Skip to main content
SpringerLink
Log in

Oblivious Outsourced Storage with Delegation

  • Conference paper
Financial Cryptography and Data Security (FC 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7035))

Included in the following conference series:

Abstract

In the past few years, outsourcing private data to untrusted servers has become an important challenge. This raises severe questions concerning the security and privacy of the data on the external storage. In this paper we consider a scenario where multiple clients want to share data on a server, while hiding all access patterns. We propose here a first solution to this problem based on Oblivious RAM (ORAM) techniques. Data owners can delegate rights to external new clients enabling them to privately access portions of the outsourced data served by a curious server. Our solution is as efficient as the underlying ORAM constructs and allows for delegated read or write access while ensuring strong guarantees for the privacy of the outsourced data. The server does not learn anything about client access patterns while clients do not learn anything more than what their delegated rights permit.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Asonov, D. (ed.): Querying Databases Privately. LNCS, vol. 3128. Springer, Heidelberg (2004)

    MATH  Google Scholar 

  2. Berkovits, S.: How to Broadcast a Secret. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 535–541. Springer, Heidelberg (1991)

    Chapter  Google Scholar 

  3. Camenisch, J., Dubovitskaya, M., Neven, G.: Oblivious transfer with access control. In: CCS 2009: Proceedings of the 16th ACM Conference on Computer and Communications Security (2009)

    Google Scholar 

  4. Camenisch, J.L., Neven, G., Shelat, A.: Simulatable Adaptive Oblivious Transfer. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 573–590. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  5. Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private information retrieval. In: IEEE Symposium on Foundations of Computer Science, pp. 41–50 (1995)

    Google Scholar 

  6. Coull, S., Green, M., Hohenberger, S.: Controlling Access to an Oblivious Database Using Stateful Anonymous Credentials. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 501–520. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  7. Fiat, A., Naor, M.: Broadcast Encryption. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 480–491. Springer, Heidelberg (1994)

    Chapter  Google Scholar 

  8. Gasarch, W.: A WebPage on Private Information Retrieval, http://www.cs.umd.edu/~gasarch/pir/pir.html

  9. Gasarch, W.: A survey on private information retrieval, http://citeseer.ifi.unizh.ch/gasarch04survey.html

  10. Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious rams. Journal of the ACM 43, 431–473 (1996)

    Article  MathSciNet  MATH  Google Scholar 

  11. Halevy, D., Shamir, A.: The LSD Broadcast Encryption Scheme. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 47–60. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  12. IBM. IBM 4764 PCI-X Cryptographic Coprocessor (2007), http://www-03.ibm.com/security/cryptocards/pcixcc/overview.shtml

  13. Iliev, A., Smith, S.W.: Private information storage with logarithmic-space secure hardware. In: Proceedings of i-NetSec 2004: 3rd Working Conference on Privacy and Anonymity in Networked and Distributed Systems, pp. 201–216 (2004)

    Google Scholar 

  14. Jarecki, S., Shmatikov, V.: Handcuffing Big Brother: an Abuse-Resilient Transaction Escrow Scheme. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 590–608. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  15. Li, J., Krohn, M., Mazières, D., Shasha, D.: Secure Untrusted Data Repository (SUNDR). In: OSDI 2004, pp. 121–136 (2004)

    Google Scholar 

  16. Naor, D., Naor, M., Lotspiech, J.B.: Revocation and Tracing Schemes for Stateless Receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  17. Paterson, K.G.: Id-based signatures from pairings on elliptic curves. Electronics Letters 38, 1025–1026 (2002)

    Article  Google Scholar 

  18. Pinkas, B., Reinman, T.: Oblivious ram revisited. In: Proceedings of the 30th International Cryptology Conference (2010) (to appear)

    Google Scholar 

  19. Sion, R., Carbunar, B.: On the Computational Practicality of Private Information Retrieval. In: Proceedings of the Network and Distributed Systems Security Symposium (2007); Stony Brook Network Security and Applied Cryptography Lab Tech Report 2006-06

    Google Scholar 

  20. Wang, S., Ding, X., Deng, R.H., Bao, F.: Private Information Retrieval using Trusted Hardware. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 49–64. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  21. Williams, P., Sion, R., Carbunar, B.: Building castles out of mud: practical access pattern privacy and correctness on untrusted storage. In: CCS 2008: Proceedings of the 15th ACM Conference on Computer and Communications Security (2008)

    Google Scholar 

  22. Williams, P., Sion, R., Carbunar, B.: Building Castles out of Mud: Practical Access Pattern Privacy and Correctness on Untrusted Storage. In: ACM Conference on Computer and Communication Security CCS (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Center for Advanced Security Research Darmstadt - CASED, Germany

    Martin Franz & Stefan Katzenbeisser

  2. Computer Science, Stony Brook University, USA

    Peter Williams, Radu Sion & Miroslava Sotakova

  3. Applied Research Center, Motorola Labs, USA

    Bogdan Carbunar

  4. Technische Universität Darmstadt, Germany

    Stefan Katzenbeisser & Andreas Peter

Authors
  1. Martin Franz
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Peter Williams
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bogdan Carbunar
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Stefan Katzenbeisser
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Andreas Peter
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Radu Sion
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Miroslava Sotakova
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

George Danezis

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Franz, M. et al. (2012). Oblivious Outsourced Storage with Delegation. In: Danezis, G. (eds) Financial Cryptography and Data Security. FC 2011. Lecture Notes in Computer Science, vol 7035. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27576-0_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-27576-0_11

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-27575-3

  • Online ISBN: 978-3-642-27576-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation