Cryptography for Big Data Security

∗Big Data: Storage, Sharing, and Security. Edited by Fei Hu. Taylor & Francis CRC Press, 2016. https://www.crcpress.com/9781498734868 †MIT Lincoln Laboratory. This work is sponsored by the Assistant Secretary of Defense for Research and Engineering under Air Force Contract #FA8721-05-C-0002. Opinions, interpretations, recommendations and conclusions are those of the authors and are not necessarily endorsed by the United States Government. Email: {ariel.hamlin, nabil, emily.shen, sophia.yakoubov, arkady}@ll.mit.edu. ‡Boston University. Work supported by the MACS project under NSF Frontier grant CNS-1414119. Email: varia@bu.edu §Corresponding author

[1]  Elaine Shi,et al.  Ring ORAM: Closing the Gap Between Small and Large Client Storage Oblivious RAM , 2014, IACR Cryptol. ePrint Arch..

[2]  Brent Waters,et al.  Candidate Indistinguishability Obfuscation and Functional Encryption for all Circuits , 2013, 2013 IEEE 54th Annual Symposium on Foundations of Computer Science.

[3]  Brent Waters,et al.  Functional Encryption: Definitions and Challenges , 2011, TCC.

[4]  Thomas A. Limoncelli,et al.  The Practice of Cloud System Administration: Designing and Operating Large Distributed Systems, Volume 2 , 2014 .

[5]  David Evans,et al.  Two Halves Make a Whole - Reducing Data Transfer in Garbled Circuits Using Half Gates , 2015, EUROCRYPT.

[6]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[7]  Tarik Moataz,et al.  Resizable Tree-Based Oblivious RAM , 2015, Financial Cryptography.

[8]  Vladimir Kolesnikov,et al.  FleXOR: Flexible garbling for XOR gates that beats free-XOR , 2014, IACR Cryptol. ePrint Arch..

[9]  Arkady Yerukhimovich,et al.  Computing on Masked Data to improve the security of big data , 2015, 2015 IEEE International Symposium on Technologies for Homeland Security (HST).

[10]  Vinod Vaikuntanathan,et al.  Functional Encryption: New Perspectives and Lower Bounds , 2013, IACR Cryptol. ePrint Arch..

[11]  William I. Gasarch,et al.  A Survey on Private Information Retrieval (Column: Computational Complexity) , 2004, Bull. EATCS.

[12]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.

[13]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[14]  Hari Balakrishnan,et al.  CryptDB: protecting confidentiality with encrypted query processing , 2011, SOSP.

[15]  Vinod Vaikuntanathan,et al.  Attribute-based encryption for circuits , 2013, STOC '13.

[16]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[17]  Moni Naor,et al.  Privacy preserving auctions and mechanism design , 1999, EC '99.

[18]  Vladimir Kolesnikov,et al.  Improved Garbled Circuit: Free XOR Gates and Applications , 2008, ICALP.

[19]  Dong Hoon Lee,et al.  Secure Similarity Search , 2007, 2007 IEEE International Conference on Granular Computing (GRC 2007).

[20]  Jonathan Katz,et al.  Secure Multi-Party Computation of Boolean Circuits with Applications to Privacy in On-Line Marketplaces , 2012, CT-RSA.

[21]  Craig Gentry,et al.  Better Bootstrapping in Fully Homomorphic Encryption , 2012, Public Key Cryptography.

[22]  Elaine Shi,et al.  ObliviStore: High Performance Oblivious Cloud Storage , 2013, 2013 IEEE Symposium on Security and Privacy.

[23]  Galen C. Hunt,et al.  Shielding Applications from an Untrusted Cloud with Haven , 2014, OSDI.

[24]  Melissa Chase,et al.  Structured Encryption and Controlled Disclosure , 2010, IACR Cryptol. ePrint Arch..

[25]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[26]  Moni Naor,et al.  Private Information Retrieval by Keywords , 1998, IACR Cryptol. ePrint Arch..

