Advertisement

An Encrypted In-Memory Column-Store: The Onion Selection Problem

  • Florian Kerschbaum
  • Martin Härterich
  • Mathias Kohler
  • Isabelle Hang
  • Andreas Schaad
  • Axel Schröpfer
  • Walter Tighzert
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8303)

Abstract

Processing encrypted queries in the cloud has been extended by CryptDB’s approach of adjustable onion encryption. This adjustment of the encryption entails a translation of an SQL query to an equivalent query on encrypted data. We investigate in more detail this translation and in particular the problem of selecting the right onion layer. Our algorithm extends CryptDB’s approach by three new functions: configurable onions, local execution and searchable encryption. We have evaluated our new algorithm in a prototypical implementation in an in-memory column store database system.

Keywords

Encryption Scheme Range Query Encrypt Data Homomorphic Encryption Database Operator 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of the ACM International Conference on Management of Data (SIGMOD) (2004)Google Scholar
  2. 2.
    Bellare, M., Boldyreva, A., O’Neill, A.: Deterministic and efficiently searchable encryption. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 535–552. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  3. 3.
    Blaze, M., Bleumer, G., Strauss, M.J.: Divertible protocols and atomic proxy cryptography. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 127–144. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  4. 4.
    Boldyreva, A., Chenette, N., Lee, Y., O’Neill, A.: Order-preserving symmetric encryption. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 224–241. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  5. 5.
    Boldyreva, A., Chenette, N., O’Neill, A.: Order-preserving encryption revisited: improved security analysis and alternative solutions. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 578–595. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  6. 6.
    Curtmola, R., Garay, J., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. In: Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS) (2006)Google Scholar
  7. 7.
    Färber, F., May, N., Lehner, W., Groe, P., Müller, I., Rauhe, H., Dees, J.: The SAP HANA database – an architecture overview. IEEE Data Engineering Bulletin 35(1) (2012)Google Scholar
  8. 8.
    Goldwasser, S., Micali, S.: Probabilistic encryption. Journal of Computer and Systems Sciences 28(2) (1984)Google Scholar
  9. 9.
    Hacigümüs, H., Iyer, B., Li, C., Mehrotra, S.: Executing SQL over encrypted data in the database-service-provider model. In: Proceedings of the ACM International Conference on Management of Data (SIGMOD) (2002)Google Scholar
  10. 10.
    Hacigümüs, H., Iyer, B., Mehrotra, S.: Providing database as a service. In: Proceedings of the 18th IEEE International Conference on Data Engineering (ICDE) (2002)Google Scholar
  11. 11.
    Islam, M., Kuzu, M., Kantarcioglu, M.: Access pattern disclosure on searchable encryption: ramification, attack and mitigation. In: Proceedings of the 19th Network and Distributed System Security Symposium (NDSS) (2012)Google Scholar
  12. 12.
    Kamara, S., Papamanthou, C., Roeder, T.: Dynamic searchable symmetric encryption. In: Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS) (2012)Google Scholar
  13. 13.
    Kerschbaum, F.: Building a privacy-preserving benchmarking enterprise system. Enterprise Information Systems 2(4) (2008)Google Scholar
  14. 14.
    Kerschbaum, F.: Automatically optimizing secure computation. In: Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS) (2011)Google Scholar
  15. 15.
    Kerschbaum, F., Grofig, P., Hang, I., Härterich, M., Kohler, M., Schaad, A., Schröpfer, A., Tighzert, W.: Demo: Adjustably encrypted in-memory column-store. In: Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS) (2013)Google Scholar
  16. 16.
    Kerschbaum, F., Härterich, M., Grofig, P., Kohler, M., Schaad, A., Schröpfer, A., Tighzert, W.: Optimal re-encryption strategy for joins in encrypted databases. In: Wang, L., Shafiq, B. (eds.) DBSec 2013. LNCS, vol. 7964, pp. 195–210. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  17. 17.
    Kerschbaum, F., Terzidis, O.: Filtering for private collaborative benchmarking. In: Müller, G. (ed.) ETRICS 2006. LNCS, vol. 3995, pp. 409–422. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  18. 18.
    Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  19. 19.
    Pibernik, R., Zhang, Y., Kerschbaum, F., Schröpfer, A.: Secure collaborative supply chain planning and inverse optimization-the jels model. European Journal of Operational Research 208(1) (2011)Google Scholar
  20. 20.
    Pohlig, S., Hellman, M.: An improved algorithm for computing logarithms over GF(p) and its cryptographic significance. IEEE Transactions on Information Theory 24 (1978)Google Scholar
  21. 21.
    Popa, R., Li, F., Zeldovich, N.: An ideal-security protocol for order-preserving encoding. In: Proceedings of the 34th IEEE Symposium on Security and Privacy (SP) (2013)Google Scholar
  22. 22.
    Popa, R., Redfield, C., Zeldovich, N., Balakrishnan, H.: CryptDB: Protecting confidentiality with encrypted query processing. In: Proceedings of the 23rd ACM Symposium on Operating Systems Principles (SOSP) (2011)Google Scholar
  23. 23.
    Shi, E., Bethencourt, J., Chan, H., Song, D., Perrig, A.: Multi-dimensional range query over encrypted data. In: Proceedings of the 28th IEEE Symposium on Security and Privacy (SP) (2007)Google Scholar
  24. 24.
    Song, D., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: Proceedings of the 21st IEEE Symposium on Security and Privacy, SP (2000)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Florian Kerschbaum
    • 1
  • Martin Härterich
    • 1
  • Mathias Kohler
    • 1
  • Isabelle Hang
    • 1
  • Andreas Schaad
    • 1
  • Axel Schröpfer
    • 1
  • Walter Tighzert
    • 1
  1. 1.SAPKarlsruheGermany

Personalised recommendations