Skip to main content

Geo-DRS: Geometric Dynamic Range Search on Spatial Data with Backward and Content Privacy

Part of the Lecture Notes in Computer Science book series (LNSC,volume 12973)


Driven by the cloud-first initiative taken by various governments and companies, it has become a common practice to outsource spatial data to cloud servers for a wide range of applications such as location-based services and geographic information systems. Searchable encryption is a common practice for outsourcing spatial data which enables search over encrypted data by sacrificing the full security via leaking some information about the queries to the server. However, these inherent leakages could equip the server to learn beyond what is considered in the scheme, in the worst-case allowing it to reconstruct of the database. Recently, a novel form of database reconstruction attack against such kind of outsourced spatial data was introduced (Markatou and Tamassia, IACR ePrint 2020/284), which is performed using common leakages of searchable encryption schemes, i.e., access and search pattern leakages. An access pattern leakage is utilized to achieve an order reconstruction attack, whereas both access and search pattern leakages are exploited for the full database reconstruction attack. In this paper, we propose two novel schemes for outsourcing encrypted spatial data supporting dynamic range search. Our proposed schemes leverage R\(^{+}\)tree to partition the dataset and binary secret sharing to support secure range search. They further provide backward and content privacy and do not leak the access pattern, therefore being resilient against the above mentioned database reconstruction attacks. Our evaluation shows the practicality of our schemes, due to (a) the minimal round-trip between the client and the server, and (b) low overhead in the client side in terms of computation and storage.

This is a preview of subscription content, access via your institution.

Buying options

USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-88428-4_2
  • Chapter length: 20 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
USD   89.00
Price excludes VAT (USA)
  • ISBN: 978-3-030-88428-4
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   119.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.
Fig. 6.


  1. 1.


  2. 2.

    The document identifiers matching the issued search keyword when they were inserted, and the total number \(a_w\) of updates over the search keyword.

  3. 3.

    It is also possible to use additive homomorphic encryption to perform the update at the server side (e.g. update in [15]), here we want to show only a basic scenario.

  4. 4.

    The data owner can initially distribute some reasonable number of multiplication triples, and once the servers are about to run out of triples, they can request more triples to the data owner.

  5. 5.

    Who follows the protocol instructions correctly, but try to learn additional information.


  1. Agarwal, P.K., Erickson, J., et al.: Geometric range searching and its relatives. Contemp. Math. 223, 1–56 (1999)

    MathSciNet  CrossRef  Google Scholar 

  2. Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of the 2004 ACM SIGMOD, pp. 563–574. ACM (2004)

    Google Scholar 

  3. Beaver, D.: Commodity-based cryptography (extended abstract). In: Proceedings of the Twenty-Ninth Annual ACM Symposium on the Theory of Computing, El Paso, Texas, USA, 4–6 May 1997, pp. 446–455 (1997)

    Google Scholar 

  4. Bost, R.: \(\sigma o \varphi o \varsigma \): forward secure searchable encryption. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 1143–1154. ACM (2016)

    Google Scholar 

  5. Bost, R., Minaud, B., Ohrimenko, O.: Forward and backward private searchable encryption from constrained cryptographic primitives. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 1465–1482. ACM (2017)

    Google Scholar 

  6. Cock, M.D., et al.: Efficient and private scoring of decision trees, support vector machines and logistic regression models based on pre-computation. IEEE TDSC 16(2), 217–230 (2019)

    Google Scholar 

  7. Dowsley, R.: Cryptography based on correlated data: foundations and practice. Ph.D. thesis, Karlsruhe Institute of Technology, Germany (2016)

    Google Scholar 

  8. Durak, F.B., DuBuisson, T.M., Cash, D.: What else is revealed by order-revealing encryption? In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 1155–1166. ACM (2016)

    Google Scholar 

  9. Garay, J., Schoenmakers, B., Villegas, J.: Practical and secure solutions for integer comparison. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 330–342. Springer, Heidelberg (2007).

