ABSTRACT
Merkle Trees (and its variants) are widely used for building secure outsourced data systems. The adoption of Merkle Trees for high-performance data systems, however, uncovered major performance challenges. First and unlike classical data structures, Merkle Trees involve expensive cryptographic operations and are thus CPU-bound. Second, they are not well suited for modern multi-core CPUs because they introduce a single point of contention making Merkle Trees hard to parallelize. While recent work aimed at replacing Merkle Trees to circumvent their performance problem, we suggest new techniques to speed-up this ubiquitous data structure and achieve high-performance. In this paper, we present initial results showing that in contrast to common wisdom it is indeed possible to build high-performance Merkle Trees with orders of magnitude performance improvements.
- Arvind Arasu, Badrish Chandramouli, Johannes Gehrke, Esha Ghosh, Donald Kossmann, Jonathan Protzenko, Ravi Ramamurthy, Tahina Ramananandro, Aseem Rastogi, Srinath Setty, Nikhil Swamy, Alexander van Renen, and Min Xu. 2021. FastVer: Making Data Integrity a Commodity. In Proceedings of the 2021 International Conference on Management of Data. ACM, Virtual Event China, 89–101. https://doi.org/10.1145/3448016.3457312Google ScholarDigital Library
- Arvind Arasu, Ken Eguro, Raghav Kaushik, Donald Kossmann, Pingfan Meng, Vineet Pandey, and Ravi Ramamurthy. 2017. Concerto: A High Concurrency Key-Value Store with Integrity. In Proceedings of the 2017 ACM International Conference on Management of Data(SIGMOD ’17). Association for Computing Machinery, New York, NY, USA, 251–266. https://doi.org/10.1145/3035918.3064030Google ScholarDigital Library
- Sumeet Bajaj, Anrin Chakraborti, and Radu Sion. 2021. ConcurDB: Concurrent Query Authentication for Outsourced Databases. IEEE Transactions on Knowledge and Data Engineering 33, 4 (Apr 2021), 1401–1412. https://doi.org/10.1109/TKDE.2019.2943557Google ScholarCross Ref
- Nathan G. Bronson, Jared Casper, Hassan Chafi, and Kunle Olukotun. 2010. A practical concurrent binary search tree. ACM SIGPLAN Notices 45, 5 (May 2010), 257–268. https://doi.org/10.1145/1837853.1693488Google ScholarDigital Library
- Jan Böttcher, Viktor Leis, Jana Giceva, Thomas Neumann, and Alfons Kemper. 2020. Scalable and robust latches for database systems. In Proceedings of the 16th International Workshop on Data Management on New Hardware. ACM, Portland Oregon, 1–8. https://doi.org/10.1145/3399666.3399908Google ScholarDigital Library
- Andrew Flangas, Autumn Cuellar, Michael Reyes, and Frederick C. Harris. 2021. Parallelized C++ Implementation of a Merkle Tree. In ITNG 2021 18th International Conference on Information Technology-New Generations(Advances in Intelligent Systems and Computing), Shahram Latifi (Ed.). Springer International Publishing, Cham, 107–114. https://doi.org/10.1007/978-3-030-70416-2_13Google ScholarCross Ref
- Goetz Graefe. 2010. A survey of B-tree locking techniques. ACM Trans. Database Syst. 35, 3 (2010), 16:1–16:26. https://doi.org/10.1145/1806907.1806908Google ScholarDigital Library
- Rohit Jain and Sunil Prabhakar. 2013. Trustworthy data from untrusted databases. In 2013 IEEE 29th International Conference on Data Engineering (ICDE). IEEE, Brisbane, QLD, Australia, 529–540. https://doi.org/10.1109/ICDE.2013.6544853Google ScholarDigital Library
