Abstract
We consider a data owner that outsources its dataset to an untrusted server. The owner wishes to enable the server to answer range queries on a single attribute, without compromising the privacy of the data and the queries. There are several schemes on “practical” private range search (mainly in database venues) that attempt to strike a trade-off between efficiency and security. Nevertheless, these methods either lack provable security guarantees or permit unacceptable privacy leakages. In this article, we take an interdisciplinary approach, which combines the rigor of security formulations and proofs with efficient data management techniques. We construct a wide set of novel schemes with realistic security/performance trade-offs, adopting the notion of Searchable Symmetric Encryption (SSE), primarily proposed for keyword search. We reduce range search to multi-keyword search using range-covering techniques with tree-like indexes, and formalize the problem as Range Searchable Symmetric Encryption (RSSE). We demonstrate that, given any secure SSE scheme, the challenge boils down to (i) formulating leakages that arise from the index structure and (ii) minimizing false positives incurred by some schemes under heavy data skew. We also explain an important concept in the recent SSE bibliography, namely locality, and design generic and specialized ways to attribute locality to our RSSE schemes. Moreover, we are the first to devise secure schemes for answering range aggregate queries, such as range sums and range min/max. We analytically detail the superiority of our proposals over prior work and experimentally confirm their practicality.
- Rakesh Agrawal, Jerry Kiernan, Ramakrishnan Srikant, and Yirong Xu. 2004. Order preserving encryption for numeric data. In SIGMOD. Google ScholarDigital Library
- Gilad Asharov, Moni Naor, Gil Segev, and Ido Shahaf. 2016. Searchable symmetric encryption: Optimal locality in linear space via two-dimensional balanced allocations. In STOC. Google ScholarDigital Library
- Michael A. Bender, Martín Farach-Colton, Giridhar Pemmasani, Steven Skiena, and Pavel Sumazin. 2005. Lowest common ancestors in trees and directed acyclic graphs. J. Algorithms (2005). Google ScholarDigital Library
- Guy E. Blelloch. 1990. Prefix Sums and Their Applications. Technical Report CMU-CS-90-190.Google Scholar
- Burton H. Bloom. 1970. Space/time trade-offs in hash coding with allowable errors. Commun. of the ACM (1970). Google ScholarDigital Library
- Alexandra Boldyreva, Nathan Chenette, Younho Lee, and Adam O’Neill. 2009. Order-preserving symmetric encryption. In EUROCRYPT. Google ScholarDigital Library
- Alexandra Boldyreva, Nathan Chenette, and Adam O’Neill. 2011. Order-preserving encryption revisited: Improved security analysis and alternative solutions. In CRYPTO. Google ScholarDigital Library
- Dan Boneh, Kevin Lewi, Mariana Raykova, Amit Sahai, Mark Zhandry, and Joe Zimmerman. 2015. Semantically secure order-revealing encryption: Multi-input functional encryption without obfuscation. In Annual International Conference on the Theory and Applications of Cryptographic Techniques.Google ScholarCross Ref
- Dan Boneh and Brent Waters. 2007. Conjunctive, subset, and range queries on encrypted data. In Theory of Cryptography. Springer, 535--554. Google ScholarDigital Library
- Raphael Bost. 2016. Sofos: Forward secure searchable encryption. In CCS. Google ScholarDigital Library
- David Cash, Paul Grubbs, Jason Perry, and Thomas Ristenpart. 2015. Leakage-abuse attacks against searchable encryption. In CCS. Google ScholarDigital Library
