DP-Sync: Hiding Update Patterns in Secure Outsourced Databases with Differential Privacy

In this paper, we consider privacy-preserving update strategies for secure outsourced growing databases. Such databases allow appendonly data updates on the outsourced data structure while analysis is ongoing. Despite a plethora of solutions to securely outsource database computation, existing techniques do not consider the information that can be leaked via update patterns. To address this problem, we design a novel secure outsourced database framework for growing data, DP-Sync, which interoperate with a large class of existing encrypted databases and supports efficient updates while providing differentially-private guarantees for any single update. We demonstrate DP-Sync's practical feasibility in terms of performance and accuracy with extensive empirical evaluations on real world datasets.

[1]  Murat Kantarcioglu,et al.  Secure multidimensional range queries over outsourced data , 2012, The VLDB Journal.

[2]  Sebastian Burckhardt,et al.  Principles of Eventual Consistency , 2014, Found. Trends Program. Lang..

[3]  Ion Stoica,et al.  Opaque: An Oblivious and Encrypted Distributed Analytics Platform , 2017, NSDI.

[4]  Rasool Jalili,et al.  New Constructions for Forward and Backward Private Symmetric Searchable Encryption , 2018, CCS.

[5]  Ashwin Machanavajjhala,et al.  ShrinkWrap: Efficient SQL Query Processing in Differentially Private Data Federations , 2018, Proc. VLDB Endow..

[6]  Raghav Kaushik,et al.  Oblivious Query Processing , 2013, ICDT.

[7]  Moti Yung,et al.  Mitigating Leakage in Secure Cloud-Hosted Data Structures: Volume-Hiding for Multi-Maps via Hashing , 2019, CCS.

[8]  Aleksandar Nikolov,et al.  Private decayed predicate sums on streams , 2013, ICDT '13.

[9]  Abel N. Kho,et al.  SMCQL: Secure Query Processing for Private Data Networks , 2016, Proc. VLDB Endow..

[10]  Carl A. Gunter,et al.  Dynamic Searchable Encryption via Blind Storage , 2014, 2014 IEEE Symposium on Security and Privacy.

[11]  Ashwin Machanavajjhala,et al.  No free lunch in data privacy , 2011, SIGMOD '11.

[12]  Masatoshi Yoshikawa,et al.  Quantifying Differential Privacy under Temporal Correlations , 2016, 2017 IEEE 33rd International Conference on Data Engineering (ICDE).

[13]  Melissa Chase,et al.  Structured Encryption and Controlled Disclosure , 2010, IACR Cryptol. ePrint Arch..

[14]  Stephanie Wang,et al.  Practical Volume-Based Attacks on Encrypted Databases , 2020, 2020 IEEE European Symposium on Security and Privacy (EuroS&P).

[15]  Roxana Geambasu,et al.  Privacy Accounting and Quality Control in the Sage Differentially Private ML Platform , 2019, ACM SIGOPS Oper. Syst. Rev..

[16]  Kartik Nayak,et al.  Locality-Preserving Oblivious RAM , 2019, EUROCRYPT.

[17]  Prateek Mittal,et al.  Dependence Makes You Vulnberable: Differential Privacy Under Dependent Tuples , 2016, NDSS.

[18]  Ramarathnam Venkatesan,et al.  Orthogonal Security with Cipherbase , 2013, CIDR.

[19]  Elaine Shi,et al.  Multi-Dimensional Range Query over Encrypted Data , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[20]  Janardhan Kulkarni,et al.  An Algorithmic Framework For Differentially Private Data Analysis on Trusted Processors , 2018, NeurIPS.

[21]  Dawn Xiaodong Song,et al.  Towards Practical Differential Privacy for SQL Queries , 2017, Proc. VLDB Endow..

[22]  Yizhen Wang,et al.  Pufferfish Privacy Mechanisms for Correlated Data , 2016, SIGMOD Conference.

[23]  Yannis Rouselakis,et al.  Property Preserving Symmetric Encryption , 2012, EUROCRYPT.

