Skip to main content
SpringerLink
Log in

Outsourced pattern matching

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

In secure delegatable computation, computationally weak devices (or clients) wish to outsource their computation and data to an untrusted server in the cloud. While most earlier work considers the general question of how to securely outsource any computation to the cloud server, we focus on concrete and important functionalities and give the first protocol for the pattern matching problem in the cloud. Loosely speaking, this problem considers a text T that is outsourced to the cloud \({\textsc {S}}\) by a sender \({\textsc {SEN}}\). In a query phase, receivers \({\textsc {REC}}_1, \ldots , {\textsc {REC}}_l\) run an efficient protocol with the server \({\textsc {S}}\) and the sender \({\textsc {SEN}}\) in order to learn the positions at which a pattern of length m matches the text (and nothing beyond that). This is called the outsourced pattern matching problem which is highly motivated in the context of delegatable computing since it offers storage alternatives for massive databases that contain confidential data (e.g., health-related data about patient history). Our constructions are simulation-based secure in the presence of semi-honest and malicious adversaries (in the random oracle model) and limit the communication in the query phase to O(m) bits plus the number of occurrences—which is optimal. In contrast to generic solutions for delegatable computation, our schemes do not rely on fully homomorphic encryption but instead use novel ideas for solving pattern matching, based on a reduction to the subset sum problem. Interestingly, we do not rely on the hardness of the problem, but rather we exploit instances that are solvable in polynomial time. A follow-up result demonstrates that the random oracle is essential in order to meet our communication bound.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

Notes

  1. Namely, a two-rounds solution based on FHE would need a circuit that tolerates the worst case output size, which in pattern matching implies a maximal number of matches that is proportional to the length of the text (or the database).

  2. This definition is more applicable for search engines where the first few results are typically more relevant, whereas the former variant is more applicable for a DNA search where it is important to find all matched positions. For simplicity we only consider the first variant, and our solutions support both variants.

  3. We remark that this definition considers a function that is not pseudorandom in the classic sense of it being indistinguishable from a random function whose range is composed of all strings of a given length. Rather, it is indistinguishable from a random function whose range is the group generated by g as defined below.

  4. As specified in the introduction, we can define a search functionality that only returns the first few and most relevant matches. Our discussion and formalization below can be easily adapted for this functionality as well.

  5. Taking a look ahead, this solution can only support short texts as otherwise either the collision probability (cf. Lemma 1) is large and we cannot achieve correctness, or the subset sum problem cannot be solved efficiently as the instance is not low density.

  6. In the basic form of the protocol, it does not make any difference whether we commit to \(R_p\) or to \(R_p'\). However, in the extension based on packaging committing to \(R_p'\) yields a better communication complexity in the setup phase.

References

  1. Applebaum, B., Ishai, Y., Kushilevitz, E.: From secrecy to soundness: Efficient verification via secure computation. In: ICALP, pp. 152–163 (2010)

  2. Asharov, G., Jain, A., López-Alt, A., Tromer, E., Vaikuntanathan, V., Wichs, D.: Multiparty computation with low communication, computation and interaction via threshold FHE. In: EUROCRYPT, pp. 483–501 (2012)

  3. Au, M.H., Tsang, P.P., Susilo, W., Mu, Y.: Dynamic universal accumulators for DDH groups and their application to attribute-based anonymous credential systems. In: CT-RSA, pp. 295–308 (2009)

  4. Benabbas, S., Gennaro, R., Vahlis, Y.: Verifiable delegation of computation over large datasets. In: CRYPTO, pp. 111–131 (2011)

  5. Boyer, R.S., Moore, J.S.: A fast string searching algorithm. Commun. ACM 20(10), 762–772 (1977)

    Article  MATH  Google Scholar 

  6. Buldas, A., Laud, P., Lipmaa, H.: Accountable certificate management using undeniable attestations. In: CCS, pp. 9–17 (2000)

  7. Buldas, A., Laud, P., Lipmaa, H.: Eliminating counterevidence with applications to accountable certificate management. J. Comput. Secur. 10(3), 273–296 (2002)

    Article  Google Scholar 

  8. Camacho, P., Hevia, A., Kiwi, M.A., Opazo, R.: Strong accumulators from collision-resistant hashing. Int. J. Inf. Secur. 11(5), 349–363 (2012)

