Muth, Philipp ; Geihs, Matthias ; Arul, Tolga ; Buchmann, Johannes ; Katzenbeisser, Stefan (2021)
ELSA: efficient long-term secure storage of large datasets (full version).
In: EURASIP Journal on Information Security, 2020, 2020 (9)
doi: 10.26083/tuprints-00017511
Article, Secondary publication, Publisher's Version
|
Text
1064-2122-1-SM.pdf Copyright Information: CC BY 4.0 International - Creative Commons, Attribution. Download (1MB) | Preview |
| Item Type: | Article |
|---|---|
| Type of entry: | Secondary publication |
| Title: | ELSA: efficient long-term secure storage of large datasets (full version) |
| Language: | English |
| Date: | 2021 |
| Year of primary publication: | 2020 |
| Publisher: | Springer |
| Journal or Publication Title: | EURASIP Journal on Information Security |
| Volume of the journal: | 2020 |
| Issue Number: | 9 |
| DOI: | 10.26083/tuprints-00017511 |
| Corresponding Links: | |
| Origin: | Secondary publication via sponsored Golden Open Access |
| Abstract: | An increasing amount of information today is generated, exchanged, and stored digitally. This also includes long-lived and highly sensitive information (e.g., electronic health records, governmental documents) whose integrity and confidentiality must be protected over decades or even centuries. While there is a vast amount of cryptography-based data protection schemes, only few are designed for long-term protection. Recently, Braun et al. (AsiaCCS’17) proposed the first long-term protection scheme that provides renewable integrity protection and information-theoretic confidentiality protection. However, computation and storage costs of their scheme increase significantly with the number of stored data items. As a result, their scheme appears suitable only for protecting databases with a small number of relatively large data items, but unsuitable for databases that hold a large number of relatively small data items (e.g., medical record databases). In this work, we present a solution for efficient long-term integrity and confidentiality protection of large datasets consisting of relatively small data items. First, we construct a renewable vector commitment scheme that is information-theoretically hiding under selective decommitment. We then combine this scheme with renewable timestamps and information-theoretically secure secret sharing. The resulting solution requires only a single timestamp for protecting a dataset while the state of the art requires a number of timestamps linear in the number of data items. Furthermore, we extend the scheme, that supports a single client, to a multi-client setting. Subsequently, we characterize the arising challenges with respect to integrity and confidentiality and discuss how our multi-client scheme tackles them. We implemented our solution and measured its performance in a scenario where 9600 data items are aggregated, stored, protected, and verified over a time span of 80 years. Our measurements show that our new solution completes this evaluation scenario an order of magnitude faster than the state of the art. |
| Status: | Publisher's Version |
| URN: | urn:nbn:de:tuda-tuprints-175111 |
| Classification DDC: | 000 Generalities, computers, information > 004 Computer science |
| Divisions: | 20 Department of Computer Science > Security Engineering |
| Date Deposited: | 09 Feb 2021 09:34 |
| Last Modified: | 09 Feb 2021 09:34 |
| URI: | https://tuprints.ulb.tu-darmstadt.de/id/eprint/17511 |
| PPN: | |
| Export: |
 |
View Item |
Drucken
Impressum