Researcher:
Etemad, Mohammad

Profile Picture
ORCID

Job Title

PhD Student

First Name

Mohammad

Last Name

Etemad

Name

Name Variants

Etemad, Mohammad

Email Address

Birth Date

Filters

2011 - 20209

Advanced Search

Filter by

Settings

Researcher Of Publications: search.filters.isAuthorOfPublication.2b6883fb-9ad0-48b9-bb60-5a6fc9a1e1a0

Search Results

Now showing 1 - 9 of 9
  • Placeholder
    PublicationMetadata only
    Generic efficient dynamic proofs of retrievability
    (assoc Computing Machinery, 2016) N/A; Department of Computer Engineering; Etemad, Mohammad; Küpçü, Alptekin; PhD Student; Faculty Member; Department of Computer Engineering; Graduate School of Sciences and Engineering; College of Engineering; N/A; 168060
    Together with its great advantages, cloud storage brought many interesting security issues to our attention. Since 2007, with the first efficient storage integrity protocols Proofs of Retrievability (PoR) of Juels and Kaliski, and Provable Data Possession (PDP) of ateniese et al., many researchers worked on such protocols. the difference among PDP and PoR models were greatly debated. the first DPDP scheme was shown by Erway et al. in 2009, while the first DPoR scheme was created by Cash et al. in 2013. We show how to obtain DPoR from DPDP, PDP, and erasure codes, making us realize that even though we did not know it, we could have had a DPoR solution in 2009. We propose a general framework for constructing DPoR schemes that encapsulates known DPoR schemes as its special cases. We show practical and interesting optimizations enabling better performance than Chandran et al. and Shi et al. constructions. for the first time, we show how to obtain constant audit bandwidth for DPoR, independent of the data size, and how the client can greatly speed up updates with O (lambda root n) local storage (where n is the number of blocks, and lambda is the security parameter), which corresponds to similar to 3MB for 10GB outsourced data, and can easily be obtained in today's smart phones, let alone computers.
  • Placeholder
    PublicationMetadata only
    Are you really my friend? efficient and secure friend-matching in mobile social networks
    (IEEE, 2017) Beato, Filipe; Preneel, Bart; N/A; Department of Computer Engineering; Etemad, Mohammad; Küpçü, Alptekin; PhD Student; Faculty Member; Department of Computer Engineering; Graduate School of Sciences and Engineering; College of Engineering; N/A; 168060
    Social networks provide users with solutions to manage and acquire social connections in the modern society. Since users of a social network can make a new friendship even when they are not meeting physically, there should be a mechanism enabling them to securely verify identity of each other. One such mechanism is to check if there are enough number of common friends, relying on the friendships established already. Current protocols for mobile social networks require parties to act honestly during the protocol, and are limited to the two-party settings. We propose two solutions for friend matching based on authenticated data structures and polynomial operations that preserve privacy of non-common friends and provide authenticity of the result. Both constructions are efficient and general to be employed in multi-party settings.
  • Placeholder
    PublicationMetadata only
    Intelligent guard: a novel approach toward software protection
    (Springer Nature, 2011) Salehpour, Arash; Mokhtari Nazarlu, Morteza; N/A; Etemad, Mohammad; PhD Student; Graduate School of Sciences and Engineering; N/A
    Developing a software product is an extremely big deal, and can be a huge investment of cost and time. So, software piracy protection is a main concern of software-development companies. This paper presents an intelligent protection system, through using an intelligent guard delivered with the software . The guard itself is protected by a one-time-use key that resides on a USB device, and observes the environment to see whether there are suspicious operations like debugging. To get information about suspicious operations, it relies on the OS. Upon finding one or more such operations, the guard will send a signal to the software, which makes it to call disposer functions. To prevent the possibility of code reverse engineering, the program in IL, is saved encrypted, and is decrypted prior to every execution. All these operations are managed by the guard. To install and execute the software, the guard must be installed, in advance. © 2011 Springer-Verlag.
  • Placeholder
    PublicationMetadata only
    Verifiable database outsourcing supporting join
    (Academic Press Ltd- Elsevier Science Ltd, 2018) N/A; Department of Computer Engineering; Etemad, Mohammad; Küpçü, Alptekin; PhD Student; Faculty Member; Department of Computer Engineering; Graduate School of Sciences and Engineering; College of Engineering; N/A; 168060