    Article  Google Scholar 

  9. Canetti, R.: Security and composition of multi-party cryptographic protocols. J. Cryptol. 13, 143–202 (2000)

    Article  MathSciNet  MATH  Google Scholar 

  10. Catalano, D., Fiore, D.: Vector commitments and their applications. In: PKC, pp. 55–72 (2013)

  11. Chaimovich, M., Freiman, G., Galil, Z.: Solving dense subset-sum problems by using analytical number theory. J. Complex. 5(3), 271–282 (1989)

    Article  MathSciNet  MATH  Google Scholar 

  12. Chase, M., Shen, E.: Substring-searchable symmetric encryption. PoPETs 2015(2), 263–281 (2015)

    Google Scholar 

  13. Chen, Y., Nguyen, P.Q.: Bkz 2.0: Better lattice security estimates. In: ASIACRYPT, pp. 1–20 (2011)

  14. Choi, S.G., Katz, J., Kumaresan, R., Cid, C.: Multi-client non-interactive verifiable computation. In: TCC, pp. 499–518 (2013)

  15. Chung, K.M., Kalai, Y.T., Vadhan, S.P.: Improved delegation of computation using fully homomorphic encryption. In: CRYPTO, pp. 483–501 (2010)

  16. Coster, M.J., Joux, A., LaMacchia, B.A., Odlyzko, A.M., Schnorr, C.P., Stern, J.: Improved low-density subset sum algorithms. Comput. Complex. 2, 111–128 (1992)

    Article  MathSciNet  MATH  Google Scholar 

  17. Curtmola, R., Garay, J.A., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. J. Comput. Secur. 19(5), 895–934 (2011)

    Article  Google Scholar 

  18. Damgård, I., Triandopoulos, N.: Supporting non-membership proofs with bilinear-map accumulators. IACR Cryptol. ePrint Archive 2008, 538 (2008). URL http://eprint.iacr.org/2008/538

  19. Derler, D., Hanser, C., Slamanig, D.: Revisiting cryptographic accumulators, additional properties and relations to other primitives. In: CT-RSA, pp. 127–144 (2015)

  20. Faust, S., Hazay, C., Venturi, D.: Outsourced pattern matching. In: ICALP, pp. 545–556 (2013)

  21. Fiore, D., Gennaro, R., Pastro, V.: Efficiently verifiable computation on encrypted data. In: CCS, pp. 844–855 (2014)

  22. Flaxman, A., Przydatek, B.: Solving medium-density subset sum problems in expected polynomial time. In: STACS, pp. 305–314 (2005)

  23. Freedman, M.J., Ishai, Y., Pinkas, B., Reingold, O.: Keyword search and oblivious pseudorandom functions. In: TCC, pp. 303–324 (2005)

  24. Frieze, A.M.: On the Lagarias–Odlyzko algorithm for the subset sum problem. SIAM J. Comput. 15(2), 536–539 (1986)

    Article  MathSciNet  MATH  Google Scholar 

  25. Galil, Z., Margalit, O.: An almost linear-time algorithm for the dense subset-sum problem. In: ICALP, pp. 719–727 (1991)

  26. Gama, N., Nguyen, P.Q.: Predicting lattice reduction. In: EUROCRYPT, pp. 31–51 (2008)

  27. Gennaro, R., Gentry, C., Parno, B.: Non-interactive verifiable computing: Outsourcing computation to untrusted workers. In: CRYPTO, pp. 465–482 (2010)

  28. Gennaro, R., Hazay, C., Sorensen, J.S.: Text search protocols with simulation based security. In: PKC, pp. 332–350 (2010)

  29. Gentry, C.: Fully homomorphic encryption using ideal lattices. In: STOC, pp. 169–178 (2009)

  30. Gordon, S.D., Katz, J., Liu, F., Shi, E., Zhou, H.: Multi-client verifiable computation with stronger security guarantees. In: TCC, pp. 144–168 (2015)

  31. Hazay, C., Lindell, Y.: Efficient protocols for set intersection and pattern matching with security against malicious and covert adversaries. J. Cryptol. 23(3), 422–456 (2010)

    Article  MathSciNet  MATH  Google Scholar 

  32. Hazay, C., Toft, T.: Computationally secure pattern matching in the presence of malicious adversaries. In: ASIACRYPT, pp. 195–212 (2010)

  33. Hazay, C., Zarosim, H.: The feasibility of outsourced database search in the plain model. In: SCN, pp. 313–332 (2016)

  34. Impagliazzo, R., Naor, M.: Efficient cryptographic schemes provably as secure as subset sum. J. Cryptol. 9(4), 199–216 (1996)

