Improving security and reliability in Merkle tree-based online data authentication with leakage resilience

Dongyoung Koo, Youngjoo Shin, Joobeom Yun, Junbeom Hur

Research output: Contribution to journalArticlepeer-review

25 Citations (Scopus)

Abstract

With the successful proliferation of data outsourcing services, security and privacy issues have drawn significant attention. Data authentication in particular plays an essential role in the storage of outsourced digital content and keeping it safe from modifications by inside or outside adversaries. In this paper, we focus on online data authentication using a Merkle (hash) tree to guarantee data integrity. By conducting in-depth diagnostics of the side channels of the Merkle tree-based approach, we explore novel solutions to improve the security and reliability of the maintenance of outsourced data. Based on a thorough review of previous solutions, we present a new method of inserting auxiliary random sources into the integrity verification proof on the prover side. This prevents the exposure of partial information within the tree structure and consequently releases restrictions on the number of verification execution, while maintaining desirable security and reliability of authentication for the long run. Based on a rigorous proof, we show that the proposed scheme maintains consistent reliability without being affected by continuous information leakage caused by repetitions of the authentication process. In addition, experimental results comparing with the proposed scheme with other state-of-the-art studies demonstrate its efficiency and practicality.

Original languageEnglish
Article number2532
JournalApplied Sciences (Switzerland)
Volume8
Issue number12
DOIs
Publication statusPublished - 2018 Dec 7

Bibliographical note

Funding Information:
Funding: This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MSIT) (No. 2017R1C1B5077026) for Dongyoung Koo. This work was supported by Institute for Information & communications Technology Promotion(IITP) grant funded by the Korea government(MSIP) (No.2018-0-00477, Development of Malware Analysis Technique based on Deep Web and Tor) for Junbeom Hur. This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MSIP) (No.2017R1C1B5015045) for Youngjoo Shin. This research was supported by the MSIT(Ministry of Science and ICT), Korea, under the ITRC(Information Technology Research Center) support program(IITP-2018-0-01423) supervised by the IITP(Institute for Information & communications Technology Promotion) for Joobum Yun.

Publisher Copyright:
© 2018 by the authors.

Keywords

  • Data loss
  • Data outsourcing
  • Information leakage
  • Integrity
  • Merkle (hash) tree
  • Online authentication
  • Reliability

ASJC Scopus subject areas

  • General Materials Science
  • Instrumentation
  • General Engineering
  • Process Chemistry and Technology
  • Computer Science Applications
  • Fluid Flow and Transfer Processes

Fingerprint

Dive into the research topics of 'Improving security and reliability in Merkle tree-based online data authentication with leakage resilience'. Together they form a unique fingerprint.

Cite this