Paper 2021/1668

Secure Publish-Process-Subscribe System for Dispersed Computing

Weizhao Jin
Bhaskar Krishnamachari
Muhammad Naveed
Srivatsan Ravi, srivatsr@usc.edu
Eduard Sanou
Kwame-Lante Wright
Abstract

Publish-subscribe protocols enable real-time multi-point-to-multi-point communications for many dispersed computing systems like Internet of Things (IoT) applications. Recent interest has focused on adding processing to such publish-subscribe protocols to enable computation over real-time streams such that the protocols can provide functionalities such as sensor fusion, compression, and other statistical analysis on raw sensor data. However, unlike pure publish-subscribe protocols, which can be easily deployed with end-to-end transport layer encryption, it is challenging to ensure security in such publish-process-subscribe protocols when the processing is carried out on an untrusted third party. In this work, we present XYZ, a secure publish-process-subscribe system that can preserve the confidentiality of computations and support multi-publisher-multi-subscriber settings. Within XYZ, we design two distinct schemes: the first using Yao's garbled circuits (the GC-Based Scheme) and the second using homomorphic encryption with proxy re-encryption (the Proxy-HE Scheme). We build implementations of the two schemes as an integrated publish-process-subscribe system. We evaluate our system on several functions and also demonstrate real-world applications. The evaluation shows that the GC-Based Scheme can finish most tasks two orders of magnitude times faster than the Proxy-HE Scheme while Proxy-HE can still securely complete tasks within an acceptable time for most functions but with a different security assumption and a simpler system structure.

Note: Fixed typos and add some more experimental results

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. The 41st International Symposium on Reliable Distributed Systems (SRDS 2022)
Keywords
distributed cryptography
Contact author(s)
weizhaoj @ usc edu
bkrishna @ usc edu
mnaveed @ usc edu
sanou @ usc edu
kwame wright @ gmail com
History
2022-06-20: revised
2021-12-21: received
See all versions
Short URL
https://ia.cr/2021/1668
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/1668,
      author = {Weizhao Jin and Bhaskar Krishnamachari and Muhammad Naveed and Srivatsan Ravi and Eduard Sanou and Kwame-Lante Wright},
      title = {Secure Publish-Process-Subscribe System for Dispersed Computing},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1668},
      year = {2021},
      note = {\url{https://eprint.iacr.org/2021/1668}},
      url = {https://eprint.iacr.org/2021/1668}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.