Skip to main content
SpringerLink
Log in
Book cover

International Symposium on Privacy Enhancing Technologies Symposium

PETS 2012: Privacy Enhancing Technologies pp 180–200Cite as

PRISM – Privacy-Preserving Search in MapReduce

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7384))

Abstract

We present PRISM, a privacy-preserving scheme for word search in cloud computing. In the face of a curious cloud provider, the main challenge is to design a scheme that achieves privacy while preserving the efficiency of cloud computing. Solutions from related research, like encrypted keyword search or Private Information Retrieval (PIR), fall short of meeting real-world cloud requirements and are impractical. PRISM ’s idea is to transform the problem of word search into a set of parallel instances of PIR on small datasets. Each PIR instance on a small dataset is efficiently solved by a node in the cloud during the “Map” phase of MapReduce. Outcomes of map computations are then aggregated during the “Reduce” phase. Due to the linearity of PRISM, the simple aggregation of map results yields the final output of the word search operation. We have implemented PRISM on Hadoop MapReduce and evaluated its efficiency using real-world DNS logs. PRISM’s overhead over non-private search is only 11%. Thus, PRISM offers privacy-preserving search that meets cloud computing efficiency requirements. Moreover, PRISM is compatible with standard MapReduce, not requiring any change to the interface or infrastructure.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. PRISM source code (2012), http://www.ccs.neu.edu/~blass/prism.tgz

  2. Amazon. Elastic mapreduce (2010), http://aws.amazon.com/elasticmapreduce/

  3. Apache. Hadoop (2010), http://hadoop.apache.org/

  4. Bellovin, S.M., Cheswick, W.R.: Privacy-enhanced searches using encrypted Bloom filters (2007), http://mice.cs.columbia.edu/getTechreport.php?techreportID=483

  5. Bilge, L., Kirda, E., Krügel, C., Balduzzi, M.: Exposure: Finding malicious domains using passive dns analysis. In: Proceedings of 18th Annual Network and Distributed System Security Symposium, San Diego, USA, pp. 195–211 (2011) ISBN 1891562320

    Google Scholar 

  6. Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public Key Encryption with Keyword Search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  7. Boneh, D., Kushilevitz, E., Ostrovsky, R., Skeith III, W.E.: Public Key Encryption That Allows PIR Queries. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 50–67. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  8. Brassard, G., Crépeau, C., Robert, J.M.: All-or-Nothing Disclosure of Secrets. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 234–238. Springer, Heidelberg (1987)

    Google Scholar 

  9. Cachin, C., Micali, S., Stadler, M.A.: Computationally Private Information Retrieval with Polylogarithmic Communication. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 402–412. Springer, Heidelberg (1999)

    Google Scholar 

  10. Chang, Y.-C., Mitzenmacher, M.: Privacy Preserving Keyword Searches on Remote Encrypted Data. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 442–455. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  11. Chief Information Officer’s Council. Proposed security assessment & authorization for U.S. government cloud computing (2010), http://www.digitalgovernment.com/media/Knowledge-Centers/asset_upload_file652_2491.pdf

  12. Chief Information Officer’s Council. Privacy recommendations for the use of cloud computing by federal departments and agencies (2010), http://www.cio.gov/

  13. Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private information retrieval. In: Proceedings of Symposium on Foundations of Computer Science, Milwaukee, USA, pp. 41–51 (1995)

    Google Scholar 

  14. Cloud Security Alliance. Security guidance for critical areas of focus in cloud computing (2009), https://cloudsecurityalliance.org/guidance/csaguide.v2.1.pdf

  15. Cloud Security Alliance. Top cloud computing threats (2010), https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf

  16. Curtmola, R., Garay, J., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. In: Proceedings of Conference on Computer and Communications Security, CCS, Alexandria, USA, pp. 79–88 (2006)

    Google Scholar 

  17. Dean, J., Ghemawat, S.: Mapreduce: Simplified data processing on large clusters. In: Proceedings of OSDI, San Francisco, USA, pp. 137–150 (2004)

    Google Scholar 

  18. EU, Eu information management instruments (2010), http://europa.eu/

  19. Gertner, Y., Ishai, Y., Kushilevitz, E.: Protecting data privacy in private information retrieval. In: Proceedings of Symposium on Theory of Computing, Dallas, USA, pp. 151–160 (1998) ISBN 0-89791-962-9

