Yantian Hou

Maple: scalable multi-dimensional range search over encrypted cloud data with tree-based index

Cloud computing promises users massive scale outsourced data storage services with much lower costs than traditional methods. However, privacy concerns compel sensitive data to be stored on the cloud server in an encrypted form. This posts a great challenge for effectively utilizing cloud data, such as executing common SQL queries. A variety of searchable encryption techniques have been proposed to solve this issue; yet efficiency and scalability are still the two main obstacles for their adoptions in real-world datasets, which are multi-dimensional in general. In this paper, we propose a tree-based public-key Multi-Dimensional Range Searchable Encryption (MDRSE) to overcome the above limitations. Specifically, we first formally define the leakage function and security of a tree-based MDRSE. Then, by leveraging an existing predicate encryption in a novel way, our tree-based MDRSE efficiently indexes and searches over encrypted cloud data with multi-dimensional tree structures (i.e., R-trees). Moreover, our scheme is able to protect single-dimensional privacy while previous efficient solutions fail to achieve. Our scheme is selectively secure, and through extensive experimental evaluation on a large-scale real-world dataset, we show the efficiency and scalability of our scheme.

Chorus: scalable in-band trust establishment for multiple constrained devices over the insecure wireless channel

Secure initial trust establishment for multiple resource constrained devices is a fundamental issue underlying wireless networks. A number of protocols have been proposed for secure key deployment among nodes without prior shared secrets (ad hoc), however so far most of them rely on secure out-of-band (OOB) channels (e.g., audio, visual) which either only work with a small number of devices or require auxiliary hardware. In this paper, for the first time, we design a solution that enables secure initialization of a group of wireless devices, which works merely within the wireless band. Our proposed solution is based on a novel physical-layer primitive for authenticated string comparison over the insecure wireless channel, called Chorus, which simultaneously compares the equality of fixed-length authentication strings held by multiple wireless devices within constant time. The Chorus achieves a key authentication property, which prevents an adversary from tricking each device to believe that all strings are equal when they are not, which is enabled by exploiting the infeasibility of signal cancellation and unidirectional error detection codes. Chorus can be employed as a foundation to provide in-band group message authentication (GMA) and group authenticated key agreement (GAKA), that does not require any prior shared secret. Specifically, we design two GAKA protocols based on Chorus and formally prove their security. The most appealing features of our proposed protocols include: minimal hardware requirement (a common radio interface and a button), minimal user effort (pressing a button on each device on average), nearly constant running time, thus they are scalable to a large group of constrained wireless devices. Through extensive analysis and experimental evaluation, we show the security and robustness of Chorus under a realistic attack model, and demonstrate the high scalability of our GAKA protocols.

Practical and secure nearest neighbor search on encrypted large-scale data

Nearest neighbor search (or k-nearest neighbor search in general) is one of the most fundamental queries on massive datasets, and it has extensive applications such as pattern recognition, statistical classification, graph algorithms, Location-Based Services and online recommendations. With the raising trend of outsourcing massive sensitive datasets to public clouds, it is urgent for companies and organizations to demand fast and secure nearest neighbor search solutions over their outsourced data, but without revealing privacy to untrusted clouds. However, existing solutions for secure nearest neighbor search still face significant limitations, which make them far from practice. In this paper, we propose a new searchable encryption scheme, which can efficiently and securely enable nearest neighbor search over encrypted data on untrusted clouds. Specifically, we modify the search algorithm of nearest neighbors with tree structures (e.g., R-trees), where the modified algorithm adapts to lightweight cryptographic primitives (e.g., Order-Preserving Encryption) without affecting the original faster-than-linear search complexity. As a result, we address all the limitations in the previous works while still maintaining correctness and security. Moreover, our design is general, which can be used for secure k-nearest neighbor search, and it is compatible with other similar tree structures. Our experimental results on Amazon EC2 show that our scheme is extremely practical over massive datasets.

Surviving the RF smog: Making Body Area Networks robust to cross-technology interference

Wireless Body Area Networks (BANs) demand for highly robust communication due to the criticality and time-sensitivity of the medical monitoring data. However, as BANs will be widely deployed in densely populated areas, they inevitably face the RF cross-technology interference (CTI) from non-protocol-compliant wireless devices operating in the same spectrum range, which are persistent, high power, and broadband in nature. The main challenges to defend such strong CTI come from the scarcity of spectrum resources, the uncertainty of the CTI sources and BAN channel status, and the stringent hardware constraints. Existing methods fail because of their need for extra spectrum resources or advanced hardware. In this paper, we first experimentally characterize the adverse effect on BAN reliability caused by the non-protocol-compliant CTI. Then we propose a CTI-aware joint routing and power control (JRPC) approach to ensure desired reliability goals using minimum energy resources even under strong co-channel CTI. To cope with channel uncertainty, we propose a passive link quality estimation method which exploits prediction. Through extensive experiments and simulations, we show that our proposed protocol can assure the robustness of BAN even when the CTI sources are in very close vicinity, using little overall energy and spectrum resources, and can be easily implemented on commercial-off-the-shelf (COTS) devices.

Tree-Based Multi-dimensional Range Search on Encrypted Data with Enhanced Privacy

With searchable encryption, a data user is able to perform meaningful search on encrypted data stored in the public cloud without revealing data privacy. Besides handling simple queries (e.g., keyword queries), complex search functions, such as multi-dimensional (conjunctive) range queries, have also been studied in several approaches to provide search functionalities over multi-dimensional data. However, current works supporting multi-dimensional range queries either only achieve linear search complexity or reveal additional private information to the public cloud. In this paper, we propose a tree-based symmetric-key searchable encryption to support multi-dimensional range queries on encrypted data. Besides protecting data privacy, our proposed scheme is able to achieve faster-than-linear search, query privacy and single-dimensional privacy simultaneously compared to previous solutions. More specifically, we formally define the security of our proposed scheme, prove that it is selectively secure, and demonstrate its faster-than-linear efficiency with experiments over a real-world dataset.

