Implicit Data Integrity: Protecting User Data without MACs

Michael Kounavis, David Durham, Sergej Deutsch, Saeedeh Komijani

2018

Abstract

We address the problem of detecting data corruption, without producing, storing or verifying mathematical summaries of the content, as it is typically done today. Data corruption may be either due to natural means or due to the malicious modification of content by some attacker or malware. Today, data corruption detection is supported by producing and using security metadata such as Message Authentication Codes (MACs), Integrity Check Values (ICVs), checksums etc. The methodology we study, called ‘implicit data integrity’ avoids the use of such metadata. It supports the detection of corruption in a novel way based on the observation that regular unencrypted user data typically exhibit patterns. When some encrypted content becomes corrupted and is decrypted, it may no longer exhibit patterns. It is the absence or presence of patterns in decrypted content which denotes whether some content is modified or not. We present a number of pattern detectors and algorithms which can successfully support implicit data integrity at quantifiable security levels. We also demonstrate that our patterns and algorithms can characterize the overwhelming majority of client and server workload data. We present security analysis and performance results coming from over 111 million representative client workload cache lines and 1.47 billion representative server workload cache lines. We also present synthesis results showing the efficiency of the hardware implementations of some of our algorithms.

Download


Paper Citation


in Harvard Style

Kounavis M., Durham D., Deutsch S. and Komijani S. (2018). Implicit Data Integrity: Protecting User Data without MACs.In Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 1: SECRYPT, ISBN 978-989-758-319-3, pages 543-552. DOI: 10.5220/0006905105430552


in Bibtex Style

@conference{secrypt18,
author={Michael Kounavis and David Durham and Sergej Deutsch and Saeedeh Komijani},
title={Implicit Data Integrity: Protecting User Data without MACs},
booktitle={Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 1: SECRYPT,},
year={2018},
pages={543-552},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006905105430552},
isbn={978-989-758-319-3},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 1: SECRYPT,
TI - Implicit Data Integrity: Protecting User Data without MACs
SN - 978-989-758-319-3
AU - Kounavis M.
AU - Durham D.
AU - Deutsch S.
AU - Komijani S.
PY - 2018
SP - 543
EP - 552
DO - 10.5220/0006905105430552