Privacy-Preserving k-Nearest Neighbour Query on Outsourced Database

Cloud computing brought a shift from the traditional client-server model to DataBase as a Service DBaaS, where the data owner outsources her database as well as the data management function to the cloud service provider. Although cloud services relieve the clients from the data management burdens, a significant concern about the data privacy remains. In this work, we focus on privacy-preserving k-nearest neighbour k-NN query, and provide the first sublinear solution with preprocessing with computational complexity $$\tilde{O}k\text {log}^4n$$ in the honest-but-curious adversarial setting. Our constructions use the data structure called kd-tree to achieve sublinear query complexity. In order to protect data access patterns, garbled circuits are used to simulate Oblivious RAM ORAM for accessing data in the kd-tree. Compared to the existing solutions, our scheme imposes little overhead on both the data owner and the querying client.

[1]  Oded Goldreich,et al.  Foundations of Cryptography: Volume 2, Basic Applications , 2004 .

[2]  Feifei Li,et al.  Secure nearest neighbor revisited , 2013, 2013 IEEE 29th International Conference on Data Engineering (ICDE).

[3]  Nikos Mamoulis,et al.  Secure kNN computation on encrypted databases , 2009, SIGMOD Conference.

[4]  Ben Riva,et al.  Salus: a system for server-aided secure function evaluation , 2012, CCS.

[5]  Ahmad-Reza Sadeghi,et al.  Twin Clouds: An Architecture for Secure Cloud Computing , 2011 .

[6]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[7]  Cong Wang,et al.  Secure and practical outsourcing of linear programming in cloud computing , 2011, 2011 Proceedings IEEE INFOCOM.

[8]  Elaine Shi,et al.  Path ORAM: an extremely simple oblivious RAM protocol , 2012, CCS.

[9]  Forest Baskett,et al.  An Algorithm for Finding Nearest Neighbors , 1975, IEEE Transactions on Computers.

[10]  Carlo Curino,et al.  Relational Cloud: a Database Service for the cloud , 2011, CIDR.

[11]  Mariana Raykova,et al.  Scaling Private Set Intersection to Billion-Element Sets , 2014, Financial Cryptography.

[12]  Kartik Nayak,et al.  Oblivious Data Structures , 2014, IACR Cryptol. ePrint Arch..

[13]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[14]  Hanan Samet,et al.  The Design and Analysis of Spatial Data Structures , 1989 .

[15]  Wei Jiang,et al.  Secure k-nearest neighbor query over encrypted data in outsourced environments , 2013, 2014 IEEE 30th International Conference on Data Engineering.

[16]  Mikhail J. Atallah,et al.  Securely outsourcing linear algebra computations , 2010, ASIACCS '10.

[17]  Jonathan Katz,et al.  Secure two-party computation in sublinear (amortized) time , 2012, CCS.

[18]  Mariana Raykova,et al.  Outsourcing Multi-Party Computation , 2011, IACR Cryptol. ePrint Arch..

[19]  Mihir Bellare,et al.  Efficient Garbling from a Fixed-Key Blockcipher , 2013, 2013 IEEE Symposium on Security and Privacy.

[20]  David A. Wagner,et al.  Cryptanalysis of an Algebraic Privacy Homomorphism , 2003, ISC.

[21]  Qiang Tang,et al.  Efficient verifiable fuzzy keyword search over encrypted data in cloud computing , 2013, Comput. Sci. Inf. Syst..

[22]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[23]  Mihir Bellare,et al.  Foundations of garbled circuits , 2012, CCS.

[24]  Patrick Traynor,et al.  Secure outsourced garbled circuit evaluation for mobile devices , 2013, J. Comput. Secur..

[25]  David Evans,et al.  Circuit Structures for Improving Efficiency of Security and Privacy Tools , 2013, 2013 IEEE Symposium on Security and Privacy.

[26]  Marcel Keller,et al.  Efficient, Oblivious Data Structures for MPC , 2014, IACR Cryptol. ePrint Arch..

[27]  Jianliang Xu,et al.  Processing private queries over untrusted data cloud through privacy homomorphism , 2011, 2011 IEEE 27th International Conference on Data Engineering.

[28]  Tsuyoshi Takagi,et al.  Secure k-NN computation on encrypted cloud data without sharing key with query users , 2013, Cloud Computing '13.

[29]  Elaine Shi,et al.  Oblivious RAM with O((logN)3) Worst-Case Cost , 2011, ASIACRYPT.

[30]  Josep Domingo-Ferrer,et al.  A Provably Secure Additive and Multiplicative Privacy Homomorphism , 2002, ISC.