Paper 2021/1668
Secure Publish-Process-Subscribe System for Dispersed Computing
Abstract
Publish-subscribe protocols enable real-time multi-point-to-multi-point communications for many dispersed computing systems like Internet of Things (IoT) applications. Recent interest has focused on adding processing to such publish-subscribe protocols to enable computation over real-time streams such that the protocols can provide functionalities such as sensor fusion, compression, and other statistical analysis on raw sensor data. However, unlike pure publish-subscribe protocols, which can be easily deployed with end-to-end transport layer encryption, it is challenging to ensure security in such publish-process-subscribe protocols when the processing is carried out on an untrusted third party. In this work, we present XYZ, a secure publish-process-subscribe system that can preserve the confidentiality of computations and support multi-publisher-multi-subscriber settings. Within XYZ, we design two distinct schemes: the first using Yao's garbled circuits (the GC-Based Scheme) and the second using homomorphic encryption with proxy re-encryption (the Proxy-HE Scheme). We build implementations of the two schemes as an integrated publish-process-subscribe system. We evaluate our system on several functions and also demonstrate real-world applications. The evaluation shows that the GC-Based Scheme can finish most tasks two orders of magnitude times faster than the Proxy-HE Scheme while Proxy-HE can still securely complete tasks within an acceptable time for most functions but with a different security assumption and a simpler system structure.
Note: Revised the problem introduction; improved more discussion on IoT computing system design reasoning; fixed typos
Metadata
- Available format(s)
- Category
- Applications
- Publication info
- Published elsewhere. The 41st International Symposium on Reliable Distributed Systems (SRDS 2022)
- Keywords
- distributed cryptography
- Contact author(s)
-
weizhaoj @ usc edu
bkrishna @ usc edu
mnaveed @ usc edu
sanou @ usc edu
kwame wright @ gmail com - History
- 2022-12-07: last of 2 revisions
- 2021-12-21: received
- See all versions
- Short URL
- https://ia.cr/2021/1668
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2021/1668, author = {Weizhao Jin and Bhaskar Krishnamachari and Muhammad Naveed and Srivatsan Ravi and Eduard Sanou and Kwame-Lante Wright}, title = {Secure Publish-Process-Subscribe System for Dispersed Computing}, howpublished = {Cryptology {ePrint} Archive, Paper 2021/1668}, year = {2021}, url = {https://eprint.iacr.org/2021/1668} }