Improving security and reliability in Merkle tree-based online data authentication with leakage resilience

Dongyoung Koo; Youngjoo Shin; Joobeom Yun; Junbeom Hur

doi:10.3390/app8122532

Improving security and reliability in Merkle tree-based online data authentication with leakage resilience

Dongyoung Koo, Youngjoo Shin, Joobeom Yun, Junbeom Hur

Department of Computer Science and Engineering

Research output: Contribution to journal › Article › peer-review

23 Citations (Scopus)

Abstract

With the successful proliferation of data outsourcing services, security and privacy issues have drawn significant attention. Data authentication in particular plays an essential role in the storage of outsourced digital content and keeping it safe from modifications by inside or outside adversaries. In this paper, we focus on online data authentication using a Merkle (hash) tree to guarantee data integrity. By conducting in-depth diagnostics of the side channels of the Merkle tree-based approach, we explore novel solutions to improve the security and reliability of the maintenance of outsourced data. Based on a thorough review of previous solutions, we present a new method of inserting auxiliary random sources into the integrity verification proof on the prover side. This prevents the exposure of partial information within the tree structure and consequently releases restrictions on the number of verification execution, while maintaining desirable security and reliability of authentication for the long run. Based on a rigorous proof, we show that the proposed scheme maintains consistent reliability without being affected by continuous information leakage caused by repetitions of the authentication process. In addition, experimental results comparing with the proposed scheme with other state-of-the-art studies demonstrate its efficiency and practicality.

Original language	English
Article number	2532
Journal	Applied Sciences (Switzerland)
Volume	8
Issue number	12
DOIs	https://doi.org/10.3390/app8122532
Publication status	Published - 2018 Dec 7

Bibliographical note

Funding Information:
Funding: This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MSIT) (No. 2017R1C1B5077026) for Dongyoung Koo. This work was supported by Institute for Information & communications Technology Promotion(IITP) grant funded by the Korea government(MSIP) (No.2018-0-00477, Development of Malware Analysis Technique based on Deep Web and Tor) for Junbeom Hur. This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MSIP) (No.2017R1C1B5015045) for Youngjoo Shin. This research was supported by the MSIT(Ministry of Science and ICT), Korea, under the ITRC(Information Technology Research Center) support program(IITP-2018-0-01423) supervised by the IITP(Institute for Information & communications Technology Promotion) for Joobum Yun.

Publisher Copyright:
© 2018 by the authors.

Keywords

Data loss
Data outsourcing
Information leakage
Integrity
Merkle (hash) tree
Online authentication
Reliability

ASJC Scopus subject areas

Materials Science(all)
Instrumentation
Engineering(all)
Process Chemistry and Technology
Computer Science Applications
Fluid Flow and Transfer Processes

Access to Document

10.3390/app8122532

Cite this

@article{e186a0e818474048ac2e9de61429b1cc,

title = "Improving security and reliability in Merkle tree-based online data authentication with leakage resilience",

abstract = "With the successful proliferation of data outsourcing services, security and privacy issues have drawn significant attention. Data authentication in particular plays an essential role in the storage of outsourced digital content and keeping it safe from modifications by inside or outside adversaries. In this paper, we focus on online data authentication using a Merkle (hash) tree to guarantee data integrity. By conducting in-depth diagnostics of the side channels of the Merkle tree-based approach, we explore novel solutions to improve the security and reliability of the maintenance of outsourced data. Based on a thorough review of previous solutions, we present a new method of inserting auxiliary random sources into the integrity verification proof on the prover side. This prevents the exposure of partial information within the tree structure and consequently releases restrictions on the number of verification execution, while maintaining desirable security and reliability of authentication for the long run. Based on a rigorous proof, we show that the proposed scheme maintains consistent reliability without being affected by continuous information leakage caused by repetitions of the authentication process. In addition, experimental results comparing with the proposed scheme with other state-of-the-art studies demonstrate its efficiency and practicality.",

keywords = "Data loss, Data outsourcing, Information leakage, Integrity, Merkle (hash) tree, Online authentication, Reliability",