[27]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[28]  Angelos D. Keromytis,et al.  Blind Seer: A Scalable Private DBMS , 2014, 2014 IEEE Symposium on Security and Privacy.

[29]  Michael O. Rabin,et al.  How To Exchange Secrets with Oblivious Transfer , 2005, IACR Cryptol. ePrint Arch..

[30]  Mihir Bellare,et al.  Deterministic and Efficiently Searchable Encryption , 2007, CRYPTO.

[31]  Srinivas Devadas,et al.  Onion ORAM: A Constant Bandwidth and Constant Client Storage ORAM (without FHE or SWHE) , 2015, IACR Cryptology ePrint Archive.

[32]  Silvio Micali,et al.  The Notion of Security for Probabilistic Cryptosystems , 1986, CRYPTO.

[33]  Hugo Krawczyk,et al.  Dynamic Searchable Encryption in Very-Large Databases: Data Structures and Implementation , 2014, NDSS.

[34]  Sanjeev Arora,et al.  Computational Complexity: A Modern Approach , 2009 .

[35]  Yutaka Hata,et al.  Fuzzy-ASM Based Automated Skull Stripping Method from Infantile Brain MR Images , 2007 .

[36]  Hugo Krawczyk,et al.  Outsourced symmetric private information retrieval , 2013, IACR Cryptol. ePrint Arch..

[37]  Ran Canetti,et al.  Modular Order-Preserving Encryption, Revisited , 2015, SIGMOD Conference.

[38]  Andreas Peter,et al.  A Survey of Provably Secure Searchable Encryption , 2014, ACM Comput. Surv..

[39]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[40]  Dale K. Pace,et al.  The Codebreakers: The Comprehensive History of Secret Communication from Ancient Times to the Internet , 1998 .

[41]  Craig Gentry,et al.  Implementing Gentry's Fully-Homomorphic Encryption Scheme , 2011, EUROCRYPT.

[42]  Elaine Shi,et al.  Onion ORAM: A Constant Bandwidth Blowup Oblivious RAM , 2016, TCC.

[43]  Radu Sion,et al.  TrustedDB: A Trusted Hardware-Based Database with Privacy and Data Confidentiality , 2011, IEEE Transactions on Knowledge and Data Engineering.

[44]  Shai Halevi,et al.  Algorithms in HElib , 2014, CRYPTO.

[45]  Elaine Shi,et al.  Predicate Privacy in Encryption Systems , 2009, IACR Cryptol. ePrint Arch..

[46]  Benny Pinkas,et al.  FairplayMP: a system for secure multi-party computation , 2008, CCS.

[47]  Amit Sahai,et al.  Worry-free encryption: functional encryption with public keys , 2010, CCS '10.

[48]  Mihir Bellare,et al.  Efficient Garbling from a Fixed-Key Blockcipher , 2013, 2013 IEEE Symposium on Security and Privacy.

[49]  Berk Sunar,et al.  Homomorphic AES Evaluation using NTRU , 2014, IACR Cryptol. ePrint Arch..

[50]  Frederik Vercauteren,et al.  Fully Homomorphic Encryption with Relatively Small Key and Ciphertext Sizes , 2010, Public Key Cryptography.

[51]  Yuval Ishai,et al.  Protecting data privacy in private information retrieval schemes , 1998, STOC '98.

[52]  Pieter H. Hartel,et al.  Selective Document Retrieval from Encrypted Database , 2012, ISC.

[53]  Nathan Chenette,et al.  Order-Preserving Encryption Revisited: Improved Security Analysis and Alternative Solutions , 2011, CRYPTO.

[54]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[55]  Yang Yang,et al.  HEtest: A Homomorphic Encryption Testing Framework , 2015, Financial Cryptography Workshops.

[56]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[57]  Vinod Vaikuntanathan,et al.  Functional Encryption with Bounded Collusions via Multi-party Computation , 2012, CRYPTO.

[58]  Nir Bitansky,et al.  Succinct Non-Interactive Arguments via Linear Interactive Proofs , 2013, Journal of Cryptology.

