3

I have a vector of int called $Xreg = [x1, x2, ..., xn]$ that I need to send from a client to a server for storage in a database.

If an attacker gains access to the database or the server he shouldn't be able to recover the original vector $Xreg$.

To do so, I had the idea to multiply each component of $Xreg$ with two big numbers ($S0$ and $S1$) of 512 bits each.

Therefore the client will send $S0.S1.Xreg$ = $[S0.S1.x1, S0.S1.x2, ..., S0.S1.xn]$.

The client will keep the record of $S0$ and creates a new $Si$ each time he wants to connect to the server. Therefore the second time, client will send $S0.S2.Xreg$ and server will replace it in the database.

My question is, if a malicious or semi-honest adversaries gains access to the server or the database will he be able to recover the original $Xreg$ ? Let's suppose that if the server is compromised, the communications will stop so the attacker could possibly get only one record of $S0.Si.Xreg$ and possibly $S0.S_{i-1}.Xreg$ and $S_i/S_{i-1}$

Thanks in advance.

Mike Edward Moras
  • 18,161
  • 12
  • 87
  • 240
user3336797
  • 53
  • 4

1 Answers1

6

Given a vector $[S_0 S_1 x_1, S_0 S_1 x_2, ...]$, it is quite easy to recover $S_0 S_1$ (by computing the GCD of the various elements). With that information, the attacker can then recover the values $x_1, x_2, ...$, and so yes, a semihonest adversary could easily recover the $X_{reg}$ values.

poncho
  • 154,064
  • 12
  • 239
  • 382