Top-k Query Processing on Encrypted Databases with Strong Security Guarantees

Concerns about privacy in outsourced cloud databases have grown recently and many efficient and scalable query processing methods over encrypted data have been proposed. However, there is very limited work on how to securely process top-k ranking queries over encrypted databases in the cloud. In this paper, we propose the first efficient and provably secure top-k query processing construction that achieves adaptive CQA security. We develop an encrypted data structure called EHL and describe several secure sub-protocols under our security model to answer top-k queries. Furthermore, we optimize our query algorithms for both space and time efficiency. Finally, we empirically evaluate our protocol using real world datasets and demonstrate that our construction is efficient and practical.

[1]  Murat Kantarcioglu,et al.  Secure multidimensional range queries over outsourced data , 2012, The VLDB Journal.

[2]  Murat Kantarcioglu,et al.  Access Pattern disclosure on Searchable Encryption: Ramification, Attack and Mitigation , 2012, NDSS.

[3]  Wei Jiang,et al.  Secure k-nearest neighbor query over encrypted data in outsourced environments , 2013, 2014 IEEE 30th International Conference on Data Engineering.

[4]  Elisa Bertino,et al.  Privacy-Preserving Complex Query Evaluation over Semantically Secure Encrypted Data , 2014, ESORICS.

[5]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: improved definitions and efficient constructions , 2006, CCS '06.

[6]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[7]  Carsten Binnig,et al.  The End of Slow Networks: It's Time for a Redesign , 2015, Proc. VLDB Endow..

[8]  Ben Adida,et al.  How to Shuffle in Public , 2007, TCC.

[9]  Siu-Ming Yiu,et al.  Secure query processing with data interoperability in a cloud database environment , 2014, SIGMOD Conference.

[10]  Cynthia Dwork,et al.  Privacy-Preserving Datamining on Vertically Partitioned Databases , 2004, CRYPTO.

[11]  Hari Balakrishnan,et al.  CryptDB: protecting confidentiality with encrypted query processing , 2011, SOSP.

[12]  Michael Zohner,et al.  ABY - A Framework for Efficient Mixed-Protocol Secure Two-Party Computation , 2015, NDSS.

[13]  Yehuda Lindell,et al.  Privacy Preserving Data Mining , 2002, Journal of Cryptology.

[14]  Samuel Madden,et al.  Processing Analytical Queries over Encrypted Data , 2013, Proc. VLDB Endow..

[15]  Andreas Schaad,et al.  Optimal Re-encryption Strategy for Joins in Encrypted Databases , 2013, DBSec.

[16]  Elisa Bertino,et al.  Secure kNN Query Processing in Untrusted Cloud Environments , 2014, IEEE Transactions on Knowledge and Data Engineering.

[17]  Chris Clifton,et al.  Privacy-preserving decision trees over vertically partitioned data , 2005, TKDD.

[18]  Chris Clifton,et al.  Privacy - preserving top-k queries , 2005, 21st International Conference on Data Engineering (ICDE'05).

[19]  Ernesto Damiani,et al.  ENKI: Access Control for Encrypted Query Processing , 2015, SIGMOD Conference.

[20]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[21]  Melissa Chase,et al.  Structured Encryption and Controlled Disclosure , 2010, IACR Cryptol. ePrint Arch..

[22]  Ihab F. Ilyas,et al.  A survey of top-k query processing techniques in relational database systems , 2008, CSUR.

[23]  Feifei Li,et al.  Secure nearest neighbor revisited , 2013, 2013 IEEE 29th International Conference on Data Engineering (ICDE).

[24]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[25]  Lu Li,et al.  Efficient secure similarity computation on encrypted trajectory data , 2015, 2015 IEEE 31st International Conference on Data Engineering.

[26]  Ahmad-Reza Sadeghi,et al.  Twin Clouds: Secure Cloud Computing with Low Latency - (Full Version) , 2011, Communications and Multimedia Security.

[27]  Ivan Damgård,et al.  A Generalisation, a Simplification and Some Applications of Paillier's Probabilistic Public-Key System , 2001, Public Key Cryptography.

[28]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[29]  Murat Kantarcioglu,et al.  Efficient privacy-aware search over encrypted databases , 2014, CODASPY '14.

[30]  Raphael Bost,et al.  ∑oφoς: Forward Secure Searchable Encryption , 2016, CCS.

[31]  Elaine Shi,et al.  Constants Count: Practical Improvements to Oblivious RAM , 2015, USENIX Security Symposium.

[32]  Olga Ohrimenko,et al.  Sorting and Searching Behind the Curtain , 2015, Financial Cryptography.

[33]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[34]  Ken Eguro,et al.  Transaction processing on confidential data using cipherbase , 2015, 2015 IEEE 31st International Conference on Data Engineering.

[35]  Chris Clifton,et al.  Privacy-preserving Naïve Bayes classification , 2008, The VLDB Journal.

[36]  Moni Naor,et al.  Optimal aggregation algorithms for middleware , 2001, PODS '01.

[37]  Radu Sion,et al.  TrustedDB: A Trusted Hardware-Based Database with Privacy and Data Confidentiality , 2011, IEEE Transactions on Knowledge and Data Engineering.

[38]  Chris Clifton,et al.  Privacy-preserving distributed mining of association rules on horizontally partitioned data , 2004, IEEE Transactions on Knowledge and Data Engineering.

[39]  Rui Li,et al.  Fast Range Query Processing with Strong Privacy Protection for Cloud Computing , 2014, Proc. VLDB Endow..

[40]  Ahmed A. Metwally,et al.  Secure Data Management Service on Cloud Computing Infrastructures , 2011 .

[41]  Elaine Shi,et al.  Multi-Dimensional Range Query over Encrypted Data , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[42]  Xuhua Ding,et al.  Privacy-Preserving Ad-Hoc Equi-Join on Outsourced Data , 2014, TODS.

[43]  Shafi Goldwasser,et al.  Machine Learning Classification over Encrypted Data , 2015, NDSS.

[44]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[45]  Nikos Mamoulis,et al.  Secure kNN computation on encrypted databases , 2009, SIGMOD Conference.

[46]  Nathan Chenette,et al.  Order-Preserving Encryption Revisited: Improved Security Analysis and Alternative Solutions , 2011, CRYPTO.

[47]  Charalampos Papamanthou,et al.  Dynamic searchable symmetric encryption , 2012, IACR Cryptol. ePrint Arch..

[48]  George Kollios,et al.  GRECS: Graph Encryption for Approximate Shortest Distance Queries , 2015, IACR Cryptol. ePrint Arch..

[49]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[50]  Hugo Krawczyk,et al.  Highly-Scalable Searchable Symmetric Encryption with Support for Boolean Queries , 2013, IACR Cryptol. ePrint Arch..