proofs of retrievability using locally decodable codes
play

Proofs of Retrievability Using Locally Decodable Codes Julien - PowerPoint PPT Presentation

Apr 28, 2023 •93 likes •529 views

Proofs of Retrievability Using Locally Decodable Codes Julien Lavauzelle, Franoise Levy-dit-Vehel GRACE team, LIX & INRIA, Palaiseau, France 2016 IEEE International Symposium on Information Theory July 13, 2016 Issue Server Client Huge

  1. Proofs of Retrievability Using Locally Decodable Codes Julien Lavauzelle, Françoise Levy-dit-Vehel GRACE team, LIX & INRIA, Palaiseau, France 2016 IEEE International Symposium on Information Theory July 13, 2016

  2. Issue Server Client Huge fi le (e.g. 10 GB) 1/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  3. Issue Server Client Huge fi le (e.g. 10 GB) 1/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  4. Issue Server Client ? Is the file retrievable? 1/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  5. Definition (Proof of Retrievability) Proof of Retrievability (PoR) = 3 procedures: ◮ Initialization [ Client ] : F �→ Init ( F ) = ( ˜ F , data F ) Then, the client uploads ˜ F on the server. 2/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  6. Definition (Proof of Retrievability) Proof of Retrievability (PoR) = 3 procedures: ◮ Initialization [ Client ] : F �→ Init ( F ) = ( ˜ F , data F ) Then, the client uploads ˜ F on the server. ◮ Verification [ Client ← → Server ] : ( ˜ Client ( data F ) Server F ) c Pick a challenge c Compute an answer r r Verif data F ( c , r ) ∈ { true , false } 2/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  7. Definition (Proof of Retrievability) Proof of Retrievability (PoR) = 3 procedures: ◮ Initialization [ Client ] : F �→ Init ( F ) = ( ˜ F , data F ) Then, the client uploads ˜ F on the server. ◮ Verification [ Client ← → Server ] : ( ˜ Client ( data F ) Server F ) c Pick a challenge c Compute an answer r r Verif data F ( c , r ) ∈ { true , false } ◮ Extraction [ Client ← → Server ]. We want that Extract ( data F ) = F holds w.h.p. 2/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  8. A security model Definition ( τ -faulty server). Let τ ∈ [ 0 , 1 ] , P be a PoR and X the distribution of challenges. A τ -faulty server A for P is an algorithm such that, for all encoded files ˜ F : Verif data F ( x , A ( ˜ � � F , x )) = false < τ . P x ∼ X Rem: this also includes malicious servers. 3/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  9. A security model Definition ( τ -faulty server). Let τ ∈ [ 0 , 1 ] , P be a PoR and X the distribution of challenges. A τ -faulty server A for P is an algorithm such that, for all encoded files ˜ F : Verif data F ( x , A ( ˜ � � F , x )) = false < τ . P x ∼ X Rem: this also includes malicious servers. Definition (PoR soundness). Let τ, ε ∈ [ 0 , 1 ] . A PoR is said ( τ, ε ) -sound if, for all τ -faulty servers A and all files F : � � P Extract ( data F ) = F ≥ 1 − ε , where the probability is taken over extraction procedure randomness. 3/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  10. The seminal example A. Juels, B. Kaliski Jr., PORs: Proofs of Retrievability for large files. in Proceedings of the 2007 ACM Conference on Computer and Communications Security, Alexandria, USA, 2007. x 2 x 2 x 1 x 1 x 3 x 3 x 0 x 0 x 4 x 4 x 9 x 9 x 8 x 8 x 5 x 5 x 6 x 6 x 7 x 7 4/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  11. The seminal example A. Juels, B. Kaliski Jr., PORs: Proofs of Retrievability for large files. in Proceedings of the 2007 ACM Conference on Computer and Communications Security, Alexandria, USA, 2007. x 2 x 1 x 3 x 0 x 4 x 9 x 8 x 5 x 6 x 7 4/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  12. The seminal example A. Juels, B. Kaliski Jr., PORs: Proofs of Retrievability for large files. in Proceedings of the 2007 ACM Conference on Computer and Communications Security, Alexandria, USA, 2007. x 2 x 1 x 4 ,x 7 ? x 3 x 0 x 4 x 9 x 8 x 5 x 6 x 7 4/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  13. The seminal example A. Juels, B. Kaliski Jr., PORs: Proofs of Retrievability for large files. in Proceedings of the 2007 ACM Conference on Computer and Communications Security, Alexandria, USA, 2007. x 2 x 1 x 4 ,x 7 ? x 3 x 0 x 4 x 9 x 8 x 5 x 6 x 7 4/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  14. The seminal example A. Juels, B. Kaliski Jr., PORs: Proofs of Retrievability for large files. in Proceedings of the 2007 ACM Conference on Computer and Communications Security, Alexandria, USA, 2007. x 2 x 1 x 4 ,x 7 ? x 3 x 0 x 4 x 9 x 8 x 5 x 6 x 7 4/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  15. Other features ◮ Low communication; ◮ low server overhead and low client storage; ◮ low algorithmic complexity; ◮ unbounded use. 5/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  16. Towards structure verification JK’07 main drawbacks: ◮ bounded use; ◮ quite big client storage. 