    In an outsourced database scheme, the data owner delegates the data management tasks to a remote service provider who is supposed to answer owner's queries on the database. The essential requirements are ensuring the data integrity and authenticity with efficient mechanisms. Current approaches employ authenticated data structures to store security information, generated by the client and used by the server, to compute proofs that show the query answers are authentic. The existing solutions have shortcomings with multi-clause queries and duplicate values in a column. We propose a hierarchical authenticated data structure for storing security information, which alleviates the mentioned problems. Our solution handles many different types of queries, including multi-clause selection and join queries, in a dynamic database. We provide a unified formal definition of a secure outsourced database scheme, and prove that our proposed scheme is secure according to this definition, which captures previously separate properties: correctness, completeness, and freshness. The performance evaluation based on our prototype implementation confirms the efficiency of our proposed scheme, showing similar to 3x smaller proofs and similar to 5x improvement in proof generation time compared to previous works (Devanbu et aL 2002; Pang et aL 2005; Li et aL 2010; Palazzi et al. 2010).
  • Placeholder
    PublicationMetadata only
    Database outsourcing with hierarchical authenticated data structures
    (Springer International Publishing Ag, 2014) N/A; Department of Computer Engineering; Etemad, Mohammad; Küpçü, Alptekin; PhD Student; Faculty Member; Department of Computer Engineering; Graduate School of Sciences and Engineering; College of Engineering; N/A; 168060
    In an outsourced database scheme, the data owner delegates the data management tasks to a remote service provider. At a later time, the remote service is supposed to answer any query on the database. The essential requirements are ensuring the data integrity and authenticity with efficientmechanisms. Current approaches employ authenticated data structures to store security information, generated by the client and used by the server, to compute proofs that show the answers to the queries are authentic. The existing solutions have shortcomings with multi-clause queries and duplicate values in a column. We propose a hierarchical authenticated data structure for storing security information, which alleviates the mentioned problems. We provide a unified formal definition of a secure outsourced database scheme, and prove that our proposed scheme is secure according to this definition, which captures previously separate properties such as correctness, completeness, and freshness. The performance evaluation based on our prototype implementation confirms the efficiency of the proposed outsourced database scheme, showing more than 50% decrease in proof size and proof generation time compared to previous work, and about 1-20% communication overhead compared to the query result size.
  • Placeholder
    PublicationMetadata only
    Transparent, distributed, and replicated dynamic provable data possession
    (Springer, 2013) N/A; Department of Computer Engineering; Etemad, Mohammad; Küpçü, Alptekin; PhD Student; Faculty Member; Department of Computer Engineering; Graduate School of Sciences and Engineering; College of Engineering; N/A; 168060
    With the growing trend toward using outsourced storage, the problem of efficiently checking and proving data integrity needs more consideration. Starting with PDP and POR schemes, many cryptography and security researchers have addressed the problem. After the first solutions for static data, dynamic versions were developed (e.g., DPDP). Researchers also considered distributed versions of such schemes. Alas, in all such distributed schemes, the client needs to be aware of the structure of the cloud, and possibly pre-process the file accordingly, even though the security guarantees in the real world are not improved. We propose a distributed and replicated DPDP which is transparent from the client's viewpoint. It allows for real scenarios where the cloud storage provider (CSP) may hide its internal structure from the client, flexibly manage its resources, while still providing provable service to the client. The CSP decides on how many and which servers will store the data. Since the load is distributed, we observe one-to-two orders of magnitude better performance in our tests, while availability and reliability are also improved via replication. In addition, we use persistent rank-based authenticated skip lists to create centralized and distributed variants of a dynamic version control system with optimal complexity.
  • Placeholder
    PublicationMetadata only
    Efficient key authentication service for secure end-to-end communications