- David Cash, Joseph Jaeger, Stanislaw Jarecki, Charanjit Jutla, Hugo Krawczyk, M. Rosu, and Michael Steiner. 2014. Dynamic searchable encryption in very-large databases: Data structures and implementation. In NDSS.Google Scholar
- David Cash, Stanislaw Jarecki, Charanjit Jutla, Hugo Krawczyk, Marcel-Cătălin Roşu, and Michael Steiner. 2013. Highly-scalable searchable symmetric encryption with support for boolean queries. In CRYPTO.Google Scholar
- David Cash and Stefano Tessaro. 2014. The locality of searchable symmetric encryption. In EUROCRYPT.Google Scholar
- Yan-Cheng Chang and Michael Mitzenmacher. 2005. Privacy preserving keyword searches on remote encrypted data. In ACNS. Google ScholarDigital Library
- Melissa Chase and Seny Kamara. 2010. Structured encryption and controlled disclosure. In ASIACRYPT.Google Scholar
- Nathan Chenette, Kevin Lewi, Stephen A. Weis, and David J. Wu. 2016. Practical order-revealing encryption with limited leakage. In IACR-FSE. Google ScholarDigital Library
- Reza Curtmola, Juan Garay, Seny Kamara, and Rafail Ostrovsky. 2006. Searchable symmetric encryption: Improved definitions and efficient constructions. In CCS. Google ScholarDigital Library
- Reza Curtmola, Juan Garay, Seny Kamara, and Rafail Ostrovsky. 2011. Searchable symmetric encryption: Improved definitions and efficient constructions. J. Comput. Sec. (2011). Google ScholarDigital Library
- Jonathan L. Dautrich Jr. and Chinya V. Ravishankar. 2013. Compromising privacy in precise query protocols. In EDBT. Google ScholarDigital Library
- Ioannis Demertzis, Dimitrios Papadopoulos, and Charalampos Papamanthou. 2017. Searchable encryption with optimal locality: Achieving sublogarithmic read efficiency. arXiv Preprint (2017).Google Scholar
- Ioannis Demertzis, Stavros Papadopoulos, Odysseas Papapetrou, Antonios Deligiannakis, and Minos Garofalakis. 2016. Practical private range search revisited. In SIGMOD. Google ScholarDigital Library
- Ioannis Demertzis and Charalampos Papamanthou. 2017. Fast searchable encryption with tunable locality. In SIGMOD. Google ScholarDigital Library
- Sky Faber, Stanislaw Jarecki, Hugo Krawczyk, Quan Nguyen, Marcel Rosu, and Michael Steiner. 2015. Rich queries on encrypted data: Beyond exact matches. In ESORICS.Google Scholar
- Johannes Fischer and Volker Heun. 2006. Theoretical and practical improvements on the RMQ-problem, with applications to LCA and LCE. In CPM. Google ScholarDigital Library
- Benny Fuhry, Raad Bahmani, Ferdinand Brasser, Florian Hahn, Florian Kerschbaum, and Ahmad-Reza Sadeghi. 2017. HardIDX: Practical and secure index with SGX. arXiv Preprint (2017).Google Scholar
- Craig Gentry. 2009. A Fully Homomorphic Encryption Scheme. Ph.D. Dissertation. Stanford University. Google ScholarDigital Library
- Craig Gentry. 2010. Computing arbitrary functions of encrypted data. Commun. of the ACM (2010). Google ScholarDigital Library
- Eu-Jin Goh et al. 2003. Secure indexes. IACR Cryptology ePrint Archive (2003).Google Scholar
- Oded Goldreich. 2006. Foundations of Cryptography, Vol. 1. Cambridge University Press. Google ScholarDigital Library
- Oded Goldreich, Shafi Goldwasser, and Silvio Micali. 1986. How to construct random functions. J. ACM 33, 4 (1986), 792--807. Google ScholarDigital Library
- Oded Goldreich and Rafail Ostrovsky. 1996. Software protection and simulation on oblivious RAMs. J. ACM 43, 3 (1996), 431--473. Google ScholarDigital Library
- Hakan Hacigümüş, Bala Iyer, Chen Li, and Sharad Mehrotra. 2002. Executing SQL over encrypted data in the database-service-provider model. In SIGMOD. Google ScholarDigital Library