[59]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[60]  Andrew J. Blumberg,et al.  Verifying computations without reexecuting them , 2015, Commun. ACM.

[61]  Eli Ben-Sasson,et al.  SNARKs for C: Verifying Program Executions Succinctly and in Zero Knowledge , 2013, CRYPTO.

[62]  Helmut Veith,et al.  Secure two-party computations in ANSI C , 2012, CCS.

[63]  Michael Naehrig,et al.  Accelerating Homomorphic Evaluation on Reconfigurable Hardware , 2015, CHES.

[64]  Carl A. Gunter,et al.  Controlled Functional Encryption , 2014, CCS.

[65]  Ahmad-Reza Sadeghi,et al.  TASTY: tool for automating secure two-party computations , 2010, CCS '10.

[66]  Abhi Shelat,et al.  Billion-Gate Secure Computation with Malicious Adversaries , 2012, USENIX Security Symposium.

[67]  Pieter H. Hartel,et al.  Computationally Efficient Searchable Symmetric Encryption , 2010, Secure Data Management.

[68]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[69]  Rafail Ostrovsky,et al.  One-Way Trapdoor Permutations Are Sufficient for Non-trivial Single-Server Private Information Retrieval , 2000, EUROCRYPT.

[70]  Roger Khazan,et al.  Lincoln Open Cryptographic Key Management Architecture , 2012 .

[71]  Benny Pinkas,et al.  Fairplay - Secure Two-Party Computation System , 2004, USENIX Security Symposium.

[72]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: improved definitions and efficient constructions , 2006, CCS '06.

[73]  Julien Bringer,et al.  Biometric Identification over Encrypted Data Made Feasible , 2009, ICISS.

[74]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2005, STOC '05.

[75]  Tarik Moataz,et al.  Constant Communication Oblivious RAM , 2015, IACR Cryptol. ePrint Arch..

[76]  Ahmad-Reza Sadeghi,et al.  TinyGarble: Highly Compressed and Scalable Sequential Garbled Circuits , 2015, 2015 IEEE Symposium on Security and Privacy.

[77]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[78]  Silvio Micali,et al.  Computationally Private Information Retrieval with Polylogarithmic Communication , 1999, EUROCRYPT.

[79]  Brent Waters,et al.  Secure attribute-based systems , 2006, CCS '06.

[80]  Jonathan Katz,et al.  Introduction to Modern Cryptography: Principles and Protocols , 2007 .

[81]  Yael Tauman Kalai,et al.  Delegating computation: interactive proofs for muggles , 2008, STOC.

[82]  Tal Malkin,et al.  Malicious-Client Security in Blind Seer: A Scalable Private DBMS , 2015, 2015 IEEE Symposium on Security and Privacy.

[83]  Yael Tauman Kalai,et al.  Reusable garbled circuits and succinct functional encryption , 2013, STOC '13.

[84]  Yehuda Lindell,et al.  Secure Two-Party Computation via Cut-and-Choose Oblivious Transfer , 2010, IACR Cryptol. ePrint Arch..

[85]  Joe Kilian,et al.  A note on efficient zero-knowledge proofs and arguments (extended abstract) , 1992, STOC '92.

[86]  Brent Waters,et al.  Attribute-Based Encryption for Circuits from Multilinear Maps , 2012, CRYPTO.

[87]  Michael Hicks,et al.  Wysteria: A Programming Language for Generic, Mixed-Mode Multiparty Computations , 2014, 2014 IEEE Symposium on Security and Privacy.

[88]  Brent Waters,et al.  Low Overhead Broadcast Encryption from Multilinear Maps , 2014, IACR Cryptol. ePrint Arch..

[89]  Yevgeniy Dodis,et al.  Public Key Broadcast Encryption for Stateless Receivers , 2002, Digital Rights Management Workshop.

[90]  Sean W. Smith,et al.  Private Information Storage with Logarithm-Space Secure Hardware , 2004, International Information Security Workshops.

