Paper 2016/755

Auditable Data Structures

Michael T. Goodrich, Evgenios M. Kornaropoulos, Michael Mitzenmacher, and Roberto Tamassia

Abstract

The classic notion of history-independence guarantees that if a data structure is ever observed, only its current contents are revealed, not the history of operations that built it. This powerful concept has applications, for example, to e-voting and data retention compliance, where data structure histories should be private. The concept of weak history-independence (WHI) assumes only a single observation will ever occur, while strong history-independence (SHI) allows for multiple observations at arbitrary times. WHI constructions tend to be fast, but provide no repeatability, while SHI constructions provide unlimited repeatability, but tend to be slow. We introduce auditable data structures, where an auditor can observe data structures at arbitrary times (as in SHI), but we relax the unrealistic restriction that data structures cannot react to observations, since in most applications of history-independence, data owners know when observations have occurred. We consider two audit scenarios—secure topology, where an auditor can observe the contents and pointers of a data structure, and secure implementation, where an auditor can observe the memory layout of a data structure. We present a generic template for auditable data structures and, as a foundation for any auditable data structure, an Auditable Memory Manager (AMM), which is an efficient memory manager that translates any auditable data structure with a secure topology into one with a secure implementation. We give a prototype implementation that provides empirical evidence that the worst-case time running times of our AMM are 45× to 8,300× faster than those of a well-known SHI memory manager. Thus, auditable data structures provide a practical way of achieving time efficiency, as in WHI, while allowing for multiple audits, as in SHI.

Metadata
Available format(s)
PDF
Publication info
Preprint. MINOR revision.
Contact author(s)
evgenios @ cs brown edu
History
2016-08-09: received
Short URL
https://ia.cr/2016/755
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/755,
      author = {Michael T.  Goodrich and Evgenios M.  Kornaropoulos and Michael Mitzenmacher and Roberto Tamassia},
      title = {Auditable Data Structures},
      howpublished = {Cryptology {ePrint} Archive, Paper 2016/755},
      year = {2016},
      url = {https://eprint.iacr.org/2016/755}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.