- Florian Hahn and Florian Kerschbaum. 2016. Poly-logarithmic range queries on encrypted data with small leakage. In CCS Workshop. Google ScholarDigital Library
- Bijit Hore, Sharad Mehrotra, Mustafa Canim, and Murat Kantarcioglu. 2012. Secure multidimensional range queries over outsourced data. VLDB J. (2012). Google ScholarDigital Library
- Bijit Hore, Sharad Mehrotra, and Gene Tsudik. 2004. A privacy-preserving index for range queries. In VLDB. Google ScholarDigital Library
- Caleb Horst, Ryo Kikuchi, and Keita Xagawa. 2017. Cryptanalysis of comparable encryption in SIGMOD’16. In SIGMOD. Google ScholarDigital Library
- Mohammad Saiful Islam, Mehmet Kuzu, and Murat Kantarcioglu. 2014. Inference attack against encrypted range queries on outsourced databases. In CODASPY.Google Scholar
- Seny Kamara and Tarik Moataz. 2017. Boolean searchable symmetric encryption with worst-case sub-linear complexity. In EUROCRYPT.Google Scholar
- Seny Kamara and Charalampos Papamanthou. 2013. Parallel and dynamic searchable symmetric encryption. In Financial Cryptography.Google Scholar
- Seny Kamara, Charalampos Papamanthou, and Tom Roeder. 2012. Dynamic searchable symmetric encryption. In CCS. Google ScholarDigital Library
- Panagiotis Karras, Artyom Nikitin, Muhammad Saad, Rudrika Bhatt, Denis Antyukhov, and Stratos Idreos. 2016. Adaptive indexing over encrypted numeric data. In SIGMOD. Google ScholarDigital Library
- Jonathan Katz and Yehuda Lindell. 2014. Introduction to Modern Cryptography. CRC press. Google ScholarDigital Library
- Georgios Kellaris, George Kollios, Kobbi Nissim, and Adam O’Neill. 2016. Generic attacks on secure outsourced databases. In CCS. Google ScholarDigital Library
- Georgios Kellaris, George Kollios, Kobbi Nissim, and Adam O’Neill. 2017. Accessing data while preserving privacy. arXiv Preprint (2017).Google Scholar
- Florian Kerschbaum and Axel Schroepfer. 2014. Optimal average-complexity ideal-security order-preserving encryption. In CCS. Google ScholarDigital Library
- Aggelos Kiayias, Stavros Papadopoulos, Nikos Triandopoulos, and Thomas Zacharias. 2013. Delegatable pseudorandom functions and applications. In CCS. Google ScholarDigital Library
- Andrew Lamb, Matt Fuller, Ramakrishna Varadarajan, Nga Tran, Ben Vandiver, Lyric Doshi, and Chuck Bear. 2012. The vertica analytic database: C-store 7 years later. PVLDB (2012). Google ScholarDigital Library
- Kevin Lewi and David J. Wu. 2016. Order-revealing encryption: New constructions, applications, and lower bounds. In SIGSAC. Google ScholarDigital Library
- Rui Li, Alex X. Liu, Ann L. Wang, and Bezawada Bruhadeshwar. 2014. Fast range query processing with strong privacy protection for cloud computing. PVLDB (2014). Google ScholarDigital Library
- Charalampos Mavroforakis, Nathan Chenette, Adam O’Neill, George Kollios, and Ran Canetti. 2015. Modular order-preserving encryption, revisited. In SIGMOD. Google ScholarDigital Library
- Ian Miers and Payman Mohassel. 2017. IO-DSSE: Scaling dynamic searchable encryption to millions of indexes by improving locality. In NDSS.Google Scholar
- Bongki Moon, H. v. Jagadish, Christos Faloutsos, and Joel H. Saltz. 2001. Analysis of the clustering properties of the hilbert space-filling curve. TKDE (2001). Google ScholarDigital Library
- Muhammad Naveed, Seny Kamara, and Charles V. Wright. 2015. Inference attacks on property-preserving encrypted databases. In CCS. Google ScholarDigital Library
- Muhammad Naveed, Manoj Prabhakaran, and Carl A. Gunter. 2014. Dynamic searchable encryption via blind storage. In SP. Google ScholarDigital Library