[24]  Ashwin Machanavajjhala,et al.  PeGaSus: Data-Adaptive Differentially Private Stream Processing , 2017, CCS.

[25]  Li Xiong,et al.  Protecting Locations with Differential Privacy under Temporal Correlations , 2014, CCS.

[26]  Divesh Srivastava,et al.  Composing Differential Privacy and Secure Computation: A Case Study on Scaling Private Record Linkage , 2017, CCS.

[27]  Florian Kerschbaum,et al.  Searchable Encryption with Secure and Efficient Updates , 2014, CCS.

[28]  Ariel J. Feldman,et al.  Hermetic : Privacy-preserving distributed analytics without ( most ) side channels , 2019 .

[29]  K. Paterson,et al.  Improved Reconstruction Attacks on Encrypted Data Using Range Query Leakage , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[30]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[31]  Oded Goldreich,et al.  The Foundations of Cryptography - Volume 2: Basic Applications , 2001 .

[32]  Kapil Vaswani,et al.  EnclaveDB: A Secure Database Using SGX , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[33]  Sahar Mazloom,et al.  Secure Computation with Differentially Private Access Patterns , 2018, CCS.

[34]  Giovanni Russello,et al.  Privacy-preserving Searchable Databases with Controllable Leakage , 2019, ArXiv.

[35]  Yanbin Lu,et al.  Privacy-preserving Logarithmic-time Search on Encrypted Data in Cloud , 2012, NDSS.

[36]  Lorenzo Alvisi,et al.  Obladi: Oblivious Serializable Transactions in the Cloud , 2018, OSDI.

[37]  Adam O'Neill,et al.  Accessing Data while Preserving Privacy , 2017, ArXiv.

[38]  Marie-Sarah Lacharité,et al.  Pump up the Volume: Practical Database Reconstruction from Volume Leakage on Range Queries , 2018, CCS.

[39]  Hugo Krawczyk,et al.  Dynamic Searchable Encryption in Very-Large Databases: Data Structures and Implementation , 2014, NDSS.

[40]  Michael K. Reiter,et al.  Differentially Private Access Patterns for Searchable Symmetric Encryption , 2018, IEEE INFOCOM 2018 - IEEE Conference on Computer Communications.

[41]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[42]  Hari Balakrishnan,et al.  CryptDB: processing queries on an encrypted database , 2012, CACM.

[43]  Elaine Shi,et al.  Predicate Privacy in Encryption Systems , 2009, IACR Cryptol. ePrint Arch..

[44]  Marie-Sarah Lacharité,et al.  Learning to Reconstruct: Statistical Learning Theory and Encrypted Database Attacks , 2019, 2019 IEEE Symposium on Security and Privacy (SP).

[45]  Chinya V. Ravishankar,et al.  Compromising privacy in precise query protocols , 2013, EDBT '13.

[46]  Aaron Roth,et al.  The Algorithmic Foundations of Differential Privacy , 2014, Found. Trends Theor. Comput. Sci..

[47]  David Cash,et al.  Leakage-Abuse Attacks Against Searchable Encryption , 2015, IACR Cryptol. ePrint Arch..

[48]  Bogdan Warinschi,et al.  Encrypted Databases: New Volume Attacks against Range Queries , 2019, IACR Cryptol. ePrint Arch..

[49]  Nathan Chenette,et al.  Order-Preserving Encryption Revisited: Improved Security Analysis and Alternative Solutions , 2011, CRYPTO.

[50]  Brice Minaud,et al.  Forward and Backward Private Searchable Encryption from Constrained Cryptographic Primitives , 2017, CCS.

[51]  Rafail Ostrovsky,et al.  Private Large-Scale Databases with Distributed Searchable Symmetric Encryption , 2016, CT-RSA.

[52]  Adam O'Neill,et al.  Generic Attacks on Secure Outsourced Databases , 2016, CCS.

[53]  Pramod Viswanath,et al.  The Composition Theorem for Differential Privacy , 2013, IEEE Transactions on Information Theory.

