ENEE759L/CMSC818L: Cloud Computing Security (Spring 2014)

• Course Information
• Important Deadlines and Grading
• Course Calendar
• Topics and Research Papers
• Syllabus

Course Information

• Instructor:
  Charalampos (Babis) Papamanthou
  ECE Department
  Email: cpap at umd.edu
  Office: 3409 A.V. Williams Building
  Office hours: By appointment (email me)

• Lecture times:
  Monday and Wednesday, 11:00am-12.15pm
  EGR 1104

• We are going to use Canvas for announcements.

• Summary of class requirements: (i) Presentation of two papers (40%); (ii) preparation of a short summary for each of the presented papers (10%) and (iii) completion of a research project (50%).

• During the semester, there are going to be (i) some lectures by the professor; (ii) papers and projects presentations by the students and (iii) possibly some invited lectures. We will be also discussing the ongoing projects in class.

Important Deadlines and Grading

• Papers presentation: Students must send me an email by 02/10/14 indicating which two papers they are willing to present in class. The papers should not necessarily belong to the list below (help me extend the list!) but should relate to cloud computing security. In this case students are encouraged to meet with me and discuss.
• Project proposal: Students are encouraged to form teams of two for the project. Students should send me an email by 02/17/14 containing a project proposal and indicating their team. The proposal should be an informal document indicating the literature that is going to be studied for the project and what the goals of the project will be. Some suggested projects can be found here. I encourage students to pick a project that relates to their current research area. In any case students should meet with me and discuss (possibly even before they submit their proposal).
• First project progress report: Students should submit the first project progress report by 03/14/14 (just before spring break), indicating what steps have been taken so far for the project, preliminary results and challenges that need to be addressed for the successful completion of the project. I will be more than happy to meet with students and discuss about the projects while they are working on them. Please send me an email.
• Second project progress report: Students should submit the second project progress report by 04/02/14. The second progress report should clearly document the progress that has been made since the submission of the first project progress report.
• Final project submission: Students should submit the final project report and their code (in case of an implementation project) by 04/25/14. The last two weeks of the class will be devoted to projects presentations and demos.
• Attending class will be crucial for a successful project and therefore is strongly recommended. All students must prepare an one-paragraph summary after each paper presentation (this is going to count towards their grade).

Course Calendar

Topics and Research Papers

Survey papers

- Cryptographic cloud storage, FC 2010 (Kamara, Lauter)

- Cloud data protection for the masses, IEEE COMPUTER 2012 (Song, Shi, Fischer, Shankar)

- On securing untrusted clouds with cryptography, IEEE IEEE Data Eng. Bull. 2012 (Chen, Sion)

Secure storage and memory checking

- A certified digital signature, CRYPTO 1989 (Merkle)

- Certificate revocation and certificate update, USENIX SECURITY 1998 (Naor, Nissim)

- Checking the correctness of memories, FOCS 1991 (Blum, Evans, Gemmell, Kannan, Naor)

- How efficient can memory checking be?, TCC 2008 (Dwork, Naor, Rothblum, Vaikuntanathan)

- Efficient integrity checking of untrusted network storage, STORAGESS 2008 (Heitzmann, Palazzi, Papamanthou, Tamassia)

- Accumulators from bilinear pairings and applications, CT-RSA 2005 (Nguyen)

- Dynamic accumulators and application to efficient revocation of anonymous credentials, CRYPTO 2002 (Camenisch, Lysyanskaya)

- Universal accumulators with efficient nonmembership proofs, ACNS 2007 (Li, Li, Xue)

- Provable data possession at untrusted stores, CCS 2007 (Ateniese, Burns, Curtmola, Herring, Kissner, Peterson, Song)

- Compact proofs of retrievability, ASIACRYPT 2008 (Shacham, Waters)

- Dynamic provable data possession, CCS 2009 (Erway, Kupcu, Papamanthou, Tamassia)

- Practical dynamic proofs of retrievability, CCS 2013 (Shi, Stefanov, Papamanthou)

- Proofs of storage from homomorphic identification protocols, ASIACRYPT 2009 (Ateniese, Kamara, Katz)

- Dynamic proofs of retrievability via oblivious RAM, EUROCRYPT 2013 (Cash, Kupcu, Wichs)

Authenticated data structures

- Persistent authenticated dictionaries and their applications, ISC 2001 (Anagnostopoulos, Goodrich, Tamassia)

- Efficient authenticated dictionaries with skip lists and commutative hashing, DISCEX 2001 (Goodrich, Tamassia)

- Authenticated hash tables, CCS 2008 (Papamanthou, Tamassia, Triandopoulos)

- A general model for authenticated data structures, Algorithmica 2004 (Martel, Nuckolls, Devanbu, Gertz, Kwong, Stubblebine)

- Time and space efficient algorithms for two-party authenticated data structures, ICICS 2007 (Papamanthou, Tamassia)

- Efficient authenticated data structures for graph connectivity and geometric search problems, Algorithmica 2011 (Goodrich, Tamassia, Triandopoulos)

- Optimal verification of operations on dynamic sets, CRYPTO 2011 (Papamanthou, Tamassia, Triandopoulos)

- Streaming authenticated data structures, EUROCRYPT 2013 (Papamanthou, Shi, Tamassia, Yi)

- Verifiable data streaming, CCS 2012 (Schroeder, Schroeder)

- An efficient dynamic and distributed cryptographic accumulator, ISC 2002 (Goodrich, Tamassia, Hasic)

