Advertisement

Dynamic searchable symmetric encryption for storing geospatial data in the cloud

  • Benedikt Hiemenz
  • Michel Krämer
Regular Contribution
  • 88 Downloads

Abstract

We present a dynamic searchable symmetric encryption scheme allowing users to securely store geospatial data in the cloud. Geospatial data sets often contain sensitive information, for example, about urban infrastructures. Since clouds are usually provided by third parties, these data need to be protected. Our approach allows users to encrypt their data in the cloud and make them searchable at the same time. It does not require an initialization phase, which enables users to dynamically add new data and remove existing records. We design multiple protocols differing in their level of security and performance, respectively. All of them support queries containing boolean expressions, as well as geospatial queries based on bounding boxes, for example. Our findings indicate that although the search in encrypted data requires more runtime than in unencrypted data, our approach is still suitable for real-world applications. We focus on geospatial data storage, but our approach can also be applied to applications from other areas dealing with keyword-based searches in encrypted data. We conclude the paper with a discussion on the benefits and drawbacks of our approach.

Keywords

Cryptography Private information retrieval Geographic information systems Cloud computing 

Notes

Acknowledgements

We would like to thank Ralf Gutbell for his thorough review and the valuable input.

References

  1. 1.
    Cash, D., Jarecki, S., Jutla, C., Krawczyk, H., Roşu, M.C., Steiner, M.: Highly-Scalable Searchable Symmetric Encryption with Support for Boolean Queries, pp. 353–373. Springer, Berlin (2013).  https://doi.org/10.1007/978-3-642-40041-4_20 zbMATHGoogle Scholar
  2. 2.
    Cash, D., Jaeger, J., Jarecki, S., Jutla, C.S., Krawczyk, H., Roşu, M.C., Steiner, M.: Dynamic searchable encryption in very-large databases: data structures and implementation. In: 21st Annual Network and Distributed System Security Symposium, NDSS 2014, San Diego, California, USA, February 23–26 (2014)Google Scholar
  3. 3.
    CryptDB. http://css.csail.mit.edu/cryptdb/. Accessed 30 Jan 2017 (Online) (2015)
  4. 4.
    Elasticsearch. https://www.elastic.co/products/elasticsearch. Accessed 23 Jan 2017 (Online) (2017)
  5. 5.
    European Union: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)—OJ L 119 (EN), p. 8. Article 45 (2016)Google Scholar
  6. 6.
    Faber, S., Jarecki, S., Krawczyk, H., Nguyen, Q., Rosu, M., Steiner, M.: Rich Queries on Encrypted Data: Beyond Exact Matches, pp. 123–145. Springer, Berlin (2015).  https://doi.org/10.1007/978-3-319-24177-7_7 Google Scholar
  7. 7.
    Gentry, C.: A fully homomorphic encryption scheme. PhD thesis, Stanford University (2009)Google Scholar
  8. 8.
    GeoRocket Website. http://georocket.io. Accessed 10 Jan 2017 (Online) (2017)
  9. 9.
    Goldreich, O.: Towards a theory of software protection and simulation by oblivious RAMs. In: Proceedings of the 19th ACM Symposium on Theory of Computing, ACM, New York, NY, USA, STOC ’87, pp. 182–194.  https://doi.org/10.1145/28395.28416 (1987)
  10. 10.
    Hahn, F., Kerschbaum, F.: Searchable encryption with secure and efficient updates. In: Proceedings of the 21st ACM SIGSAC Conference on Computer and Communications Security, ACM, New York, NY, USA, CCS ’14, pp. 310–320.  https://doi.org/10.1145/2660267.2660297 (2014)
  11. 11.
    Kamara, S., Papamanthou, C.: Parallel and Dynamic Searchable Symmetric Encryption, pp. 258–274. Springer, Berlin (2013).  https://doi.org/10.1007/978-3-642-39884-1_22 Google Scholar
  12. 12.
    Kamara, S., Papamanthou, C., Roeder, T.: Dynamic searchable symmetric encryption. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, ACM, New York, NY, USA, CCS ’12, pp. 965–976.  https://doi.org/10.1145/2382196.2382298 (2012)
  13. 13.
    Leach, P., Mealling, M., Salz, R.: RFC 4122: A Universally Unique IDentifier (UUID) URN Namespace (2005)Google Scholar
  14. 14.
    Ostrovsky, R.: Software protection and simulation on oblivious RAMs. PhD thesis, Massachusetts Institute of Technology (MIT) (1992)Google Scholar
  15. 15.
    Rotterdam Open Data Store - Rotterdam 3D. http://rotterdamopendata.nl/dataset/rotterdam-3d-bestanden. Accessed 10 Jan 2017 (Online) (2014)
  16. 16.
    Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: Proceedings of the 2000 IEEE Symposium on Security and Privacy. IEEE Computer Society, Washington, DC, USA, SP ’00, pp. 44–55 (2000)Google Scholar
  17. 17.
    Stefanov, E., Papamanthou, C., Shi, E.: Practical dynamic searchable encryption with small leakage. In: Network and Distributed System Security (NDSS) Symposium, vol. 71, pp. 72–75 (2014)Google Scholar
  18. 18.
    Yao, A.C.: Protocols for secure computations. In: Proceedings of the 23rd Annual Symposium on Foundations of Computer Science, IEEE Computer Society, Washington, DC, USA, SFCS ’82, pp. 160–164.  https://doi.org/10.1109/SFCS.1982.88 (1982)
  19. 19.
    Yavuz, A.A., Guajardo, J.: Dynamic Searchable Symmetric Encryption with Minimal Leakage and Efficient Updates on Commodity Hardware, pp. 241–259. Springer, Berlin (2015).  https://doi.org/10.1007/978-3-319-31301-6_15 zbMATHGoogle Scholar

Copyright information

© Springer-Verlag GmbH Germany, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Technische Universität DarmstadtDarmstadtGermany
  2. 2.Fraunhofer Institute for Computer Graphics Research IGDDarmstadtGermany

Personalised recommendations