    (Springer, 2015) N/A; Department of Computer Engineering; N/A; Küpçü, Alptekin; Etemad, Mohammad; Faculty Member; PhD Student; Department of Computer Engineering; College of Engineering; Graduate School of Sciences and Engineering; 168060; N/A
    After four decades of public key cryptography, both the industry and academia seek better solutions for the public key infrastructure. A recent proposal, the certificate transparency concept, tries to enable untrusted servers act as public key servers, such that any key owner can verify that her key is kept properly at those servers. Unfortunately, due to high computation and communication requirements, existing certificate transparency proposals fail to address the problem as a whole. We propose a new efficient key authentication service (KAS). It uses server-side gossiping as the source of trust, and assumes servers are not all colluding. KAS stores all keys of each user in a separate hash chain, and always shares the last ring of the chain among the servers, ensuring the users that all servers provide the same view about them (i.e., no equivocation takes place). Storing users’ keys separately reduces the server and client computation and communication dramatically, making our KAS a very efficient way of public key authentication. The KAS handles a key registration/change operation in O(1) time using only O(1) proof size; independent of the number of users. While the previous best proposal, CONIKS, requires the client to download 100 KB of proof per day, our proposal needs less than 1 KB of proof per key lifetime, while obtaining the same probabilistic guarantees as CONIKS.
  • Thumbnail Image
    PublicationOpen Access
    Verifiable dynamic searchable encryption
    (TÜBİTAK, 2019) Department of Computer Engineering; Etemad, Mohammad; Küpçü, Alptekin; PhD Student; Department of Computer Engineering; Graduate School of Sciences and Engineering; N/A; 168060
    Using regular encryption schemes to protect the privacy of the outsourced data implies that the client should sacrifice functionality for security. Searchable symmetric encryption (SSE) schemes encrypt the data in a way that the client can later search and selectively retrieve the required data. Many SSE schemes have been proposed, starting with static constructions, and then dynamic and adaptively secure constructions but usually in the honest-but-curious model. We propose a verifiable dynamic SSE scheme that is adaptively secure against malicious adversaries. Our scheme supports file modification, which is essential for efficiently working with large files, in addition to the ability to add/delete files. While our main construction is proven secure in the random oracle model (ROM), we also present a solution secure in the standard model with full security proof. Our experiments show that our scheme in the ROM performs a search within a few milliseconds, verifies the result in another few milliseconds, and has a proof overhead of 0.01% only. Our standard model solution, while being asymptotically slower, is still practical, requiring only a small client memory (e.g., ≃488 KB) even for a large file collection (e.g., ≃10 GB), and necessitates small tokens (e.g., ≃156 KB for search and ≃362 KB for file operations).
  • Thumbnail Image
    PublicationOpen Access
    Generic dynamic data outsourcing framework for integrity verification
    (Association for Computing Machinery (ACM), 2020) Department of Computer Engineering; Etemad, Mohammad; Küpçü, Alptekin; PhD Student; Department of Computer Engineering; Graduate School of Sciences and Engineering; N/A; 168060
    Ateniese et aL proposed the Provable Data Possession (PDP) model in 2007. Following that, Erway et al. adapted the model for dynamically updatable data and called it the Dynamic Provable Data Possession (DPDP) model. The idea is that a client outsources her files to a cloud server and later challenges the server to obtain a proof of the integrity of her data. Many schemes have later been proposed for this purpose, all following a similar framework. We analyze dynamic data outsourcing schemes for the cloud regarding security and efficiency and show a general framework for constructing such schemes that encompasses existing DPDP-like schemes as different instantiations. This generalization shows that a dynamic outsourced data integrity verification scheme can be constructed given black-box access to an implicitly-ordered authenticated data structure. Moreover, for block-less verification efficiency, a homomorphic verifiable tag scheme is also needed. We investigate the requirements and conditions these building blocks should satisfy, using which one may easily check the applicability of a given building block for dynamic data outsourcing. Our framework serves as a guideline/tutoriallsurvey and enables us to provide a comparison among different building blocks that existing schemes employ.