- Authenticated data structures, generically, POPL 2014 (Miller, Hicks, Katz, Shi)

Database integrity and privacy

- Dynamic authenticated index structures for outsourced databases, SIGMOD 2005 (Li, Hadjieleftheriou, Kollios, Reyzin)

- Efficient verification of shortest path search via authenticated hints, ICDE 2010 (Yiu, Lin, Mouratidis)

- Authenticating the query results of text search engines, VLDB 2008 (Pang, Mouratidis)

- Query racing: Fast completeness certification of query results, DBSEC 2010 (Palazzi, Pizzonia, Pucacco)

- Authenticated join processing in outsourced databases, SIGMOD 2009 (Yang, Papadias, Papadopoulos, Kalnis)

- Lightweight authentication of linear algebraic queries on data streams, SIGMOD 2013 (Papadopoulos, Cormode, Deligiannakis, Garofalakis)

- Shortest path computation with no information leakage, VLDB 2012 (Mouratidis, Yiu)

- Processing analytical queries over encrypted data, VLDB 2013 (Tu, Kaashoek, Madden, Zeldovich)

- CorrectDB: SQL engine with practical query authentication, VLDB 2013 (Bajaj, Sion)

- CryptDB: Protecting confidentiality with encrypted query processing, SOSP 2011 (Popa, Redfield, Zeldovich, Balakrishnan)

- A survey of single-database private information retrieval: Techniques and applications, PKC 2007 (Ostrovsky, Skeith)

- Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds, CCS 2009 (Ristenpart, Tromer, Shacham, Savage)

Searchable encryption

- Practical techniques for searches on encrypted data, SSP 2000 (Song, Perrig, Wagner)

- Multi-dimensional range query over encrypted data, SSP 2007 (Shi, Bethencourt, Chan, Song, Perrig)

- Searchable symmetric encryption: Improved definitions and efficient constructions, CCS 2006 (Curtmola, Garay, Kamara, Ostrovsky)

- Privacy preserving keyword searches on remote encrypted data, ACNS 2007 (Chang, Mitzenmacher)

- Dynamic searchable symmetric encryption, CCS 2012 (Kamara, Papamanthou, Roeder)

- Parallel and dynamic searchable symmetric encryption, FC 2013 (Kamara, Papamanthou)

- Highly-scalable searchable symmetric encryption with support for boolean queries, CRYPTO 2013 (Cash, Jarecki, Jutla, Krawczyk, Rosu, Steiner)

- Practical dynamic searchable encryption with small leakage, NDSS 2014 (Stefanov, Papamanthou, Shi)

Verifiable computation

- Non-interactive verifiable computing: Outsourcing computation to untrusted workers, CRYPTO 2010 (Gennaro, Gentry, Parno)

- Verifiable delegation of computation over large datasets, CRYPTO 2011 (Benabbas, Gennaro, Vahlis)

- How to delegate and verify in public: Verifiable computation from attribute-based encryption, TCC 2012 (Parno, Raykova, Vaikuntanathan)

- Pinocchio: Nearly practical verifiable computation, SSP 2013 (Parno, Howell, Gentry, Raykova)

- Verifying computation with state, SOSP 2013 (Braun, Feldman, Ren, Setty, Blumberg, Walfish)

- SNARKs for C: Verifying program executions succinctly and in zero knowledge, CRYPTO 2013 (Ben-Sasson, Chiesa, Genkin, Tromer, Virza)

- Practical homomorphic MACs for arithmetic circuits, EUROCRYPT 2013 (Catalano, Fiore)

- Signatures of correct computation, TCC 2013 (Papamanthou, Shi, Tamassia)

- SWIFFT: A modest proposal for FFT hashing, FSE 2008 (Lyubashevsky, Micciancio, Peikert, Rosen)

Oblivious computation

- Software protection and simulation on oblivious RAMs, JACM 1996 (Goldreich, Ostrovsky)

- Oblivious RAM with O(log^3 N) worst-case cost, ASIACRYPT 2011 (Shi, Chan, Stefanov, Li)

- Privacy-preserving group data access via stateless oblivious RAM simulation, SODA 2012 (Goodrich, Mitzenmacher, Ohrimenko, Tamassia)

- Path ORAM: An extremely simple oblivious RAM protocol, CCS 2013 (Stefanov, van Dijk, Shi, Fletcher, Ren, Yu, Devadas)

- PHANTOM: Practical oblivious computation in a secure processor (Maas, Love, Stefanov, Tiwari, Shi, Asanovic, Kubiatowicz, Song)

- Randomized Shellsort: A simple data-oblivious sorting algorithm, JACM 2011 (Goodrich)

- Graph drawing in the cloud: Privately visualizing relational data using small working storage, GD 2012 (Goodrich, Ohrimenko, Tamassia)

- Optimizing ORAM and using it efficiently for secure computation, PETS 2013 (Gentry, Goldman, Halevi, Jutla, Raykova, Wichs)

Homomorphic encryption

- Fully homomorphic encryption using ideal lattices, STOC 2009 (Gentry)

- Fully homomorphic encryption over the integers, EUROCRYPT 2010 (van Dijk, Gentry, Halevi, Vaikuntanathan)

- ML confidential: Machine learning on encrypted data, ICISC 2012 (Graepel, Lauter, Naehrig)

- Computing blindfolded: New developments in fully homomorphic encryption, FOCS 2011 (Vaikuntanathan)

Syllabus

The syllabus can be found here.