6/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  17. Towards structure verification JK’07 main drawbacks: ◮ bounded use; ◮ quite big client storage. Our idea: ◮ check the structure of the file instead of file values; ◮ use locally decodable codes which provide a local structure. 6/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  18. Error-correcting codes F q = { t 1 , . . . , t q } a finite field. F q ev 1 : F q [ T ] → q f �→ ( f ( t 1 ) , . . . , f ( t q )) F q m ev m : F q [ X 1 , . . . , X m ] → q f �→ ( f ( x )) x ∈ F m q Example: full length Reed-Solomon code ( n = q ). C = RS q ( k ) = { ev 1 ( f ) , f ∈ F q [ X ] , deg f < k } f ( x i ) c = ∈ C F q 7/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  19. Affine lifting of codes Let C ⊆ { ev ( f ) , f ∈ F q [ T ] } be a (univariate) base code . The (multivariate) lifted code Lift m ( C ) is the code: L = Lift m ( C ) = { ev m ( g ) , g ∈ F q [ X 1 , . . . , X m ] , ∀ affine line ℓ, ev 1 ( g | ℓ ) ∈ C} F q ∈ C F q Alan Guo, Swastik Kopparty, Madhu Sudan, New Affine-Invariant Codes from Lifting in Proceedings of ITCS’13, Berkeley, USA, 2013. 8/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  20. LiftPoR: Initialization and verification Consider L = Lift m ( C ) . ◮ Initialization: � data F = ∅ Init ( F ) = ˜ F = Enc L ( F ) 9/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  21. LiftPoR: Initialization and verification Consider L = Lift m ( C ) . ◮ Initialization: � data F = ∅ Init ( F ) = ˜ F = Enc L ( F ) ◮ Verification: Client Server ˜ ∅ F ℓ Randomly pick a line ℓ ⊂ F m q c = { ˜ Read values ˜ F [ x ] } x ∈ ℓ ˜ c If ˜ c ∈ C , then return true . Else return false . 9/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  22. LiftPoR: Extraction Tab : F m q → F q ◮ Initialize file Tab with q m erasures. 10/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  23. LiftPoR: Extraction Tab : F m q → F q ◮ Initialize file Tab with q m erasures. ◮ While there remains ≥ q m − 1 erasures : – run a verification test; – if success: update the file, 10/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  24. LiftPoR: Extraction Tab : F m q → F q ◮ Initialize file Tab with q m erasures. ◮ While there remains ≥ q m − 1 erasures : – run a verification test; – if success: update the file, – otherwise, do nothing. 10/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  25. LiftPoR: Extraction Tab : F m q → F q ◮ Initialize file Tab with q m erasures. ◮ While there remains ≥ q m − 1 erasures : – run a verification test; – if success: update the file, – otherwise, do nothing. 10/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  26. LiftPoR: Extraction Tab : F m q → F q ◮ Initialize file Tab with q m erasures. ◮ While there remains ≥ q m − 1 erasures : – run a verification test; – if success: update the file, – otherwise, do nothing. 10/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  27. LiftPoR: Extraction Tab : F m q → F q ◮ Initialize file Tab with q m erasures. ◮ While there remains ≥ q m − 1 erasures : – run a verification test; – if success: update the file, – otherwise, do nothing. ◮ Decode the remaining erasures with the decoding algorithm of C . 10/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  28. LiftPoR: Extraction Tab : F m q → F q ◮ Initialize file Tab with q m erasures. ◮ While there remains ≥ q m − 1 erasures : – run a verification test; – if success: update the file, – otherwise, do nothing. ◮ Decode the remaining erasures with the decoding algorithm of C . ∈ C 10/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  29. LiftPoR: Extraction Tab : F m q → F q ◮ Initialize file Tab with q m erasures. ◮ While there remains ≥ q m − 1 erasures : – run a verification test; – if success: update the file, – otherwise, do nothing. ◮ Decode the remaining erasures with the decoding algorithm of C . 10/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

