Privacy-Preserving Queries on Encrypted Data

  • Zhiqiang Yang
  • Sheng Zhong
  • Rebecca N. Wright
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4189)


Data confidentiality is a major concern in database systems. Encryption is a useful tool for protecting the confidentiality of sensitive data. However, when data is encrypted, performing queries becomes more challenging. In this paper, we study efficient and provably secure methods for queries on encrypted data stored in an outsourced database that may be susceptible to compromise. Specifically, we show that, in our system, even if an intruder breaks into the database and observes some interactions between the database and its users, he only learns very little about the data stored in the database and the queries performed on the data.

Our work consists of several components. First, we consider databases in which each attribute has a finite domain and give a basic solution for certain kinds of queries on such databases. Then, we present two enhanced solutions, one with a stronger security guarantee and the other with accelerated queries. In addition to providing proofs of our security guarantees, we provide empirical performance evaluations. Our experiments demonstrate that our solutions are fast on large-sized real data.


Basic Solution Block Cipher Sensitive Data Query Time Database Server 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Oracle Corporation. Database Encryption in Oracle9i (2001)Google Scholar
  2. 2.
    IBM Data Encryption for IMS and DB2 Databases, Version 1.1 (2003)Google Scholar
  3. 3.
    Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Hippocratic databases. In: VLDB (2002)Google Scholar
  4. 4.
    Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: SIGMOD (2004)Google Scholar
  5. 5.
    Blake, C., Merz, C.: UCI repository (1998)Google Scholar
  6. 6.
    Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  7. 7.
    Bouganim, L., Pucheral, P.: Chip-secured data access: Confidential data on untrusted servers. In: VLDB (2002)Google Scholar
  8. 8.
    Cachin, C., Micali, S., Stadler, M.A.: Computationally private information retrieval with polylogarithmic communication. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, p. 402. Springer, Heidelberg (1999)Google Scholar
  9. 9.
    Chang, Y.-C., Mitzenmacher, M.: Privacy preserving keyword searches on remote encrypted data. Cryptology ePrint Archive: 2004/051 (2004), available at:
  10. 10.
    Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private information retrieval. In: FOCS (1995)Google Scholar
  11. 11.
    Damiani, E., De Capitani Vimercati, S., Jajodia, S., Paraboschi, S., Samarati, P.: Balancing confidentiality and efficiency in untrusted relational dbmss. In: CCS (2003)Google Scholar
  12. 12.
    Dash, E.: Lost credit data improperly kept, company admits. New York Times (June 20, 2005)Google Scholar
  13. 13.
    Davida, G.I., Wells, D.L., Kam, J.B.: A database encryption system with subkeys. ACM TODS 6(2), 312–328 (1981)CrossRefMathSciNetGoogle Scholar
  14. 14.
    Feigenbaum, J., Liberman, M.Y., Wright, R.N.: Cryptographic protection of databases and software. In: DIMACS Workshop on Distributed Computing and Cryptography (1990)Google Scholar
  15. 15.
    Goh, E.: Secure indexes. Cryptology ePrint Archive, Report, 2003/216,
  16. 16.
    Goldreich, O.: Foundations of Cryptography, vol. 1. Cambridge University Press, Cambridge (2001)MATHCrossRefGoogle Scholar
  17. 17.
    Goldreich, O.: Foundations of Cryptography, vol. 2. Cambridge University Press, Cambridge (2004)MATHCrossRefGoogle Scholar
  18. 18.
    Goldwasser, S., Bellare, M.: Lecture notes on cryptography. Summer Course Lecture Notes at MIT (1999)Google Scholar
  19. 19.
    Hacigumus, H., Iyer, B.R., Li, C., Mehrotra, S.: Executing SQL over encrypted data in the database-service-provider model. In: SIGMOD (2002)Google Scholar
  20. 20.
    Hacigumus, H., Iyer, B.R., Mehrotra, S.: Providing database as a service. In: ICDE (2002)Google Scholar
  21. 21.
    Hacıgümüş, H., Iyer, B.R., Mehrotra, S.: Efficient execution of aggregation queries over encrypted relational databases. In: Lee, Y., Li, J., Whang, K.-Y., Lee, D. (eds.) DASFAA 2004. LNCS, vol. 2973, pp. 125–136. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  22. 22.
    He, J., Wang, J.: Cryptography and relational database management systems. In: Int. Database Engineering and Application Symposium (2001)Google Scholar
  23. 23.
    Hore, B., Mehrotra, S., Tsudik, G.: A privacy-preserving index for range queries. In: VLDB (2004)Google Scholar
  24. 24.
    Iyer, B., Mehrotra, S., Mykletun, E., Tsudik, G., Wu, Y.: A framework for efficient storage security in RDBMS. In: Bertino, E., Christodoulakis, S., Plexousakis, D., Christophides, V., Koubarakis, M., Böhm, K., Ferrari, E. (eds.) EDBT 2004. LNCS, vol. 2992, pp. 147–164. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  25. 25.
    Karlsson, J.: Using encryption for secure data storage in mobile database systems. Friedrich-Schiller-Universitat Jena (2002)Google Scholar
  26. 26.
    Kushilevitz, E., Ostrovsky, R.: Replication is not needed: Single database computationally-private information retrieval. In: FOCS (1997)Google Scholar
  27. 27.
    Ozsoyoglu, G., Singer, D., Chung, S.: Anti-tamper databases: Querying encrypted databases. In: Proc. of the 17th Annual IFIP WG 11.3 Working Conference on Database and Applications Security (2003)Google Scholar
  28. 28.
    Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: IEEE Symposium on Security and Privacy (2000)Google Scholar
  29. 29.
    Stout, D.: Veterans chief voices anger on data theft. New York Times (May 25, 2006)Google Scholar
  30. 30.
    Vingralek, R.: A small-footprint, secure database system. In: VLDB (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Zhiqiang Yang
    • 1
  • Sheng Zhong
    • 2
  • Rebecca N. Wright
    • 1
  1. 1.Computer Science DepartmentStevens Institute of TechnologyHobokenUSA
  2. 2.Computer Science and Engineering DepartmentSUNY BuffaloAmherstUSA

Personalised recommendations