- Janakirama Kalidhindi, Alex Kazorian, Aneesh Khera, and Cibi Pari. 2018. Angela: A Sparse, Distributed, and Highly Concurrent Merkle Tree. UC Berkeley, Berkeley. 11 pages.Google Scholar
- Viktor Leis, Michael Haubenschild, and Thomas Neumann. 2019. Optimistic Lock Coupling: A Scalable and Efficient General-Purpose Synchronization Method. IEEE Data Eng. Bull. 42, 1 (2019), 73–84.Google Scholar
- Viktor Leis, Florian Scheibner, Alfons Kemper, and Thomas Neumann. 2016. The ART of practical synchronization. In Proceedings of the 12th International Workshop on Data Management on New Hardware. ACM, San Francisco California, 1–8. https://doi.org/10.1145/2933349.2933352Google ScholarDigital Library
- Ralph C. Merkle. 1988. A Digital Signature Based on a Conventional Encryption Function. In Advances in Cryptology — CRYPTO ’87(Lecture Notes in Computer Science), Carl Pomerance (Ed.). Springer, Berlin, Heidelberg, 369–378. https://doi.org/10.1007/3-540-48184-2_32Google ScholarCross Ref
- Maithili Narasimha and Gene Tsudik. 2006. Authentication of Outsourced Databases Using Signature Aggregation and Chaining. In Database Systems for Advanced Applications(Lecture Notes in Computer Science), Mong Li Lee, Kian-Lee Tan, and Vilas Wuwongse (Eds.). Springer, Berlin, Heidelberg, 420–436. https://doi.org/10.1007/11733836_30Google ScholarDigital Library
- HweeHwa Pang, Jilian Zhang, and Kyriakos Mouratidis. 2009. Scalable verification for outsourced dynamic databases. Proceedings of the VLDB Endowment 2, 1 (Aug 2009), 802–813. https://doi.org/10.14778/1687627.1687718Google ScholarDigital Library
- Rohit Sinha and Mihai Christodorescu. 2018. VeritasDB: High Throughput Key-Value Store with Integrity. Cryptology ePrint Archive, Paper 2018/251. https://eprint.iacr.org/2018/251 https://eprint.iacr.org/2018/251.Google Scholar
- V. Srinivasan and Michael J. Carey. 1993. Performance of B+ tree concurrency control algorithms. The VLDB Journal 2, 4 (Oct 1993), 361–406. https://doi.org/10.1007/BF01263046Google ScholarDigital Library
- Alin Tomescu, Vivek Bhupatiraju, Dimitrios Papadopoulos, Charalampos Papamanthou, Nikos Triandopoulos, and Srinivas Devadas. 2019. Transparency Logs via Append-Only Authenticated Dictionaries. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security(CCS ’19). Association for Computing Machinery, New York, NY, USA, 1299–1316. https://doi.org/10.1145/3319535.3345652Google ScholarDigital Library
Index Terms
- Towards Merkle Trees for High-Performance Data Systems
Recommendations
GMMT: A Revocable Group Merkle Multi-tree Signature Scheme
Cryptology and Network SecurityAbstractG-Merkle (GM) (PQCrypto 2018) is the first hash-based group signature scheme where it was stated that multi-tree approaches are not applicable, thus limiting the maximum number of supported signatures to . DGM (ESORICS 2019) is a dynamic and ...
Optimal trade-off for Merkle tree traversal
In this paper we describe optimal trade-offs between time and space complexity of Merkle tree traversals with their associated authentication paths, improving on the previous results of M. Jakobsson, T. Leighton, S. Micali, and M. Szydlo [Fractal Merkle ...
Merkle Tree Ladder Mode: Reducing the Size Impact of NIST PQC Signature Algorithms in Practice
Topics in Cryptology – CT-RSA 2023AbstractWe introduce the Merkle Tree Ladder (MTL) mode of operation for signature schemes. MTL mode signs messages using an underlying signature scheme in such a way that the resulting signatures are condensable: a set of MTL mode signatures can be ...
Comments