  30. LiftPoR: Extraction Tab : F m q → F q ◮ Initialize file Tab with q m erasures. ◮ While there remains ≥ q m − 1 erasures : – run a verification test; – if success: update the file, – otherwise, do nothing. ◮ Decode the remaining erasures with the decoding algorithm of C . 10/17 Julien Lavauzelle, Françoise Levy-dit-Vehel ISIT’16

Recommend

Locally decodable codes: from computational complexity to cloud computing Sergey Yekhanin

Locally decodable codes: from computational complexity to cloud computing Sergey Yekhanin

Locally decodable codes: from computational complexity to cloud computing Sergey Yekhanin Microsoft Research Error-correcting codes: paradigm 2 E() 2 E() +noise 0110001 011000100101 01*00*10010*

500 views • 34 slides
Tight Upper and Lower Bounds for Leakage-Resilient Locally Decodable and Updatable Non-Malleable

Tight Upper and Lower Bounds for Leakage-Resilient Locally Decodable and Updatable Non-Malleable

Tight Upper and Lower Bounds for Leakage-Resilient Locally Decodable and Updatable Non-Malleable Codes Dana Dachman-Soled University of Maryland Joint work with: Mukul Kulkarni and Aria Shahverdi, University of Maryland Talk is also based on

572 views • 35 slides
Outsourced Storage &amp; Proofs of Retrievability Hovav Shacham, UC San Diego Brent Waters, SRI

Outsourced Storage &amp; Proofs of Retrievability Hovav Shacham, UC San Diego Brent Waters, SRI

Outsourced Storage &amp; Proofs of Retrievability Hovav Shacham, UC San Diego Brent Waters, SRI International The Setting Client stores (long) file with server - Wants to be sure its actually there Motivation: online backup; SaaS

698 views • 25 slides
Proofs of Retrievability via Fountain Code Sumanta Sarkar and Reihaneh Safavi-Naini Department of

Proofs of Retrievability via Fountain Code Sumanta Sarkar and Reihaneh Safavi-Naini Department of

Proofs of Retrievability via Fountain Code Sumanta Sarkar and Reihaneh Safavi-Naini Department of Computer Science, University of Calgary, Canada Foundations and Practice of Security October 25, 2012 Outsourcing Data into Cloud Storage

375 views • 37 slides
Locally Checkable Proofs Mika G o os &amp; Jukka Suomela Helsinki Institute for Information

Locally Checkable Proofs Mika G o os &amp; Jukka Suomela Helsinki Institute for Information

Locally Checkable Proofs Mika G o os &amp; Jukka Suomela Helsinki Institute for Information Technology HIIT G o os, Suomela (HIIT) Locally Checkable Proofs 7th June 2011 1 / 15 Basic Question 1 What global information can we infer

727 views • 39 slides
Quantum zero-knowledge from Locally Simulatable Proofs Alex Bredariol Grilo joint work with Anne

Quantum zero-knowledge from Locally Simulatable Proofs Alex Bredariol Grilo joint work with Anne

Quantum zero-knowledge from Locally Simulatable Proofs Alex Bredariol Grilo joint work with Anne Broadbent (U. of Ottawa) arxiv:1911.07782 Quantum found. QZK Crypto TCS 2 / 19 Interactive proofs 3 / 19 Interactive proofs L NP P V 0

1.06k views • 89 slides
Locally repairable codes on multiple scales Ragnar Freij-Hollanti Aalto University, Finland

Locally repairable codes on multiple scales Ragnar Freij-Hollanti Aalto University, Finland

