Dsac digital signature aggregation and chaining
1 / 27

DSAC (Digital Signature Aggregation and Chaining) - PowerPoint PPT Presentation

  • Uploaded on

DSAC (Digital Signature Aggregation and Chaining). Digital Signature Aggregation & Chaining An approach to ensure integrity of outsourced databases. Contents. Signature Aggregation Mechanisms Chaining Mechanism Comparison of the results with previous work. ODB.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about ' DSAC (Digital Signature Aggregation and Chaining)' - heinz

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Dsac digital signature aggregation and chaining

DSAC(Digital Signature Aggregation and Chaining)

Digital Signature Aggregation & Chaining

An approach to ensure integrity of

outsourced databases


  • Signature Aggregation Mechanisms

  • Chaining Mechanism

  • Comparison of the results with previous work


  • Outsourced Data Base(ODB) model : Client stores its data at an external data base service provider.

  • Concern: Ensure the database security & integrity.

  • Authenticity: The tuples in the result set have not been tampered i.e correctness.

  • Integrity: No valid tuples have been omitted from the result set i.e completeness

Result set size of a result set
Result set & Size of a result set

  • Result result includes all the tuples matching the query predicates.

  • Size : 0-n, or 2^n subsets,

    where, n is total number of tuples in the database.

Merkle hash tree
Merkle Hash Tree

  • Use to prove existence of an element in a set. For eg. prove x1 exists in the set y={x2, x6, x1, x9}

  • Constructed as binary tree where leaves are hash value of corresponding element.

  • Non leaf & Leaf nodes

  • Root of the MHT is digitally signed using public key signature scheme (RSA/ DSA)

Auth ds authenticated data structures
Auth DS (Authenticated Data Structures)

  • Approach to prove correctness

  • Uses MHT to prove correctness of the result set.

  • Limitation : Need to pre-compute and store a potentially large number of authenticated data structures to answer queries.

  • Completeness issue not answered

Vb tree approach
VB Tree Approach

  • Uses a modified MHT

  • Not only root of MHT is signed but all nodes as well

  • Limitation: Consumes large storage space and increased verification time.

  • Provides proof of correctness

  • Completeness issue not answered !


  • Overheads associated with building, storing and updating data structures in AuthDS and VB tree.

  • Signs each individual tuple before storing.

  • Server stores tuples along with its corresponding signature.

  • In response to a query, server sends both tuple and its signature.

Drawbacks contd

  • Query reply set consists of thousands of


  • Sending/ receiving and verifying signature of each tuple.

  • Expensive for the querier.

Dsac correctness
DSAC: Correctness

  • Combines multiple individual signatures in the result set into a unified/ aggregated signature.

  • Verifying a unified signature is same as verifying signatures of each individual tuple in the result set.

Dsac completeness
DSAC: Completeness

  • Includes the boundary tuples as well to ensure all the tuples matching the query is returned.

  • Link the tuple level signatures to form a signature chain.

Constructing signature chains
Constructing signature chains

  • If h() is a hash function such as SHA,

  • || denotes concatenation,

  • IPRi denotes immediate predecessor tuple along dimension ‘i’ ,

  • l being number of searchable dimensions,

  • SK is private signing key of the data owner

Computing ipr of a tuple
Computing IPR of a tuple follows

  • Sort tuple in increasing order of the attribute value for each dimension.

  • IPR of a given tuple in a given dimension is a tuple with highest value of the attribute that is less than the value of that tuple.

  • Each tuple has as many IPRs as the number of searchable dimensions.

Example of signature chaining
Example of signature chaining follows

  • Consider tuple R5

Completeness contd
Completeness (contd.) follows

  • In this way, server answers range queries by releasing all matching tuples, boundary tuples as well as aggregated signature.

  • Signature chain proves querier that server has returned all tuples in the query range proving completeness.

Compleness contd
Compleness(contd.) follows

  • Querier on receiving the result set:

  • Verifies the values in boundary tuples are just beyond the query range.

Building a result set
Building a result set follows

  • Compute the tuple set Ts={Ra…Rz}

  • Compute Tn consisting of immediate predecessor and successor nodes

    Tn= {R(a-1), R(b+1)}

  • Obtain corresponding signature of each tuple

  • Calculate the aggregate the signature

(Contd) follows

  • Chain the signature of all tuples along with its corresponding IPR

    Now, the result consists of {Ts, Tn, Sign(r), ∑}

Analysis of dsac scheme
Analysis of DSAC scheme follows

  • We compare the DSAC scheme with other prominent correctness/ completeness guarantee schemes such as AuthDS and VB tree.

Freshness follows

  • Freshness : The result set in response to a query should be the recent snapshot of the database.

  • Prevents the server from replaying the old signature chains, hence freshness is part of data integrity concerns.

Further scope
Further scope follows

  • How to reduce the size of the verification object.

    {Ts, Tn, Sign(r), ∑}

  • Freshness Issues

Reference follows

  • DSAC : An approach to ensure integrity of outsourced databases using signature aggregation and chaining

  • Authors : Maithili Narasimha & Gene Tsudik

    Computer Science Department

    University of California, Irvine