Paper 2021/1668

Secure Publish-Process-Subscribe System for Dispersed Computing

Weizhao Jin
Bhaskar Krishnamachari
Muhammad Naveed
Srivatsan Ravi,
Eduard Sanou
Kwame-Lante Wright

Publish-subscribe protocols enable real-time multi-point-to-multi-point communications for many dispersed computing systems like Internet of Things (IoT) applications. Recent interest has focused on adding processing to such publish-subscribe protocols to enable computation over real-time streams such that the protocols can provide functionalities such as sensor fusion, compression, and other statistical analysis on raw sensor data. However, unlike pure publish-subscribe protocols, which can be easily deployed with end-to-end transport layer encryption, it is challenging to ensure security in such publish-process-subscribe protocols when the processing is carried out on an untrusted third party. In this work, we present XYZ, a secure publish-process-subscribe system that can preserve the confidentiality of computations and support multi-publisher-multi-subscriber settings. Within XYZ, we design two distinct schemes: the first using Yao's garbled circuits (the GC-Based Scheme) and the second using homomorphic encryption with proxy re-encryption (the Proxy-HE Scheme). We build implementations of the two schemes as an integrated publish-process-subscribe system. We evaluate our system on several functions and also demonstrate real-world applications. The evaluation shows that the GC-Based Scheme can finish most tasks two orders of magnitude times faster than the Proxy-HE Scheme while Proxy-HE can still securely complete tasks within an acceptable time for most functions but with a different security assumption and a simpler system structure.

Note: Revised the problem introduction; improved more discussion on IoT computing system design reasoning; fixed typos

Available format(s)
Publication info
Published elsewhere. The 41st International Symposium on Reliable Distributed Systems (SRDS 2022)
distributed cryptography
Contact author(s)
weizhaoj @ usc edu
bkrishna @ usc edu
mnaveed @ usc edu
sanou @ usc edu
kwame wright @ gmail com
2022-12-07: last of 2 revisions
2021-12-21: received
See all versions
Short URL
Creative Commons Attribution


      author = {Weizhao Jin and Bhaskar Krishnamachari and Muhammad Naveed and Srivatsan Ravi and Eduard Sanou and Kwame-Lante Wright},
      title = {Secure Publish-Process-Subscribe System for Dispersed Computing},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1668},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.