Privacy-Preserving Queries on Encrypted Data

Data confidentiality is a major concern in database systems. Encryption is a useful tool for protecting the confidentiality of sensitive data. However, when data is encrypted, performing queries becomes more challenging. In this paper, we study efficient and provably secure methods for queries on encrypted data stored in an outsourced database that may be susceptible to compromise. Specifically, we show that, in our system, even if an intruder breaks into the database and observes some interactions between the database and its users, he only learns very little about the data stored in the database and the queries performed on the data. Our work consists of several components. First, we consider databases in which each attribute has a finite domain and give a basic solution for certain kinds of queries on such databases. Then, we present two enhanced solutions, one with a stronger security guarantee and the other with accelerated queries. In addition to providing proofs of our security guarantees, we provide empirical performance evaluations. Our experiments demonstrate that our solutions are fast on large-sized real data.

[1]  Silvio Micali,et al.  Computationally Private Information Retrieval with Polylogarithmic Communication , 1999, EUROCRYPT.

[2]  Gene Tsudik,et al.  A Privacy-Preserving Index for Range Queries , 2004, VLDB.

[3]  Hakan Hacigümüs,et al.  Efficient Execution of Aggregation Queries over Encrypted Relational Databases , 2004, DASFAA.

[4]  Joan Feigenbaum,et al.  Cryptographic Protection of Databases and Software , 1989, Distributed Computing And Cryptography.

[5]  Eu-Jin Goh,et al.  Secure Indexes , 2003, IACR Cryptol. ePrint Arch..

[6]  Gene Tsudik,et al.  A Framework for Efficient Storage Security in RDBMS , 2004, EDBT.

[7]  Oded Goldreich,et al.  Foundations of Cryptography: Volume 2, Basic Applications , 2004 .

[8]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[9]  Eyal Kushilevitz,et al.  Private information retrieval , 1995, Proceedings of IEEE 36th Annual Foundations of Computer Science.

[10]  Mihir Bellare,et al.  Lecture Notes on Cryptography , 2001 .

[11]  Sushil Jajodia,et al.  Balancing confidentiality and efficiency in untrusted relational DBMSs , 2003, CCS '03.

[12]  Oded Goldreich Foundations of Cryptography: Volume 1 , 2006 .

[13]  Oded Goldreich,et al.  Foundations of Cryptography: List of Figures , 2001 .

[14]  John B. Kam,et al.  A database encryption system with subkeys , 1981, TODS.

[15]  Oded Goldreich Foundations of Cryptography: Index , 2001 .

[16]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[17]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[18]  Ramakrishnan Srikant,et al.  Hippocratic Databases , 2002, VLDB.

[19]  Hakan Hacigümüs,et al.  Providing database as a service , 2002, Proceedings 18th International Conference on Data Engineering.

[20]  Gultekin Özsoyoglu,et al.  Anti-Tamper Databases: Querying Encrypted Databases , 2003, DBSec.

[21]  Min Wang,et al.  Cryptography and relational database management systems , 2001, Proceedings 2001 International Database Engineering and Applications Symposium.

[22]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[23]  Michael Mitzenmacher,et al.  Privacy Preserving Keyword Searches on Remote Encrypted Data , 2005, ACNS.

[24]  Radek Vingralek,et al.  GnatDb: A Small-Footprint, Secure Database System , 2002, VLDB.

[25]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[26]  Luc Bouganim,et al.  Chip-Secured Data Access: Confidential Data on Untrusted Servers , 2002, VLDB.