ObliviousDB: Practical and Efficient Searchable Encryption with Controllable Leakage

Searchable encryption allows users to execute encrypted queries over encrypted databases. Several encryption schemes have been proposed in the literature but they leak sensitive information that could lead to inference attacks. We propose ObliviousDB, a searchable encryption scheme for an outsourced database that limits information leakage. Moreover, our scheme allows users to execute SQL-like queries on encrypted data and efficiently supports multi-user access without requiring key sharing. We have implemented ObliviousDB and show its practical efficiency.

[1]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: improved definitions and efficient constructions , 2006, CCS '06.

[2]  Giovanni Russello,et al.  Secure and Practical Searchable Encryption: A Position Paper , 2017, ACISP.

[3]  Charalampos Papamanthou,et al.  Parallel and Dynamic Searchable Symmetric Encryption , 2013, Financial Cryptography.

[4]  Bruno Crispo,et al.  Supporting complex queries and access policies for multi-user encrypted databases , 2013, CCSW.

[5]  Elisa Bertino,et al.  Poster: towards attribute based group key management , 2011, CCS '11.

[6]  Michele Colajanni,et al.  Scalable Architecture for Multi-User Encrypted SQL Operations on Cloud Database Services , 2014, IEEE Transactions on Cloud Computing.

[7]  Muhammad Naveed,et al.  The Fallacy of Composition of Oblivious RAM and Searchable Encryption , 2015, IACR Cryptol. ePrint Arch..

[8]  Michael Mitzenmacher,et al.  Privacy Preserving Keyword Searches on Remote Encrypted Data , 2005, ACNS.

[9]  Charles V. Wright,et al.  Inference Attacks on Property-Preserving Encrypted Databases , 2015, CCS.

[10]  Yiwei Thomas Hou,et al.  Protecting your right: Attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[11]  Naranker Dulay,et al.  Shared and Searchable Encrypted Data for Untrusted Servers , 2008 .

[12]  Kenneth G. Paterson,et al.  Pairings for Cryptographers , 2008, IACR Cryptol. ePrint Arch..

[13]  Carl A. Gunter,et al.  Dynamic Searchable Encryption via Blind Storage , 2014, 2014 IEEE Symposium on Security and Privacy.

[14]  Guomin Yang,et al.  Probabilistic Public Key Encryption with Equality Test , 2010, CT-RSA.

[15]  Yiwei Thomas Hou,et al.  Inverted index based multi-keyword public-key searchable encryption with strong privacy guarantee , 2015, 2015 IEEE Conference on Computer Communications (INFOCOM).

[16]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[17]  N. Cao,et al.  Privacy-preserving multi-keyword ranked search over encrypted cloud data , 2011, 2011 Proceedings IEEE INFOCOM.

[18]  Elaine Shi,et al.  Practical Dynamic Searchable Encryption with Small Leakage , 2014, NDSS.

[19]  Jonathan Katz,et al.  All Your Queries Are Belong to Us: The Power of File-Injection Attacks on Searchable Encryption , 2016, USENIX Security Symposium.

[20]  Elisa Bertino,et al.  DBMask: Fine-Grained Access Control on Encrypted Relational Databases , 2015, Trans. Data Priv..

[21]  Hari Balakrishnan,et al.  CryptDB: protecting confidentiality with encrypted query processing , 2011, SOSP.

[22]  Muhammad Rizwan Asghar,et al.  Privacy Preserving Enforcement of Sensitive Policies in Outsourced and Distributed Environments , 2013, IACR Cryptol. ePrint Arch..

[23]  Raphael Bost,et al.  ∑oφoς: Forward Secure Searchable Encryption , 2016, CCS.

[24]  David Cash,et al.  Leakage-Abuse Attacks Against Searchable Encryption , 2015, IACR Cryptol. ePrint Arch..

[25]  Florian Kerschbaum,et al.  Searchable Encryption with Secure and Efficient Updates , 2014, CCS.

[26]  Elaine Shi,et al.  Path ORAM: an extremely simple oblivious RAM protocol , 2012, CCS.

[27]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[28]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[29]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[30]  Ernesto Damiani,et al.  ENKI: Access Control for Encrypted Query Processing , 2015, SIGMOD Conference.

[31]  Rafail Ostrovsky,et al.  Efficient computation on oblivious RAMs , 1990, STOC '90.