Locally repairable codes on multiple scales Ragnar Freij-Hollanti Aalto University, Finland ragnar.freij@aalto.fi Istanbul, 5.11.2015 Designs and Applications of Random Network Codes 1 / 25 LRC on multiple scales Based on joint work with

587 views • 25 slides
Symbolic Approach for Side-Channel Resistance Analysis of Masked Assembly Codes Workshop PROOFS

Symbolic Approach for Side-Channel Resistance Analysis of Masked Assembly Codes Workshop PROOFS

Introduction / Motivation Symbolic Method Experiments Conclusion Symbolic Approach for Side-Channel Resistance Analysis of Masked Assembly Codes Workshop PROOFS In` es Ben El Ouahma Quentin Meunier Karine Heydemann Emmanuelle Encrenaz

271 views • 25 slides
Optimal Locally Repairable Constacyclic Codes of Prime Power Lengths Wei Zhao 1 , 2 , Kenneth W.

Optimal Locally Repairable Constacyclic Codes of Prime Power Lengths Wei Zhao 1 , 2 , Kenneth W.

Optimal Locally Repairable Constacyclic Codes of Prime Power Lengths Wei Zhao 1 , 2 , Kenneth W. Shum 1 and Shenghao Yang 1 1 The Chinese University of Hong Kong, Shenzhen 2 University of Science and Technology of China ISIT 2020 Zhao, Shum, Yang

614 views • 26 slides
Proofs, Continued Today Proofs : A style guide Proofs should be easy to

Proofs, Continued Today Proofs : A style guide Proofs should be easy to

Euclid (300 BC) Proofs, Continued Today Proofs : A style guide Proofs should be easy to verify. All the cleverness goes into finding/writing the proof, not reading/verifying it! P vs. NP (informally) : P =

682 views • 21 slides
Welcome to PROOFS! PROOFS: Security Proofs for Embedded Systems Introduction to the fifth

Welcome to PROOFS! PROOFS: Security Proofs for Embedded Systems Introduction to the fifth

Welcome to PROOFS! PROOFS: Security Proofs for Embedded Systems Introduction to the fifth workshop Introduction to the workshop PROOFS: Security Proofs for Embedded Systems UCSB August 20, 2016 5th edition of PROOFS PROOFS 2012:

311 views • 7 slides
G ENERALIZED R EED -S OLOMON CODES (GRS CODES ) A CHARACTERIZATION OF MDS CODES THAT HAVE AN ERROR

G ENERALIZED R EED -S OLOMON CODES (GRS CODES ) A CHARACTERIZATION OF MDS CODES THAT HAVE AN ERROR

A CHARACTERIZATION OF MDS CODES THAT HAVE AN ERROR CORRECTING PAIR I NTRODUCTION TO C ODING T HEORY MDS CODES A CHARACTERIZATION OF MDS CODES THAT GRS CODES HAVE AN ERROR CORRECTING PAIR ECP M OTIVATION O UR GOAL ARQUEZ -C ORBELLA 1 R. P ELLIKAAN

689 views • 19 slides
Using Linear Codes as a Fault Countermeasure for Non-Linear Operations : Application to AES and

Using Linear Codes as a Fault Countermeasure for Non-Linear Operations : Application to AES and

Using Linear Codes as a Fault Countermeasure for Non-Linear Operations : Application to AES and Formal Verification work co-funded by the PRINCE project Sabine Azzi, Bruno Barras, Maria Christofi , David Vigilant PROOFS workshop 2015, September

493 views • 45 slides
Information Theory Lecture 8 BCH codes BCH codes: R8.45 (R5.6) Decoding BCH (and

Information Theory Lecture 8 BCH codes BCH codes: R8.45 (R5.6) Decoding BCH (and

Information Theory Lecture 8 BCH codes BCH codes: R8.45 (R5.6) Decoding BCH (and RS) codes: R6 Reed-Solomon codes RS codes: R5.13 Mikael Skoglund, Information Theory 1/15 The BCH Bound Theorem : Let C be cyclic of

276 views • 8 slides
Interactive Proofs Lecture 18 AM 1 Interactive Proofs 2 Interactive Proofs IP[k] 2

Interactive Proofs Lecture 18 AM 1 Interactive Proofs 2 Interactive Proofs IP[k] 2

