A Secure Database System using Homomorphic Encryption Schemes

Cloud computing emerges as an attractive solution that can be delegated to store and process confidential data. However, several security risks are encountered with such a system as the securely encrypted data should be decrypted before processing them. Therefore, the decrypted data is susceptible to reading and alterations. As a result, processing encrypted data has been a research subject since the publication of the RSA encryption scheme in 1978. In this paper we present a relational database system based on homomorphic encryption schemes to preserve the integrity and confidentiality of the data. Our system executes SQL queries over encrypted data. We tested our system with a recently developed homomorphic scheme that enables the execution of arithmetic operations on ciphertexts. We show that the proposed system performs accurate SQL operations, yet its performance discourages a practical implementation of this system.

[1]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[2]  Eyal Kushilevitz,et al.  Private information retrieval , 1995, Proceedings of IEEE 36th Annual Foundations of Computer Science.

[3]  Zhenfu Cao,et al.  Extended attribute based encryption for private information retrieval , 2009, 2009 IEEE 6th International Conference on Mobile Adhoc and Sensor Systems.

[4]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[5]  Craig Gentry,et al.  Fully Homomorphic Encryption over the Integers , 2010, EUROCRYPT.

[6]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[7]  Craig Gentry,et al.  Computing arbitrary functions of encrypted data , 2010, CACM.

[8]  Tal Malkin,et al.  Secure anonymous database search , 2009, CCSW '09.

[9]  Markus Jakobsson,et al.  Controlling data in the cloud: outsourcing computation without outsourcing control , 2009, CCSW '09.

[10]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[11]  Toru Nakamura,et al.  Anonymous authentication systems based on private information retrieval , 2009, 2009 First International Conference on Networked Digital Technologies.

[12]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[13]  Philippe Gaborit,et al.  A fast private information retrieval protocol , 2008, 2008 IEEE International Symposium on Information Theory.

[14]  Elisa Bertino,et al.  Controlling data disclosure in computational PIR protocols , 2010, ASIACCS '10.

[15]  Craig Gentry,et al.  Single-Database Private Information Retrieval with Constant Communication Rate , 2005, ICALP.