Qiongxiao Wang

Impossibility of Finding Any Third Family of Server Protocols Integrating Byzantine Quorum Systems with Threshold Signature Schemes

In order to tolerate servers’ Byzantine failures, a distributed storage service of self-verifying data (e.g., certificates) needs to make three security properties be Byzantine fault tolerant (BFT): data consistency, data availability, and confidentiality of the (signing service’s) private key. Building such systems demands the integration of Byzantine quorum systems (BQS), which only make data consistency and availability be BFT, and threshold signature schemes (TSS), which only make confidentiality of the private key be BFT. Two families of correct or valid TSS-BQS systems (of which the server protocols carry all the design options) have been proposed in the literature. Motivated by the failures in finding a third family of valid server protocols, we study the reverse problem and formally prove that it is impossible to find any third family of valid TSS-BQS systems. To obtain this proof, we develop a validity theory on server protocols of TSS-BQS systems. It is shown that the only two families of valid server protocols, “predicted” (or deduced) by the validity theory, precisely match the existing protocols.

A Secure and Fast Dispersal Storage Scheme Based on the Learning with Errors Problem

Data confidentiality and availability are of primary concern in data storage. Dispersal storage schemes achieve these two security properties by transforming the data into multiple codewords and dispersing them across multiple storage servers. Existing schemes achieve confidentiality and availability by various cryptographic and coding algorithms, but only under the assumption that an adversary cannot obtain more than a certain number of codewords. Meanwhile existing schemes are designed for storing archives. In this paper, we propose a novel dispersal storage scheme based on the learning with errors problem, known as storage with errors (SWE). SWE can resist even more powerful adversaries. Besides, SWE favorably supports dynamic data operations that are both efficient and secure, which is more practical for cloud storage. Furthermore, SWE achieves security at relatively low computational overhead, but the same storage cost compared with the state of the art. We also develop a prototype to validate and evaluate SWE. Analysis and experiments show that with proper configurations, SWE outperforms existing schemes in encoding/decoding speed.

RIKE+ : using revocable identities to support key escrow in public key infrastructures with flexibility

Public key infrastructures (PKIs) are proposed to provide various security services. Some security services such as confidentiality require key escrow in certain scenarios, whereas some others such as non-repudiation and authentication usually prohibit key escrow. Moreover, these two conflicting requirements can coexist for one PKI user. The popular solution in which each user has two different certificates and an escrow authority backs up all escrowed private keys faces the problems of efficiency and scalability. In this study, a novel key management infrastructure called RIKE+ is proposed to integrate the ‘inherent key escrow’ of identity-based encryption (IBE) into PKIs. In RIKE+ , (the hash value of) a users PKI certificate also serves as a ‘revocable identity’ to derive the users IBE public key, and the revocation of this IBE key pair is achieved by the certificate revocation of PKIs. Therefore the certificate binds the user with two key pairs, one of which is escrowed inherently and the other is not. Furthermore, RIKE+ employs chameleon hash to flexibly control the relationship between the certificate and the IBE key pair. In the case of certificate renewal and revocation, chameleon hash enables RIKE+ to manipulate the hash value of the new certificate, so the users IBE key pair is not unconditionally changed unless it is necessary. RIKE+ is an effective certificate-based solution compatible with traditional PKIs and can be built on existing X.509 PKIs.

Secure and Efficient Outsourcing of Large-Scale Matrix Inverse Computation

Matrix inverse computation (MIC) is one of the fundamental mathematical tasks in linear algebra, and finds applications in many areas of science and engineering. In practice, MIC tasks often involve large-scale matrices and impose prohibitive computation costs on resource-constrained users. As cloud computing gains much momentum, a resource-constrained client can choose to outsource the large-scale MIC task to a powerful but untrustworthy cloud. As the input of and the solution to the MIC task usually contain the client’s private information, appropriated mechanisms should be placed for privacy concerns. In this paper, we employ certain matrix transformations and construct an outsourcing scheme known as SEMIC, which can solve the MIC task in a masked yet verifiable manner. Thorough theoretical analysis shows that SEMIC is correct, verifiable, and privacy-preserving. Extensive experimental results demonstrate that SEMIC significantly reduces the computation costs of the client. Compared with the most related work, our solution offers enhanced privacy protection without impairing the efficiency.

EFS: Efficient and Fault-Scalable Byzantine Fault Tolerant Systems Against Faulty Clients

Byzantine fault tolerant (BFT) protocols enhance system safety and availability in asynchronous networks, despite the arbitrary faults at both servers and clients. A practical BFT system should be efficient in both contention-free and contending cases, and fault scalable (i.e., efficiently tolerating the increasing number of server faults). However, few existing BFT systems completely satisfy this robustness requirement of efficiency. In this paper, we propose EFS, the first BFT solution that provides good efficiency and fault-scalability, in various cases (i.e. faulty or not, contending or not). EFS is a hybrid BFT system consisting of an efficient and fault scalable quorum protocol for the contention-free case and a fast agreement protocol to resolve contention in a fault-scalable manner. More importantly, its server-directed mode switch does not rely on digital signature nor introduce any extra communication overhead. This lightweight switch counters the vulnerability in the existing hybrid BFT systems, where faulty clients can simply send contending requests to degrade the performance significantly. The experiment results on the EFS prototype demonstrate robust fault tolerance.

SEDB: Building Secure Database Services for Sensitive Data

Database outsourcing reduces the cost of data management; however, the confidentiality of the outsourced data is a main challenge. Existing solutionsi?ź[9, 13, 16, 17] either adopt multiple encryption schemes for data confidentiality that only support limited operations, or focus on providing efficient retrieval with problematic update support. In this paper, we propose a secure database outsourcing scheme SEDB based on Shamirs threshold secret sharing for practical confidentiality against honest-but-curious database servers. SEDB supports a set of commonly used operations, such as addition, subtraction, and comparison, and is among the first to support multiplication, division, and modulus. We implement a prototype of SEDB, and the experiment results demonstrate a reasonable processing overhead.