Interactive Proofs Lecture 18 AM 1 Interactive Proofs 2 Interactive Proofs IP[k] 2 Interactive Proofs IP[k] IP[poly] = PSPACE 2 Interactive Proofs IP[k] IP[poly] = PSPACE IP protocol for TQBF using arithmetization 2 Interactive

1.75k views • 136 slides
Formal proofs, variable binding, and program extraction from proofs Colloquium Logicum 2016 (10

Formal proofs, variable binding, and program extraction from proofs Colloquium Logicum 2016 (10

Formal proofs, variable binding, and program extraction from proofs Colloquium Logicum 2016 (10 - 12 September 2016, Hamburg) Gyesik Lee Hankyong National University 1 Overview 1. Verification of proofs 2. Hales proof of the Kepler

651 views • 43 slides
6.02 Fall 2012 Lecture #4 Linear block codes Rectangular codes Hamming codes 6.02 F

6.02 Fall 2012 Lecture #4 Linear block codes Rectangular codes Hamming codes 6.02 F

6.02 Fall 2012 Lecture #4 Linear block codes Rectangular codes Hamming codes 6.02 F all 2012 Lecture 4, Slide #1 Single Link Communication Model End-host Original source computers Receiving app/user Digitize Render/display,

246 views • 21 slides
Preparation and Adoption International Building Codes The codes published by the International

Preparation and Adoption International Building Codes The codes published by the International

2018 Building Codes Preparation and Adoption International Building Codes The codes published by the International Code Council, Inc. are the predominant building codes used throughout the United States Updated on a three-year cycle

579 views • 11 slides
Locally tabular polymodal logics Ilya Shapirovsky Institute for Information Transmission Problems

Locally tabular polymodal logics Ilya Shapirovsky Institute for Information Transmission Problems

Locally tabular polymodal logics Ilya Shapirovsky Institute for Information Transmission Problems of the Russian Academy of Sciences, Moscow June 30, 2017 Locally tabular (or locally finite ) logics A logic L is locally tabular if, for any

608 views • 46 slides
Proofs that, proofs why, and the analysis of paradoxes To Gerhard, on your 60th birthday Peter

Proofs that, proofs why, and the analysis of paradoxes To Gerhard, on your 60th birthday Peter

Proofs that, proofs why, and the analysis of paradoxes To Gerhard, on your 60th birthday Peter Schroeder-Heister Universit at T ubingen J agerfest Bern, 13.12.2013 p. 1 Russells antinomy in naive set theory Extend natural

688 views • 41 slides
NP-Hardness Proofs With What Problems We . . . What Problems We . . . Realistic Computers

NP-Hardness Proofs With What Problems We . . . What Problems We . . . Realistic Computers

NP-Hardness Proofs . . . Usual Proofs of NP- . . . Proofs of NP- . . . Pedagogical Problem . . . NP-Hardness Proofs With What Problems We . . . What Problems We . . . Realistic Computers Instead What Is NP-Hard: . . . Proof that . . . of

296 views • 12 slides
proofs of proximity for distribution testing (Distribution testing now with proofs!) Tom Gur

proofs of proximity for distribution testing (Distribution testing now with proofs!) Tom Gur

proofs of proximity for distribution testing (Distribution testing now with proofs!) Tom Gur (UC Berkeley) October 14, 2017 FOCS 2017 Workshop: Frontiers in Distribution Testing Joint work with Alessandro Chiesa (UC Berkeley) proofs of

2.25k views • 158 slides
PIC codes in the HPC environment PIC codes in the HPC environment - A. Beck SMILEI training

PIC codes in the HPC environment PIC codes in the HPC environment - A. Beck SMILEI training

PIC codes in the HPC environment PIC codes in the HPC environment - A. Beck SMILEI training workshop 1 / 35 Structure HPC environment, trends and prospectives 1 The PIC method and its parallelization 2 The load balancing issue 3 PIC codes

550 views • 35 slides
Error-Correcting codes: Application of convolutional codes to Video Streaming Diego Napp

Error-Correcting codes: Application of convolutional codes to Video Streaming Diego Napp

Introduction to Error-correcting codes Two challenges that recently emerged Block codes vs convolutional codes Error-Correcting codes: Application of convolutional codes to Video Streaming Diego Napp Department of Mathematics, Universidad of

1.13k views • 96 slides

More recommend