author = "Dongyoung Koo and Youngjoo Shin and Joobeom Yun and Junbeom Hur",

note = "Funding Information: Funding: This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MSIT) (No. 2017R1C1B5077026) for Dongyoung Koo. This work was supported by Institute for Information & communications Technology Promotion(IITP) grant funded by the Korea government(MSIP) (No.2018-0-00477, Development of Malware Analysis Technique based on Deep Web and Tor) for Junbeom Hur. This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MSIP) (No.2017R1C1B5015045) for Youngjoo Shin. This research was supported by the MSIT(Ministry of Science and ICT), Korea, under the ITRC(Information Technology Research Center) support program(IITP-2018-0-01423) supervised by the IITP(Institute for Information & communications Technology Promotion) for Joobum Yun. Publisher Copyright: {\textcopyright} 2018 by the authors.",

year = "2018",

month = dec,

day = "7",

doi = "10.3390/app8122532",

language = "English",

volume = "8",

journal = "Applied Sciences (Switzerland)",

issn = "2076-3417",

publisher = "Multidisciplinary Digital Publishing Institute",

number = "12",

}

TY - JOUR

T1 - Improving security and reliability in Merkle tree-based online data authentication with leakage resilience

AU - Koo, Dongyoung

AU - Shin, Youngjoo

AU - Yun, Joobeom

AU - Hur, Junbeom

N1 - Funding Information: Funding: This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MSIT) (No. 2017R1C1B5077026) for Dongyoung Koo. This work was supported by Institute for Information & communications Technology Promotion(IITP) grant funded by the Korea government(MSIP) (No.2018-0-00477, Development of Malware Analysis Technique based on Deep Web and Tor) for Junbeom Hur. This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MSIP) (No.2017R1C1B5015045) for Youngjoo Shin. This research was supported by the MSIT(Ministry of Science and ICT), Korea, under the ITRC(Information Technology Research Center) support program(IITP-2018-0-01423) supervised by the IITP(Institute for Information & communications Technology Promotion) for Joobum Yun. Publisher Copyright: © 2018 by the authors.

PY - 2018/12/7

Y1 - 2018/12/7

N2 - With the successful proliferation of data outsourcing services, security and privacy issues have drawn significant attention. Data authentication in particular plays an essential role in the storage of outsourced digital content and keeping it safe from modifications by inside or outside adversaries. In this paper, we focus on online data authentication using a Merkle (hash) tree to guarantee data integrity. By conducting in-depth diagnostics of the side channels of the Merkle tree-based approach, we explore novel solutions to improve the security and reliability of the maintenance of outsourced data. Based on a thorough review of previous solutions, we present a new method of inserting auxiliary random sources into the integrity verification proof on the prover side. This prevents the exposure of partial information within the tree structure and consequently releases restrictions on the number of verification execution, while maintaining desirable security and reliability of authentication for the long run. Based on a rigorous proof, we show that the proposed scheme maintains consistent reliability without being affected by continuous information leakage caused by repetitions of the authentication process. In addition, experimental results comparing with the proposed scheme with other state-of-the-art studies demonstrate its efficiency and practicality.

AB - With the successful proliferation of data outsourcing services, security and privacy issues have drawn significant attention. Data authentication in particular plays an essential role in the storage of outsourced digital content and keeping it safe from modifications by inside or outside adversaries. In this paper, we focus on online data authentication using a Merkle (hash) tree to guarantee data integrity. By conducting in-depth diagnostics of the side channels of the Merkle tree-based approach, we explore novel solutions to improve the security and reliability of the maintenance of outsourced data. Based on a thorough review of previous solutions, we present a new method of inserting auxiliary random sources into the integrity verification proof on the prover side. This prevents the exposure of partial information within the tree structure and consequently releases restrictions on the number of verification execution, while maintaining desirable security and reliability of authentication for the long run. Based on a rigorous proof, we show that the proposed scheme maintains consistent reliability without being affected by continuous information leakage caused by repetitions of the authentication process. In addition, experimental results comparing with the proposed scheme with other state-of-the-art studies demonstrate its efficiency and practicality.

KW - Data loss

KW - Data outsourcing

KW - Information leakage

KW - Integrity

KW - Merkle (hash) tree

KW - Online authentication

KW - Reliability

UR - http://www.scopus.com/inward/record.url?scp=85058132746&partnerID=8YFLogxK

U2 - 10.3390/app8122532

DO - 10.3390/app8122532

M3 - Article

AN - SCOPUS:85058132746

SN - 2076-3417

VL - 8

JO - Applied Sciences (Switzerland)

JF - Applied Sciences (Switzerland)

IS - 12

M1 - 2532

ER -

Improving security and reliability in Merkle tree-based online data authentication with leakage resilience

Abstract

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this