Roopa Vishwanathan

Multi-user dynamic proofs of data possession using trusted hardware

In storage outsourcing services, clients store their data on a potentially untrusted server, which has more computational power and storage capacity than the individual clients. In this model, security properties such as integrity, authenticity, and freshness of stored data ought to be provided, while minimizing computational costs at the client, and communication costs between the client and the server. Using trusted computing technology on the servers side, we propose practical constructions in the provable data possession model that provide integrity and freshness in a dynamic, multi-user setting, where groups of users can update their shared files on the remote, untrusted server. Unlike previous solutions based on a single-user, single-device model, we consider a multi-user, multi-device model. Using trusted hardware on the server helps us to eliminate some of the previously known challenges with this model, such as forking and rollback attacks by the server. We logically separate bulk storage and data authentication issues to different untrusted remote services, which can be implemented either on the same or different physical servers. With only minor modifications to existing services, the bulk storage component can be provided by large-scale storage providers such as Google, CloudDrive, DropBox, and a smaller specialized server equipped with a trusted hardware chip can be used for providing data authentication. Our constructions eliminate client-side storage costs (clients do not need to maintain persistent state), and are suitable for situations in which multiple clients work collaboratively on remotely stored, outsourced data.

A two-level protocol to answer private location-based queries

An important privacy issue in Location Based Services (LBS) is to hide a users identity and location while still providing quality location based services. A users identity can be easily hidden through anonymous web browsing services. However, a users location can reveal a users identity. For example, a user at home may want to ask queries such as “Find the nearest hospital around me” through a GPS enabled mobile phone but he may not be willing to dislose his own location. A common way to achieve location privacy is through cloaking, e.g. the client sends a cloaked region to the server and filters the results to find the exact answer. Recently, Private Information Retrieval has been adopted to answer private location-based queries. However, we argue that ensuring the server does not reveal more data than what is queried is important at the same time. In this paper, we propose an efficient two-level solution based on two cryptographic protocols: PIR and Oblivious Transfer. Our solution is a general-purpose one and can use either a two-level PIR [2] or it can use a combination of PIR and Oblivious Transfer [11]. Our approach provides privacy for the user/client, does not use a trusted party or anonymizer, is provably privacy-preserving, and when compared to previous approaches ensures that the server reveals as minimum data as is required, and the data that is released by the server is as fine-grained or precise as possible.

Expiration and Revocation of Keys for Attribute-Based Signatures

Attribute-based signatures, introduced by Maji et al., are signatures that prove that an authority has issued the signer “attributes” that satisfy some specified predicate. In existing attribute-based signature schemes, keys are valid indefinitely once issued. In this paper, we initiate the study of incorporating time into attribute-based signatures, where a time instance is embedded in every signature, and attributes are restricted to producing signatures with times that fall in designated validity intervals. We provide three implementations that vary in granularity of assigning validity intervals to attributes, including a scheme in which each attribute has its own independent validity interval, a scheme in which all attributes share a common validity interval, and a scheme in which sets of attributes share validity intervals. All of our schemes provide anonymity to a signer, hide the attributes used to create the signature, and provide collusion-resistance between users.

General Secure Function Evaluation using standard trusted computing hardware

In this paper, we show how Trusted Platform Modules (TPMs), standard security hardware devices, can be used with minor modification to efficiently support Secure Function Evaluation (SFE), a fundamental and extremely powerful cryptographic operation. Prior research by others has shown how SFE can benefit from using security hardware, but prior work has used either custom hardware tokens or powerful secure co-processors which require significant changes to current computing systems. In this paper we show that similar techniques can be supported by TPMs with enhancements that are at the level of a firmware upgrade (albeit a secure firmware upgrade endorsed by the TPM manufacturer) — specifically, no new physical devices would need to be purchased or added to most modern business-class systems. This paper describes the specific changes that need to be made, and evaluates efficiency for a simple example in location-based privacy. Our evaluation shows that performance is reasonable for supporting simple privacy-enhanced applications.