    Article  MathSciNet  MATH  Google Scholar 

  35. Jarecki, S., Jutla, C.S., Krawczyk, H., Rosu, M.C., Steiner, M.: Outsourced symmetric private information retrieval. In: CCS, pp. 875–888 (2013)

  36. Kamara, S., Mohassel, P., Raykova, M.: Outsourcing multi-party computation. IACR Cryptol. ePrint Archive 2011, 272 (2011). URL http://eprint.iacr.org/2011/272

  37. Kamara, S., Mohassel, P., Riva, B.: Salus: a system for server-aided secure function evaluation. In: CCS, pp. 797–808 (2012)

  38. Kamara, S., Papamanthou, C.: Parallel and dynamic searchable symmetric encryption. In: Financial Cryptography, pp. 258–274 (2013)

  39. Kamara, S., Papamanthou, C., Roeder, T.: Dynamic searchable symmetric encryption. In: CCS, pp. 965–976 (2012)

  40. Katz, J., Malka, L.: Secure text processing with applications to private DNA matching. In: CCS, pp. 485–492 (2010)

  41. Knuth, D.E., Morris, J.H.J., Pratt, V.R.: Fast pattern matching in strings. SIAM J. Comput. 6(2), 323–350 (1977)

    Article  MathSciNet  MATH  Google Scholar 

  42. Lagarias, J.C., Odlyzko, A.M.: Solving low-density subset sum problems. J. ACM 32(1), 229–246 (1985)

    Article  MathSciNet  MATH  Google Scholar 

  43. Li, D., Dong, X., Cao, Z.: Secure and privacy-preserving pattern matching in outsourced computing. Secur. Commun. Netw. 9(16), 3444–3451 (2016)

    Article  Google Scholar 

  44. Li, J., Li, N., Xue, R.: Universal accumulators with efficient nonmembership proofs. In: ACNS, pp. 253–269 (2007)

  45. López-Alt, A., Tromer, E., Vaikuntanathan, V.: On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption. In: STOC, pp. 1219–1234 (2012)

  46. Lyubashevsky, V.: The parity problem in the presence of noise, decoding random linear codes, and the subset sum problem. In: APPROX-RANDOM, pp. 378–389 (2005)

  47. Lyubashevsky, V., Palacio, A., Segev, G.: Public-key cryptographic primitives provably as secure as subset sum. In: TCC, pp. 382–400 (2010)

  48. Merkle, R.C.: A certified digital signature. In: CRYPTO, pp. 218–238 (1989)

  49. Mohassel, P.: Efficient and secure delegation of linear algebra. IACR Cryptol. ePrint Archive 2011, 605 (2011). URL http://eprint.iacr.org/2011/605

  50. Naor, M., Reingold, O.: Number-theoretic constructions of efficient pseudo-random functions. In: FOCS, pp. 458–467 (1997)

  51. Nguyen, P.Q., Stehlé, D.: LLL on the average. In: ANTS, pp. 238–256 (2006)

  52. Papamanthou, C., Tamassia, R., Triandopoulos, N.: Optimal verification of operations on dynamic sets. In: CRYPTO, pp. 91–110 (2011)

  53. Peikert, C., Vaikuntanathan, V., Waters, B.: A framework for efficient and composable oblivious transfer. In: CRYPTO, pp. 554–571 (2008)

  54. Shallue, A.: An improved multi-set algorithm for the dense subset sum problem. In: ANTS, pp. 416–429 (2008)

  55. Troncoso-Pastoriza, J.R., Katzenbeisser, S., Celik, M.U.: Privacy preserving error resilient DNA searching through oblivious automata. In: CCS, pp. 519–528 (2007)

  56. Zhou, J., Cao, Z., Dong, X.: PPOPM: more efficient privacy preserving outsourced pattern matching. In: ESORICS, pp. 135–153 (2016)

Download references

Author information

Authors and Affiliations

  1. Ruhr-Universität Bochum, 44801, Bochum, Germany

    Sebastian Faust

  2. Bar-Ilan University, 5290002, Ramat Gan, Israel

    Carmit Hazay

  3. Sapienza University of Rome, Rome, Italy

    Daniele Venturi

Authors
  1. Sebastian Faust
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Carmit Hazay
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Daniele Venturi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Carmit Hazay.

Additional information

Partially supported from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 644666.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Faust, S., Hazay, C. & Venturi, D. Outsourced pattern matching. Int. J. Inf. Secur. 17, 327–346 (2018). https://doi.org/10.1007/s10207-017-0374-0

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-017-0374-0

Keywords

Search

Navigation