Cryptology ePrint Archive: Report 2021/1668

Secure Publish-Process-Subscribe System for Dispersed Computing

Weizhao Jin and Bhaskar Krishnamachari and Muhammad Naveed and Srivatsan Ravi and Eduard Sanou and Kwame-Lante Wright

Abstract: Publish-subscribe protocols enable real-time multi-point-to-multi-point communications for many dispersed computing systems like Internet of Things (IoT) applications. Recent interest has focused on adding processing to such publish-subscribe protocols to enable computation over real-time streams such that the protocols can provide functionalities such as sensor fusion, compression, and other statistical analysis on raw sensor data. However, unlike pure publish-subscribe protocols, which can be easily deployed with end-to-end transport layer encryption, it is challenging to ensure security in such publish-process-subscribe protocols when the processing is carried out on an untrusted third party. In this work, we present XYZ, a secure publish-process-subscribe system that can preserve the confidentiality of computations and support multi-publisher-multi-subscriber settings. Within XYZ, we design two distinct schemes: the first using Yao's garbled circuits (the GC-Based Scheme) and the second using homomorphic encryption with proxy re-encryption (the Proxy-HE Scheme). We build implementations of the two schemes as an integrated system atop the Message Queue Telemetry Transport (MQTT) pub-sub protocol. We evaluate our system on several functions and also demonstrate real-world applications based on it. The evaluation shows that the GC-Based Scheme can finish most tasks two orders of magnitude times faster than the Proxy-HE Scheme while Proxy-HE can still securely complete tasks within an acceptable time for most functions but with a different security assumption and a simpler system structure.

Category / Keywords: applications / distributed cryptography

Date: received 20 Dec 2021

Contact author: weizhaoj at usc edu

Available format(s): PDF | BibTeX Citation

Version: 20211221:122658 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]