[91]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[92]  Benjamin Fuller,et al.  GROK: A Practical System for Securing Group Communications , 2010, 2010 Ninth IEEE International Symposium on Network Computing and Applications.

[93]  Silvio Micali,et al.  Probabilistic encryption & how to play mental poker keeping secret all partial information , 1982, STOC '82.

[94]  Craig Gentry,et al.  Pinocchio: Nearly Practical Verifiable Computation , 2013, 2013 IEEE Symposium on Security and Privacy.

[95]  Ivan Damgård,et al.  Semi-Homomorphic Encryption and Multiparty Computation , 2011, IACR Cryptol. ePrint Arch..

[96]  Ivan Damgård,et al.  Multiparty Computation from Somewhat Homomorphic Encryption , 2012, IACR Cryptol. ePrint Arch..

[97]  Craig Gentry,et al.  Fully Secure Functional Encryption without Obfuscation , 2014, IACR Cryptol. ePrint Arch..

[98]  Sanjeev Arora,et al.  Probabilistic checking of proofs: a new characterization of NP , 1998, JACM.

[99]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[100]  Samuel Madden,et al.  Processing Analytical Queries over Encrypted Data , 2013, Proc. VLDB Endow..

[101]  Craig Gentry,et al.  Homomorphic Evaluation of the AES Circuit , 2012, IACR Cryptol. ePrint Arch..

[102]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[103]  David Chaum,et al.  Multiparty Unconditionally Secure Protocols (Extended Abstract) , 1988, STOC.

[104]  Omer Paneth,et al.  On the Achievability of Simulation-Based Security for Functional Encryption , 2013, CRYPTO.

[105]  Charalampos Papamanthou,et al.  Parallel and Dynamic Searchable Symmetric Encryption , 2013, Financial Cryptography.

[106]  Graham Cormode,et al.  Practical verified computation with streaming interactive proofs , 2011, ITCS '12.

[107]  Jonathan Katz,et al.  On Black-Box Constructions of Predicate Encryption from Trapdoor Permutations , 2009, ASIACRYPT.

[108]  Ivan Damgård,et al.  Asynchronous Multiparty Computation: Theory and Implementation , 2008, IACR Cryptol. ePrint Arch..

[109]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[110]  Abhi Shelat,et al.  Fast two-party secure computation with minimal assumptions , 2013, CCS.

[111]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[112]  Craig Gentry,et al.  (Leveled) fully homomorphic encryption without bootstrapping , 2012, ITCS '12.

[113]  Elaine Shi,et al.  Automating Efficient RAM-Model Secure Computation , 2014, 2014 IEEE Symposium on Security and Privacy.

[114]  Hugo Krawczyk,et al.  Highly-Scalable Searchable Symmetric Encryption with Support for Boolean Queries , 2013, IACR Cryptol. ePrint Arch..

[115]  Stefan Savage,et al.  An analysis of underground forums , 2011, IMC '11.

[116]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[117]  Kartik Nayak,et al.  ObliVM: A Programming Framework for Secure Computation , 2015, 2015 IEEE Symposium on Security and Privacy.

[118]  Ronald L. Rivest,et al.  ON DATA BANKS AND PRIVACY HOMOMORPHISMS , 1978 .

[119]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[120]  Ling Ren,et al.  Path ORAM , 2012, J. ACM.

[121]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[122]  Yehuda Lindell,et al.  Implementing Two-Party Computation Efficiently with Security Against Malicious Adversaries , 2008, SCN.

[123]  Ahmed Obied,et al.  Broadcast Encryption , 2008, Encyclopedia of Multimedia.

[124]  Abhi Shelat,et al.  PCF: A Portable Circuit Format for Scalable Two-Party Secure Computation , 2013, USENIX Security Symposium.

[125]  Michael Mitzenmacher,et al.  Privacy Preserving Keyword Searches on Remote Encrypted Data , 2005, ACNS.

