Protecting Mass Data Basing on Small Trusted Agent | SpringerLink
Skip to main content
Springer Nature Link
Log in

Protecting Mass Data Basing on Small Trusted Agent

  • Conference paper
Information Security Practice and Experience (ISPEC 2005)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3439))

  • 1002 Accesses

Abstract

Providing data confidentiality and integrity is essential to ensure secure or trusted computing. Designs for such purpose always face substaintial difficulties, as providing solid security will be contrary to achieving satisfied performance. Basing on a less rigor precondition that will be tenable in many cases, such designs can be implemented with smaller endeavors. The core idea is to let a trusted agent to trustworthily hold one unique timestamp for each untrusted data block; and encrypts each block, as well as the related integrity code, through the corresponding timestamp. In such way, any malicious disclosure and tamper can be prevented. At the same time, each block can be directly verified by the associated timestamp without requiring additional data to minimize the cost of integrity checking, and OTP encryption scheme can pre-computes keystream to remove most encryption latencies.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Merkle, R.C.: Protocols for public key cryptography. In: IEEE Symposium on Security and Privacy, Oakland, California, pp. 122–134 (1980)

    Google Scholar 

  2. Blum, M., Evans, W.S., Gemmell, P., Kannan, S., Naor, M.: Checking the correctness of memories. In: IEEE Symposium on Foundations of Computer Science, San Juan, Puerto Rico, pp. 90–99 (1991)

    Google Scholar 

  3. Gassend, B., Suh, G.E., Clarke, D., van Dijk, M., Devadas, S.: Caches and merkle trees for efficient memory authentication. In: Ninth International Symposium on High Performance Computer Architecture, Anaheim, California, pp. 8–12 (2003)

    Google Scholar 

  4. Suh, G.E., Clarke, D., Gassend, B., van Dijk, M., Devadas, S.: Hardware Mechanisms for Memory Integrity Checking. MIT Laboratory for Computer Science, MIT LCS TR, 872 (2003)

    Google Scholar 

  5. Blaze, M.: A cryptographic file system for unix. In: 1st ACM Conference on Communications and Computing Security, pp. 9–16 (1993)

    Google Scholar 

  6. Tripwire, http://www.tripwire.org

  7. Fu, K., Kaashoek, F., Mazieres, D.: Fast and secure distributed read-only file system. In: Proceedings of OSDI 2000 (2000)

    Google Scholar 

  8. Mazieres, D., Shasha, D.: Don’t trust your file server. In: Proceedings of the 8th Workshop on Hot Topics in Operating Systems (2001)

    Google Scholar 

  9. Maheshwari, U., Vingralek, R., Shapiro, W.: How to Build a Trusted Database System on Untrusted Storage. In: Proceedings of OSDI 2000 (2000)

    Google Scholar 

  10. Stein, C.A., Howard, J.H., Seltzer, M.I.: Unifying file system protection. In: 2001 USENIX Annual Technical Conference, pp. 79–90 (2001)

    Google Scholar 

  11. Tomonori, F., Masanori, O.: Protecting the Integrity of an Entire File System. In: First IEEE International Workshop on Information Assurance, pp. 95–105 (2003)

    Google Scholar 

  12. SHA-2 Standard. National Institute of Standards and Technology (NIST), Secure Hash Standard, FIPS PUB 180-2, http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf

  13. Anderson, R.J.: Security Engineering: A Guide to Building Dependable Distributed Systems. John Wiley and Sons, Chichester (2001)

    Google Scholar 

  14. Hou, F., Wang, Z., Tang, Y., Liu, Z.: Protecting Integrity and Confidentiality for Data Communication. In: Ninth IEEE Symposium on Computers and Communications, Alexandria, Egypt, pp. 357–362 (2004)

    Google Scholar 

  15. Wang, X., Feng, D., Lai, X., Yu, H.: Collisions for hash functions MD4, MD5, HAVAL-128 and RIPEMD. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, Springer, Heidelberg (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer, National University of Defense Technology, Changsha, 410073, P.R.China

    Fangyong Hou, Zhiying Wang, Kui Dai & Yun Liu

Authors
  1. Fangyong Hou
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zhiying Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kui Dai
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yun Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Information Systems, Singapore Management University, Singapore

    Robert H. Deng

  2. Institute for Infocomm Research, 119613, Singapore

    Feng Bao

  3. School of Information Systems, Singapore Management University,  

    HweeHwa Pang

  4. Cryptography and Security Department Institute for Infocomm Research, Singapore

    Jianying Zhou

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Hou, F., Wang, Z., Dai, K., Liu, Y. (2005). Protecting Mass Data Basing on Small Trusted Agent. In: Deng, R.H., Bao, F., Pang, H., Zhou, J. (eds) Information Security Practice and Experience. ISPEC 2005. Lecture Notes in Computer Science, vol 3439. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-31979-5_31

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-31979-5_31

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-25584-0

  • Online ISBN: 978-3-540-31979-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics