GPN13:SEDAWG: Eine durchsuchbare Verschlüsselung

aus dem Wiki des Entropia e.V., CCC Karlsruhe
Version vom 29. Mai 2013, 07:07 Uhr von Fahrplanbot (Diskussion | Beiträge) (Vortragsseite initialisiert)
(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)


Ein Vortrag von AlienX auf der GPN13.

Die Beschreibung habe ich nur auf Englisch, aber die Vortragssprache ist deutsch. Cloud computing is one of the most promising trends in the IT industry. In terms of data security however, cloud computing brings a new threat: Users lose control over their data. Cloud providers can access their customer's data at will. To challenge this drawback technologically, one needs to seek methods that enhance the privacy of the user's data without negating the advantages of cloud computing. Notably, computational and storage overhead should be handled in the cloud, not on the client. Consider for example the scenario of an outsourced e-mail archive: Users wish to employ a cloud provider to store their e-mails in order to be able to access them with a mobile device and without letting the provider gain knowledge of the archive's content. To conserve bandwidth, they want to perform searches on their archived e-mail online instead of downloading each and every message individually and searching locally. This talk addresses the problem of secure exact pattern matching: A user encrypts a long string he later wishes to query for the occurrence of certain patterns. This encrypted string is then uploaded to a server and to perform a search, the user can interact with the server. The server should never learn neither the string itself, nor the patterns searched for.