Message Integrity Protection over Wireless Channel by Countering Signal Cancellation: Theory and Practice

Physical layer message integrity protection and authentication by countering signal-cancellation has been shown as a promising alternative to traditional pure cryptographic message authentication protocols, due to the non-necessity of neither pre-shared secrets nor secure channels. However, the security of such an approach remained an open problem due to the lack of systematic security modeling and quantitative analysis. In this paper, we first establish a novel correlated jamming framework to study the optimal signal-cancellation attackers behavior and utility using game-theory, which precisely captures the attackers knowledge using its correlated channel estimates in various channel environments. Besides, we design a practical physical layer message integrity protection protocol based on ON/OFF keying and Manchester coding, which provides quantitative security guarantees in the real-world. Such a guarantee is achieved by bounding the attackers knowledge about the future channel via proactively measuring channel statistics (mimic the attacker), so as to derive a lower-bound to the defenders signal-detection probability under optimal correlated jamming attacks. We conduct extensive experiments and simulations to show the security and performance of the proposed scheme. We believe our novel threat modeling and quantitative security analysis methodology can benefit a wide range of physical layer security problems.

Secure Similar Sequence Query on Outsourced Genomic Data

The growing availability of genomic data is unlocking research potentials on genomic-data analysis. It is of great importance to outsource the genomic-analysis tasks onto clouds to leverage their powerful computational resources over the large-scale genomic sequences. However, the remote placement of the data raises personal-privacy concerns, and it is challenging to evaluate data-analysis functions on outsourced genomic data securely and efficiently. In this work, we study the secure similar-sequence-query (SSQ) problem over outsourced genomic data, which has not been fully investigated. To address the challenges of security and efficiency, we propose two protocols in the mixed form, which combine two-party secure secret sharing, garbled circuit, and partial homomorphic encryptions together and use them to jointly fulfill the secure SSQ function. In addition, our protocols support multi-user queries over a joint genomic data set collected from multiple data owners, making our solution scalable. We formally prove the security of protocols under the semi-honest adversary model, and theoretically analyze the performance. We use extensive experiments over real-world dataset on a commercial cloud platform to validate the efficacy of our proposed solution, and demonstrate the performance improvements compared with state-of-the-art works.

Making Wireless Body Area Networks Robust Under Cross-Technology Interference

Wireless body area networks (BANs) demand high-quality service. However, as BANs will be widely deployed in densely populated areas, they inevitably face RF cross-technology interference (CTI) from non-protocol-compliant wireless devices operating in the same spectrum range. The main challenges to defending against such a strong CTI come from the scarcity of spectrum resources, the uncertainty of the CTI sources and BAN channel status, and the stringent hardware constraints. In this paper, we first experimentally characterize the adverse effect on BAN reliability caused by the non-protocol-compliant CTI. Then, we formulate a joint routing and power control (JRPC) problem, which aims at minimizing energy consumption under strong CTI while satisfying node reachability and delay constraints. We reformulate our problem into a mixed integer linear programing problem and then derive the optimal results through IBM’s CPLEX. A practical protocol, including a heuristic JRPC algorithm, is then proposed, in which we address the challenge of fast link-quality measurement by proposing a passive link-quality estimation and prediction method. Through experiments and simulations, we show that our protocol can assure the robustness of BAN even when the CTI sources are in very close vicinity, using a small amount of energy on commercial-off-the-shelf sensor devices.

Message Integrity Protection over Wireless Channel: Countering Signal Cancellation via Channel Randomization

Physical layer message integrity protection and authentication by countering signal-cancellation has been shown as a promising alternative to traditional pure cryptographic message authentication protocols, due to the non-necessity of neither pre-shared secrets nor secure channels. However, the security of such an approach remained an open problem due to the lack of systematic security modeling and quantitative analysis. In this paper, we first establish a novel signal cancellation attack framework to study the optimal signal-cancellation attackers behavior and utility using game-theory, which precisely captures the attackers knowledge using its correlated channel estimates in various channel environments as well as the online nature of the attack. Based on theoretical results, we propose a practical channel randomization approach to defend against signal cancellation attack, which exploits state diversity and swift reconfigurability of reconfigurable antenna to increase randomness and meanwhile reduce correlation of channel state information. We show that by proactively mimicking the attacker and placing restrictions on the attackers location, we can bound the attackers knowledge of channel state information, thereby achieve a guaranteed level of message integrity protection in practice. Besides, we conduct extensive experiments and simulations to show the security and performance of the proposed approach. We believe our novel threat modeling and quantitative security analysis methodology can benefit a wide range of physical layer security problems.

Throughput optimization in multi-hop wireless networks with reconfigurable antennas

In multi-hop wireless networks (MWNs), interference and connectivity are two key factors that affect end-to-end network throughput. Traditional omni-directional antennas and directional antennas either generate significant interference or provide poor network connectivity. Reconfigurable antenna (RA) is an emerging antenna technology that can agilely switch among many different antenna states including radiation patterns, so as to suppress interference and maintain high connectivity at the same time. In this work, we systematically exploit the pattern diversity and fast reconfigurability of RAs to enhance the throughput of MWNs. We first propose a novel link-layer model that captures the dynamic relations between antenna pattern, link coverage and interference. Based on our model, a throughput optimization framework is proposed by jointly considering pattern selection and link scheduling. Our problem is formulated as a mixed integer non-linear programming problem. The superiority of reconfigurable antennas compared with traditional omni-directional and directional antennas is both theoretically proven, and validated through extensive simulations.