    Google Scholar 

  20. GNU, The gnu crypto project (2011), http://www.gnu.org/software/

  21. Goh, E.-J.: Secure indexes. Cryptology ePrint Archive Report 2003/216 (2003), http://eprint.iacr.org/2003/216

  22. Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious ram. Journal of the ACM 45, 431–473 (1996) ISSN 0004-5411

    Article  MathSciNet  Google Scholar 

  23. Goldwasser, S., Micali, S.: Probabilistic encryption. Journal of Computer and System Sciences 28(2), 270–299 (1984) ISSN 0022-0000

    Article  MathSciNet  MATH  Google Scholar 

  24. Google. Google apps for government (2010), http://googleenterprise.blogspot.com/2010/07/google-apps-for-government.html

  25. Hadoop. Powered by hadoop, list of applications using hadoop mapreduce (2011), http://wiki.apache.org/hadoop/PoweredBy

  26. Hall, C., Goldberg, I., Schneier, B.: Reaction Attacks against Several Public-Key Cryptosystem. In: Varadharajan, V., Mu, Y. (eds.) ICICS 1999. LNCS, vol. 1726, pp. 2–12. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  27. Jian, D., Ooi, B.C., Shi, L., Wu, S.: The performance of mapreduce: An in-depth study. Proceedings of the VLDB Endowment 3(1), 472–483 (2010)

    Google Scholar 

  28. Katz, J., Lindell, Y.: Introduction to modern cryptography. Chapman & Hall/CRC (2008) ISBN 978-1-58488-551-1

    Google Scholar 

  29. Kushilevitz, E., Ostrovsky, R.: Replication is not needed: single database, computationally-private information retrieval. In: Proceedings of Symposium on Foundations of Computer Science, Miami Beach, USA, pp. 364–373 (1997)

    Google Scholar 

  30. McCullagh, D.: Fbi wants records kept of web sites visited (2010), http://news.cnet.com/8301-13578_3-10448060-38.html

  31. Ogata, W., Kurosawa, K.: Oblivious keyword search. Journal of Complexity – Special Issue on Coding and Cryptography 20, 356–371 (2004) ISSN 0885-064X

    MathSciNet  MATH  Google Scholar 

  32. Ostrovsky, R., Skeith III, W.E.: Private Searching on Streaming Data. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 223–240. Springer, Heidelberg (2005)

    Google Scholar 

  33. Ostrovsky, R., Skeith III, W.E.: A Survey of Single-Database Private Information Retrieval: Techniques and Applications. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 393–411. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  34. Pavlo, A., Paulson, E., Rasin, A., Abadi, D.J., DeWitt, D.J., Madden, S., Stonebraker, M.: A comparison of approaches to large-scale data analysis. In: Proceedings of International Conference on Management of Data, Rhode Island, USA, pp. 165–178 (2009)

    Google Scholar 

  35. Sion, R., Carbunar, B.: On the computational practicality of private information retrieval. In: Proceedings of Network and Distributed Systems Security Symposium, San Diego, USA, pp. 1–10 (2007)

    Google Scholar 

  36. Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: Proceedings of Symposium on Security and Privacy, Berkeley, USA, pp. 44–55 (2000)

    Google Scholar 

  37. Trostle, J., Parrish, A.: Efficient Computationally Private Information Retrieval from Anonymity or Trapdoor Groups. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 114–128. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Northeastern University, Boston, MA, USA

    Erik-Oliver Blass

  2. Università di Roma Tre, Rome, Italy

    Roberto Di Pietro

  3. EURECOM, Sophia Antipolis, France

    Refik Molva & Melek Önen

Authors
  1. Erik-Oliver Blass
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Roberto Di Pietro
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Refik Molva
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Melek Önen
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Karlstad University, Universitetsgatan 2, 65188, Karlstad, Sweden

    Simone Fischer-Hübner

  2. Department of Computer Science and Engineering, University of Texas at Arlington, 500 UTA Blvd., 76019, Arlington, TX, USA

    Matthew Wright

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Blass, EO., Di Pietro, R., Molva, R., Önen, M. (2012). PRISM – Privacy-Preserving Search in MapReduce. In: Fischer-Hübner, S., Wright, M. (eds) Privacy Enhancing Technologies. PETS 2012. Lecture Notes in Computer Science, vol 7384. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-31680-7_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-31680-7_10

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-31679-1

  • Online ISBN: 978-3-642-31680-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation