Abstract
The benefits of data outsourcing continue to grow, however owners of sensitive data cannot take full advantage due to its risk profile. Encrypted query processing promises to change this situation and allow data owners to securely outsource their sensitive data: data is encrypted, installed in a database on a remote (e.g., cloud) server, and standard queries are processed against the remote encrypted data. Correct query answers are returned without ever exposing plaintexts or decryption keys at the server. This chapter addresses three key challenges to realizing, as a practical option, the promise of encrypted query processing: handling query operations which cannot execute in ciphertext, implementing a working system, and achieving acceptable query performance.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
ACM, Test of time award, www.sigmod.org/2012/awards_sigmod.shtml, 2012.
Rakesh Agrawal, Jerry Kiernan, Ramakrishnan Srikant, and Yirong Xu, Order preserving encryption for numeric data, Proceedings of the 2004 ACM SIGMOD international conference on Management of data (New York, NY, USA), SIGMOD ’04, ACM, 2004, pp. 563–574.
Alexandra Boldyreva, Nathan Chenette, Younho Lee, and Adam O’Neill, Order-preserving symmetric encryption, Advances in Cryptology – EUROCRYPT 2009 (Antoine Joux, ed.), Lecture Notes in Computer Science, vol. 5479, Springer Berlin Heidelberg, 2009, pp. 224–241.
DARPA, The darpa program for programming comuptation on encrypted data (proceed), http://www.darpa.mil/Our_Work/I2O/Programs/, 2013.
Caroline Fontaine and Fabien Galand, A survey of homomorphic encryption for nonspecialists, EURASIP Journal on Information Security 1 (2007).
Craig Gentry, A fully homomorphic encryption scheme, Ph.D. thesis, Stanford University, 2009.
Craig Gentry and Shai Halevi, Implementing gentry’s fully-homomorphic encryption scheme, Advances in Cryptology – EUROCRYPT 2011 (KennethG. Paterson, ed.), Lecture Notes in Computer Science, vol. 6632, Springer Berlin Heidelberg, 2011, pp. 129–148.
Hakan Hacigümüş, Bala Iyer, Chen Li, and Sharad Mehrotra, Executing sql over encrypted data in the database-service-provider model, Proceedings of ACM SIGMOD (New York, NY, USA), SIGMOD ’02, ACM, 2002, pp. 216–227.
IBM, Ibm homomorphic encryption library project on github, https://github.com/shaih/HElib, 2013.
Intel, Intel advanced encryption standard instructions (aes-ni), http://software.intel.com /en-us/articles/intel-advanced-encryption-standard-instructions-aes-ni/, 2011.
Witold Litwin, Sushil Jajodia, and Thomas Schwarz, Privacy of data outsourced to a cloud for selected readers through client-side encryption, Proceedings of the 10th annual ACM workshop on Privacy in the electronic society (New York, NY, USA), WPES ’11, ACM, 2011, pp. 171–176.
A.J. Menezes, P.C. van Oorschot, and S.A. Vanstone, Handbook of applied cryptography, Discrete Mathematics and Its Applications, Taylor & Francis, 2010.
Michael Naehrig, Kristin Lauter, and Vinod Vaikuntanathan, Can homomorphic encryption be practical?, Proceedings of the 3rd ACM workshop on Cloud computing security workshop (New York, NY, USA), ACM, 2011, pp. 113–124.
Oracle, Oracle advanced security transparent data encryption best practices, http://www.oracle.com/technetwork/database/security/twp-transparent-data-encryption-bes-130696.pdf, March 2012.
Pascal Paillier, Public-key cryptosystems based on composite degree residuosity classes, Advances in Cryptology (EUROCRYPT ’99), Lecture Notes in Computer Science 1592 (1999), 223–238.
Raluca Ada Popa, Catherine M. S. Redfield, Nickolai Zeldovich, and Hari Balakrishnan, Cryptdb: protecting confidentiality with encrypted query processing, Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles (New York, NY, USA), SOSP ’11, ACM, 2011, pp. 85–100.
Reuters, German state ready to buy stolen bank data source, blogs.reuters.com/financial-regulatory-forum/2010/02/04/german-state-ready-to-buy-stolen-bank-data-source/, 2010.
Amazon Web Services, products page, aws.amazon.com/products, 2013.
N.P. Smart and F. Vercauteren, Fully homomorphic simd operations, Designs, Codes and Cryptography (2012), 1–25.
Ken Smith, Ameet Kini, William Wang, Chris Wolf, M. David Allen, and Andrew Sillers, Intuitive interaction with encrypted query execution in datastorm, 2012 IEEE 28th International Conference on Data Engineering (ICDE), April 2012, pp. 1333 –1336.
Colin Tankard, Advanced persistent threats and how to monitor and deter them, Network Security 2011 (2011), no. 8, 16 – 19.
Yinqian Zhang, Ari Juels, Michael K. Reiter, and Thomas Ristenpart, Cross-vm side channels and their use to extract private keys, Proceedings of the 2012 ACM conference on Computer and communications security (New York, NY, USA), ACM, 2012, pp. 305–316.
Acknowledgements
If you want to include acknowledgments of assistance and the like at the end of an individual chapter please use the acknowledgement environment – it will automatically render Springer’s preferred layout.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer Science+Business Media New York
About this chapter
Cite this chapter
Smith, K., Allen, M.D., Lan, H., Sillers, A. (2014). Making Query Execution Over Encrypted Data Practical. In: Jajodia, S., Kant, K., Samarati, P., Singhal, A., Swarup, V., Wang, C. (eds) Secure Cloud Computing. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-9278-8_8
Download citation
DOI: https://doi.org/10.1007/978-1-4614-9278-8_8
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4614-9277-1
Online ISBN: 978-1-4614-9278-8
eBook Packages: Computer ScienceComputer Science (R0)