CryptoCache: Network caching with confidentiality

Jeremie Leguay; Georgios Paschos; Elizabeth Quaglia; Ben Smyth

doi:10.1109/ICC.2017.7996866

CryptoCache: Network caching with confidentiality

Jeremie Leguay, Georgios Paschos, Elizabeth Quaglia, Ben Smyth

Department of Information Security

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

63 Downloads (Pure)

Abstract

End-to-end encryption seemingly signifies the death of caching, because current methods ensure that no two sessions are alike. In this paper, we show that servers can reuse encrypted content between sessions, thereby rejuvenating caching. The main idea of our technique is to allow interim nodes to cache content based on pseudo-identifiers instead of real file identities. This enables caching of reusable pseudo-identifiers, whilst maintaining content confidentiality, i.e., ensuring that only the client and the server know the actual identity of the requested file. Furthermore, we provide an extension that prevents client linkability, i.e., ensuring it is impossible to tell if two clients are viewing the same content. Finally, we formally analyse the balance between security and the hit probability performance of the cache.

Original language	English
Title of host publication	2017 IEEE International Conference on Communications (ICC)
Publisher	IEEE
Pages	1-6
Number of pages	6
ISBN (Electronic)	978-1-4673-8999-0
ISBN (Print)	978-1-4673-9000-2
DOIs	https://doi.org/10.1109/ICC.2017.7996866
Publication status	Published - 31 Jul 2017
Event	Communications (ICC), 2017 IEEE International Conference on - Paris, France Duration: 21 May 2017 → 25 May 2017

Conference

Conference	Communications (ICC), 2017 IEEE International Conference on
Abbreviated title	ICC
Country/Territory	France
City	Paris
Period	21/05/17 → 25/05/17

Access to Document

10.1109/ICC.2017.7996866

Accepted ManuscriptAccepted author manuscript, 651 KB

Cite this

@inproceedings{870be30b632647dc8e4dbf35045c578a,

title = "CryptoCache: Network caching with confidentiality",

abstract = "End-to-end encryption seemingly signifies the death of caching, because current methods ensure that no two sessions are alike. In this paper, we show that servers can reuse encrypted content between sessions, thereby rejuvenating caching. The main idea of our technique is to allow interim nodes to cache content based on pseudo-identifiers instead of real file identities. This enables caching of reusable pseudo-identifiers, whilst maintaining content confidentiality, i.e., ensuring that only the client and the server know the actual identity of the requested file. Furthermore, we provide an extension that prevents client linkability, i.e., ensuring it is impossible to tell if two clients are viewing the same content. Finally, we formally analyse the balance between security and the hit probability performance of the cache.",

author = "Jeremie Leguay and Georgios Paschos and Elizabeth Quaglia and Ben Smyth",

year = "2017",

month = jul,

day = "31",

doi = "10.1109/ICC.2017.7996866",

language = "English",

isbn = "978-1-4673-9000-2",

pages = "1--6",

booktitle = "2017 IEEE International Conference on Communications (ICC)",

publisher = "IEEE",

note = "Communications (ICC), 2017 IEEE International Conference on, ICC ; Conference date: 21-05-2017 Through 25-05-2017",

}

TY - GEN

T1 - CryptoCache

T2 - Communications (ICC), 2017 IEEE International Conference on

AU - Leguay, Jeremie

AU - Paschos, Georgios

AU - Quaglia, Elizabeth

AU - Smyth, Ben

PY - 2017/7/31

Y1 - 2017/7/31

N2 - End-to-end encryption seemingly signifies the death of caching, because current methods ensure that no two sessions are alike. In this paper, we show that servers can reuse encrypted content between sessions, thereby rejuvenating caching. The main idea of our technique is to allow interim nodes to cache content based on pseudo-identifiers instead of real file identities. This enables caching of reusable pseudo-identifiers, whilst maintaining content confidentiality, i.e., ensuring that only the client and the server know the actual identity of the requested file. Furthermore, we provide an extension that prevents client linkability, i.e., ensuring it is impossible to tell if two clients are viewing the same content. Finally, we formally analyse the balance between security and the hit probability performance of the cache.

AB - End-to-end encryption seemingly signifies the death of caching, because current methods ensure that no two sessions are alike. In this paper, we show that servers can reuse encrypted content between sessions, thereby rejuvenating caching. The main idea of our technique is to allow interim nodes to cache content based on pseudo-identifiers instead of real file identities. This enables caching of reusable pseudo-identifiers, whilst maintaining content confidentiality, i.e., ensuring that only the client and the server know the actual identity of the requested file. Furthermore, we provide an extension that prevents client linkability, i.e., ensuring it is impossible to tell if two clients are viewing the same content. Finally, we formally analyse the balance between security and the hit probability performance of the cache.

U2 - 10.1109/ICC.2017.7996866

DO - 10.1109/ICC.2017.7996866

M3 - Conference contribution

SN - 978-1-4673-9000-2

SP - 1

EP - 6

BT - 2017 IEEE International Conference on Communications (ICC)

PB - IEEE

Y2 - 21 May 2017 through 25 May 2017

ER -