Thesis Defense


"Integrity and Privacy in the Cloud: Efficient algorithms for secure and privacy-preserving processing of outsourced data"

Esha Ghosh

Thursday, April 26, 2018, at 4:00 P.M.

Room 368 (CIT 3rd Floor)

An integral component of the modern computing era is the ability to outsource data and computation to remote cloud service providers or CSPs. The advent of cloud services, however, raises important challenges of in terms of integrity and privacy of data and computation. As soon as users delegate computation to cloud platforms (such as Microsoft Azure or Amazon AWS), concerns related to integrity of the results arise. For example, have all correct inputs been used in the computation? Were all the computation steps applied in the correct order? Have the results been delivered untampered? Moreover, in the face of an alarming number of data breaches and massive surveillance programs around the globe, the privacy of outsourced data is becoming more important than ever.

This thesis focuses on designing efficient privacy-preserving and verifiable data processing queries for a rich class of data structures along with prototype implementation and experimental validation. In particular, we focus on the following setting: how can a trusted data owner outsource her data to an untrusted server, such that the server will not be able to cheat while answering queries on the stored data. In other words, we require the server to produce a cryptographic proof for each answer it produces. Moreover, we require the proofs to be privacy-preserving, i.e., they should not leak any information about the data structure or the updates on it besides what can be inferred from the answers.

We also consider another dimension of privacy for verifiable outsourced data-processing, namely, encrypting the outsourced data. More concretely, we consider the setting where the data structure is encrypted before outsourcing using a customized encryption scheme that allows the server to compute queries on the encrypted data. Furthermore, the client can efficiently check if the server has correctly computed the answer.

In this thesis, we focus on range queries, closest point queries, dictionary queries, set algebraic queries and reachability and shortest path queries on general graphs.

Host: Professor Roberto Tamassia