long-term secure storage of large datasets (full version)

Muth, Philipp ; Geihs, Matthias ; Arul, Tolga ; Buchmann, Johannes ; Katzenbeisser, Stefan (2021)
ELSA: efficient long-term secure storage of large datasets (full version).
In: EURASIP Journal on Information Security, 2020, 2020 (9)
doi: 10.26083/tuprints-00017511
Article, Secondary publication, Publisher's Version

Copyright Information: CC BY 4.0 International - Creative Commons, Attribution.

Download (1MB) | Preview
Item Type: Article
Type of entry: Secondary publication
Title: ELSA: efficient long-term secure storage of large datasets (full version)
Language: English
Date: 2021
Year of primary publication: 2020
Publisher: Springer
Journal or Publication Title: EURASIP Journal on Information Security
Volume of the journal: 2020
Issue Number: 9
DOI: 10.26083/tuprints-00017511
Corresponding Links:
Origin: Secondary publication via sponsored Golden Open Access

An increasing amount of information today is generated, exchanged, and stored digitally. This also includes long-lived and highly sensitive information (e.g., electronic health records, governmental documents) whose integrity and confidentiality must be protected over decades or even centuries. While there is a vast amount of cryptography-based data protection schemes, only few are designed for long-term protection. Recently, Braun et al. (AsiaCCS’17) proposed the first long-term protection scheme that provides renewable integrity protection and information-theoretic confidentiality protection. However, computation and storage costs of their scheme increase significantly with the number of stored data items. As a result, their scheme appears suitable only for protecting databases with a small number of relatively large data items, but unsuitable for databases that hold a large number of relatively small data items (e.g., medical record databases). In this work, we present a solution for efficient long-term integrity and confidentiality protection of large datasets consisting of relatively small data items. First, we construct a renewable vector commitment scheme that is information-theoretically hiding under selective decommitment. We then combine this scheme with renewable timestamps and information-theoretically secure secret sharing. The resulting solution requires only a single timestamp for protecting a dataset while the state of the art requires a number of timestamps linear in the number of data items. Furthermore, we extend the scheme, that supports a single client, to a multi-client setting. Subsequently, we characterize the arising challenges with respect to integrity and confidentiality and discuss how our multi-client scheme tackles them. We implemented our solution and measured its performance in a scenario where 9600 data items are aggregated, stored, protected, and verified over a time span of 80 years. Our measurements show that our new solution completes this evaluation scenario an order of magnitude faster than the state of the art.

Status: Publisher's Version
URN: urn:nbn:de:tuda-tuprints-175111
Classification DDC: 000 Generalities, computers, information > 004 Computer science
Divisions: 20 Department of Computer Science > Security Engineering
Date Deposited: 09 Feb 2021 09:34
Last Modified: 09 Feb 2021 09:34
URI: https://tuprints.ulb.tu-darmstadt.de/id/eprint/17511
Actions (login required)
View Item View Item