- Rafail Ostrovsky. 1990. Efficient computation on oblivious RAMs. In STOC. Google ScholarDigital Library
- Mark H. Overmars. 1983. The Design of Dynamic Data Structures. Springer Science 8 Business Media. Google ScholarDigital Library
- Raluca A. Popa, Frank H. Li, and Nickolai Zeldovich. 2013. An ideal-security protocol for order-preserving encoding. In SP. Google ScholarDigital Library
- Raluca Ada Popa, Catherine Redfield, Nickolai Zeldovich, and Hari Balakrishnan. 2011. CryptDB: Protecting confidentiality with encrypted query processing. In SOSP. Google ScholarDigital Library
- Elaine Shi, John Bethencourt, T-HH Chan, Dawn Song, and Adrian Perrig. 2007. Multi-dimensional range query over encrypted data. In SP. Google ScholarDigital Library
- Dawn Xiaoding Song, David Wagner, and Adrian Perrig. 2000. Practical techniques for searches on encrypted data. In SP.Google Scholar
- Emil Stefanov, Charalampos Papamanthou, and Elaine Shi. 2014. Practical dynamic searchable encryption with small leakage. In NDSS.Google Scholar
- Emil Stefanov and Elaine Shi. 2013. ObliviStore: High performance oblivious cloud storage. In SP. Google ScholarDigital Library
- Emil Stefanov, Elaine Shi, and Dawn Song. 2012. Towards practical oblivious RAM. NDSS (2012).Google Scholar
- Emil Stefanov, Marten Van Dijk, Elaine Shi, Christopher Fletcher, Ling Ren, Xiangyao Yu, and Srinivas Devadas. 2013. Path ORAM: An extremely simple oblivious RAM protocol. In CCS. Google ScholarDigital Library
- Stephen Tu, M. Frans Kaashoek, Samuel Madden, and Nickolai Zeldovich. 2013. Processing analytical queries over encrypted data. In PVLDB. Google ScholarDigital Library
- Peter Van Liesdonk, Saeed Sedghi, Jeroen Doumen, Pieter Hartel, and Willem Jonker. 2010. Computationally efficient searchable symmetric encryption. In SDM. Google ScholarDigital Library
- Xiao Wang, Hubert Chan, and Elaine Shi. 2015. Circuit ORAM: On tightness of the goldreich-ostrovsky lower bound. In CCS. Google ScholarDigital Library
- Yupeng Zhang, Jonathan Katz, and Charalampos Papamanthou. 2016. All your queries are belong to us: The power of file-injection attacks on searchable encryption. In USENIX Security Symposium.Google Scholar
- Wenting Zheng, Ankur Dave, Jethro G. Beekman, Raluca Ada Popa, Joseph E. Gonzalez, and Ion Stoica. 2017. Opaque: An oblivious and encrypted distributed analytics platform. In NSDI. Google ScholarDigital Library
Index Terms
- Practical Private Range Search in Depth
Recommendations
Practical Private Range Search Revisited
SIGMOD '16: Proceedings of the 2016 International Conference on Management of DataWe consider a data owner that outsources its dataset to an untrusted server. The owner wishes to enable the server to answer range queries on a single attribute, without compromising the privacy of the data and the queries. There are several schemes on "...
Dynamic Verifiable Encrypted Keyword Search
Outsourcing data storage to the cloud securely and retrieving the remote data in an efficient way is a very significant research topic, with high relevance to secure cloud deployment. With the ever growing security and privacy concerns, encrypting the ...
Practical and Secure Integrated PKE+PEKS with Keyword Privacy
ICETE 2015: Proceedings of the 12th International Joint Conference on e-Business and Telecommunications - Volume 4Public-key encryption with keyword search (PEKS) schemes are useful to delegate searching capabilities on
encrypted data to a third party, who does not hold the entire secret key, but only an appropriate token which
allows searching operations but ...
Comments