[126]  Rafail Ostrovsky,et al.  Efficient Arguments without Short PCPs , 2007, Twenty-Second Annual IEEE Conference on Computational Complexity (CCC'07).

[127]  Brent Waters,et al.  Constrained Pseudorandom Functions and Their Applications , 2013, ASIACRYPT.

[128]  Adam O'Neill,et al.  Definitional Issues in Functional Encryption , 2010, IACR Cryptol. ePrint Arch..

[129]  Dan Bogdanov,et al.  Sharemind: A Framework for Fast Privacy-Preserving Computations , 2008, ESORICS.

[130]  Yihua Zhang,et al.  PICCO: a general-purpose compiler for private distributed computation , 2013, CCS.

[131]  Nickolai Zeldovich,et al.  An Ideal-Security Protocol for Order-Preserving Encoding , 2013, 2013 IEEE Symposium on Security and Privacy.

[132]  Benny Pinkas,et al.  Secure Two-Party Computation is Practical , 2009, IACR Cryptol. ePrint Arch..

[133]  Moni Naor,et al.  Revocation and Tracing Schemes for Stateless Receivers , 2001, CRYPTO.

[134]  Joud Khoury,et al.  Efficient Private Publish-Subscribe Systems , 2014, 2014 IEEE 17th International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing.

[135]  Robert K. Cunningham,et al.  Automated Assessment of Secure Search Systems , 2015, OPSR.

[136]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[137]  Xenofontas A. Dimitropoulos,et al.  SEPIA: Privacy-Preserving Aggregation of Multi-Domain Network Events and Statistics , 2010, USENIX Security Symposium.

[138]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[139]  Donald Beaver,et al.  Secure multiparty protocols and zero-knowledge proof systems tolerating a faulty minority , 2004, Journal of Cryptology.

[140]  Elaine Shi,et al.  Burst ORAM: Minimizing ORAM Response Times for Bursty Access Patterns , 2014, USENIX Security Symposium.

[141]  Jie Wu,et al.  Hierarchical attribute-based encryption for fine-grained access control in cloud storage services , 2010, CCS '10.

[142]  Sean W. Smith,et al.  Practical server privacy with secure coprocessors , 2001, IBM Syst. J..

[143]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[144]  Ross J. Anderson Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .

[145]  2013 ACM SIGSAC Conference on Computer and Communications Security, CCS'13, Berlin, Germany, November 4-8, 2013 , 2013, Conference on Computer and Communications Security.

[146]  Vinod Vaikuntanathan,et al.  Efficient Fully Homomorphic Encryption from (Standard) LWE , 2011, 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science.

[147]  Frederik Vercauteren,et al.  Fully homomorphic SIMD operations , 2012, Designs, Codes and Cryptography.

[148]  Christos Gkantsidis,et al.  VC3: Trustworthy Data Analytics in the Cloud Using SGX , 2015, 2015 IEEE Symposium on Security and Privacy.

[149]  Melissa Chase,et al.  Substring-Searchable Symmetric Encryption , 2015, Proc. Priv. Enhancing Technol..

[150]  M. Rabin DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION , 1979 .

[151]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[152]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[153]  Naoki Abe,et al.  Using secure coprocessors for privacy preserving collaborative data mining and analysis , 2006, DaMoN '06.

[154]  Charalampos Papamanthou,et al.  Dynamic searchable symmetric encryption , 2012, IACR Cryptol. ePrint Arch..

[155]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[156]  Benny Pinkas,et al.  Keyword Search and Oblivious Pseudorandom Functions , 2005, TCC.

[157]  Eu-Jin Goh,et al.  Secure Indexes , 2003, IACR Cryptol. ePrint Arch..

[158]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[159]  Craig Gentry,et al.  Fully Homomorphic Encryption with Polylog Overhead , 2012, EUROCRYPT.

[160]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[161]  Jonathan Katz,et al.  Faster Secure Two-Party Computation Using Garbled Circuits , 2011, USENIX Security Symposium.