[54]  Nathan Chenette,et al.  Order-Preserving Symmetric Encryption , 2009, IACR Cryptol. ePrint Arch..

[55]  Ashwin Machanavajjhala,et al.  PrivateSQL: A Differentially Private SQL Query Engine , 2019, Proc. VLDB Endow..

[56]  Guoliang Li,et al.  ServeDB: Secure, Verifiable, and Efficient Range Queries on Outsourced Database , 2019, 2019 IEEE 35th International Conference on Data Engineering (ICDE).

[57]  Rishabh Poddar,et al.  Arx: A Strongly Encrypted Database System , 2016, IACR Cryptol. ePrint Arch..

[58]  Gene Tsudik,et al.  A Privacy-Preserving Index for Range Queries , 2004, VLDB.

[59]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: improved definitions and efficient constructions , 2006, CCS '06.

[60]  Seny Kamara,et al.  SQL on Structurally-Encrypted Databases , 2018, IACR Cryptol. ePrint Arch..

[61]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[62]  Somesh Jha,et al.  Cryptϵ: Crypto-Assisted Differential Privacy on Untrusted Servers , 2020, SIGMOD Conference.

[63]  Ioannis Demertzis,et al.  SEAL: Attack Mitigation for Encrypted Databases via Adjustable Leakage , 2019, IACR Cryptol. ePrint Arch..

[64]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[65]  Prateek Mittal,et al.  Differentially Private Oblivious RAM , 2016, Proc. Priv. Enhancing Technol..

[66]  Mihir Bellare,et al.  Deterministic and Efficiently Searchable Encryption , 2007, CRYPTO.

[67]  Ahmad-Reza Sadeghi,et al.  HardIDX: Practical and Secure Index with SGX , 2017, DBSec.

[68]  Ashwin Machanavajjhala,et al.  Pufferfish , 2014, ACM Trans. Database Syst..

[69]  Roberto Tamassia,et al.  Full Database Reconstruction with Access and Search Pattern Leakage , 2019, IACR Cryptol. ePrint Arch..

[70]  Moni Naor,et al.  Differential privacy under continual observation , 2010, STOC '10.

[71]  Matei Zaharia,et al.  ObliDB: Oblivious Query Processing using Hardware Enclaves , 2017 .

[72]  Elaine Shi,et al.  Practical Dynamic Searchable Encryption with Small Leakage , 2014, NDSS.

[73]  Seny Kamara,et al.  Revisiting Leakage Abuse Attacks , 2019, IACR Cryptol. ePrint Arch..

[74]  Ron Steinfeld,et al.  Practical Backward-Secure Searchable Encryption from Symmetric Puncturable Encryption , 2018, CCS.

[75]  Kevin A. Lai,et al.  Differential Privacy for Growing Databases , 2018, NeurIPS.

[76]  Hao Chen,et al.  Simple Encrypted Arithmetic Library v2.3.0 , 2017 .

[77]  Charalampos Papamanthou,et al.  Dynamic searchable symmetric encryption , 2012, IACR Cryptol. ePrint Arch..

[78]  Elisa Bertino,et al.  Privacy-Preserving Complex Query Evaluation over Semantically Secure Encrypted Data , 2014, ESORICS.

[79]  Seny Kamara,et al.  Forward and Backward Private Searchable Encryption with SGX , 2019, EuroSec@EuroSys.

[80]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[81]  Maurice Herlihy,et al.  Encrypted Databases for Differential Privacy , 2019, IACR Cryptol. ePrint Arch..

[82]  S. Rajsbaum Foundations of Cryptography , 2014 .

[83]  Alexey Gribov,et al.  StealthDB: a Scalable Encrypted Database with Full SQL Query Support , 2017, Proc. Priv. Enhancing Technol..

[84]  Michael K. Reiter,et al.  Statistical Privacy for Streaming Traffic , 2019, NDSS.

[85]  Cynthia Dwork,et al.  Differential privacy in new settings , 2010, SODA '10.

[86]  Seny Kamara,et al.  Computationally Volume-Hiding Structured Encryption , 2019, EUROCRYPT.