P-McDb: Privacy-Preserving Search Using Multi-Cloud Encrypted Databases

Searchable Symmetric Encryption (SSE) allows users to execute encrypted queries over encrypted databases. A large number of SSE schemes have been proposed in the literature. However, most of them leak a significant amount of information that could lead to inference attacks. In this work, we propose an SSE scheme for a Privacy-preserving Multi-cloud encrypted Database (P-McDb), which aims at preventing inference attacks. P-McDb allows users to execute SQL-like queries in an efficient sub-linear manner without leaking search, access and size patterns. We have implemented a prototype of P-McDb and show its practical efficiency.

[1]  Jonathan Katz,et al.  All Your Queries Are Belong to Us: The Power of File-Injection Attacks on Searchable Encryption , 2016, USENIX Security Symposium.

[2]  David Cash,et al.  Leakage-Abuse Attacks Against Searchable Encryption , 2015, IACR Cryptol. ePrint Arch..

[3]  Ernesto Damiani,et al.  ENKI: Access Control for Encrypted Query Processing , 2015, SIGMOD Conference.

[4]  Stefanos Gritzalis,et al.  ORAM Based Forward Privacy Preserving Dynamic Searchable Symmetric Encryption Schemes , 2015, CCSW '15.

[5]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[6]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: Improved definitions and efficient constructions , 2011, J. Comput. Secur..

[7]  Raphael Bost,et al.  Sophos - Forward Secure Searchable Encryption , 2016, IACR Cryptol. ePrint Arch..

[8]  Yiwei Thomas Hou,et al.  Inverted index based multi-keyword public-key searchable encryption with strong privacy guarantee , 2015, 2015 IEEE Conference on Computer Communications (INFOCOM).

[9]  Giovanni Russello,et al.  Secure and Practical Searchable Encryption: A Position Paper , 2017, ACISP.

[10]  Elisa Bertino,et al.  DBMask: Fine-Grained Access Control on Encrypted Relational Databases , 2015, Trans. Data Priv..

[11]  Elaine Shi,et al.  Practical Dynamic Searchable Encryption with Small Leakage , 2014, NDSS.

[12]  Bruno Crispo,et al.  Supporting complex queries and access policies for multi-user encrypted databases , 2013, CCSW.

[13]  Michele Colajanni,et al.  Scalable Architecture for Multi-User Encrypted SQL Operations on Cloud Database Services , 2014, IEEE Transactions on Cloud Computing.

[14]  Hugo Krawczyk,et al.  Dynamic Searchable Encryption in Very-Large Databases: Data Structures and Implementation , 2014, NDSS.

[15]  P. Vishvapathi,et al.  Privacy-Preserving Multi-keyword Ranked Search over Encrypted Cloud Data , 2022 .

[16]  Hari Balakrishnan,et al.  CryptDB: protecting confidentiality with encrypted query processing , 2011, SOSP.

[17]  Raphael Bost,et al.  ∑oφoς: Forward Secure Searchable Encryption , 2016, CCS.

[18]  Carl A. Gunter,et al.  Dynamic Searchable Encryption via Blind Storage , 2014, 2014 IEEE Symposium on Security and Privacy.

[19]  Hugo Krawczyk,et al.  Outsourced symmetric private information retrieval , 2013, IACR Cryptol. ePrint Arch..

[20]  Charles V. Wright,et al.  Inference Attacks on Property-Preserving Encrypted Databases , 2015, CCS.

[21]  Yiwei Thomas Hou,et al.  Protecting your right: Attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[22]  Liehuang Zhu,et al.  Search pattern leakage in searchable encryption: Attacks and new construction , 2014, Inf. Sci..

[23]  Michael Mitzenmacher,et al.  Privacy Preserving Keyword Searches on Remote Encrypted Data , 2005, ACNS.