    CrossRef  Google Scholar 

  10. Grubbs, P., Lacharité, M., Minaud, B., Paterson, K.G.: Learning to reconstruct: statistical learning theory and encrypted database attacks. In: 2019 IEEE Symposium on Security and Privacy, pp. 1067–1083 (2019)

    Google Scholar 

  11. Guo, R., Qin, B., Wu, Y., Liu, R., Chen, H., Li, C.: MixGeo: efficient secure range queries on encrypted dense spatial data in the cloud. In: Proceedings of the International Symposium on Quality of Service, pp. 1–10 (2019)

    Google Scholar 

  12. Guttman, A.: R-trees: a dynamic index structure for spatial searching. In: Proceedings of the 1984 ACM SIGMOD International Conference on Management of Data, SIGMOD 1984, pp. 47–57. ACM, New York (1984)

    Google Scholar 

  13. de Hoogh, S.: Design of large scale applications of secure multiparty computation: secure linear programming. Ph.D. thesis, Department of Mathematics and Computer Science (2012)

    Google Scholar 

  14. Kellaris, G., Kollios, G., Nissim, K., O’neill, A.: Generic attacks on secure outsourced databases. In: Proceedings of the 2016 ACM SIGSAC, pp. 1329–1340. ACM (2016)

    Google Scholar 

  15. Kermanshahi, S.K., et al.: Geometric range search on encrypted data with forward/backward security. IEEE Trans. Dependable Secure Comput. 1–20 (2020)

    Google Scholar 

  16. Kornaropoulos, E.M., Papamanthou, C., Tamassia, R.: Data recovery on encrypted databases with k-nearest neighbor query leakage. In: 2019 IEEE Symposium on Security and Privacy, San Francisco, CA, USA, 19–23 May 2019, pp. 1033–1050 (2019)

    Google Scholar 

  17. Lacharité, M.-S., Minaud, B., Paterson, K.G.: Improved reconstruction attacks on encrypted data using range query leakage. In: 2018 IEEE Symposium on Security and Privacy (SP), pp. 297–314. IEEE (2018)

    Google Scholar 

  18. Li, X., Zhu, Y., Wang, J., Zhang, J.: Efficient and secure multi-dimensional geometric range query over encrypted data in cloud. J. Parallel Distrib. Comput. 131, 44–54 (2019)

    CrossRef  Google Scholar 

  19. Luo, Y., Fu, S., Wang, D., Xu, M., Jia, X.: Efficient and generalized geometric range search on encrypted spatial data in the cloud. In: 2017 IEEE/ACM 25th International Symposium on Quality of Service (IWQoS), pp. 1–10. IEEE (2017)

    Google Scholar 

  20. Markatou, E.A., Tamassia, R.: Database reconstruction attacks in two dimensions. Cryptology ePrint Archive, Report 2020/284 (2020).

  21. Matoušek, J.: Geometric range searching. ACM Comput. Surv. (CSUR) 26(4), 422–461 (1994)

    CrossRef  Google Scholar 

  22. Morton, G.M.: A computer oriented geodetic data base and a new technique in file sequencing. Technical report, IBM (1966)

    Google Scholar 

  23. Naveed, M., Kamara, S., Wright, C.V.: Inference attacks on property-preserving encrypted databases. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 644–655. ACM (2015)

    Google Scholar 

  24. Pan, Y., et al.: Data inference from encrypted databases: a multi-dimensional order-preserving matching approach. arXiv:2001.08773 (2020)

  25. Sellis, T., Roussopoulos, N., Faloutsos, C.: The R+-tree: a dynamic index for multi-dimensional objects. Technical report, University of Maryland (1987)

    Google Scholar 

  26. Shen, E., Shi, E., Waters, B.: Predicate privacy in encryption systems. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 457–473. Springer, Heidelberg (2009).

    CrossRef  Google Scholar 

  27. Wang, B., Li, M., Wang, H.: Geometric range search on encrypted spatial data. IEEE Trans. Inf. Forensics Secur. 11(4), 704–719 (2016)

    Google Scholar 

  28. Wang, B., Li, M., Wang, H., Li, H.: Circular range search on encrypted spatial data. In: 2015 IEEE CNS, pp. 182–190. IEEE (2015)

    Google Scholar 

  29. Wang, B., Li, M., Xiong, L.: FastGeo: efficient geometric range queries on encrypted spatial data. IEEE TDSC 16(2), 245–258 (2019)

    Google Scholar 

  30. Wong, W.K., Cheung, D.W.-L., Kao, B., Mamoulis, N.: Secure kNN computation on encrypted databases. In: Proceedings of the 2009 ACM SIGMOD International Conference on Management of data, pp. 139–152 (2009)

    Google Scholar 

  31. Xu, G., Li, H., Dai, Y., Yang, K., Lin, X.: Enabling efficient and geometric range query with access control over encrypted spatial data. IEEE Trans. Inf. Forensics Secur. 14(4), 870–885 (2019)

    CrossRef  Google Scholar 

  32. Zheng, Z., Shen, J., Cao, Z.: Practical and secure circular range search on private spatial data. Cryptology ePrint Archive, Report 2020/242 (2020).

  33. Zhu, H., Lu, R., Huang, C., Chen, L., Li, H.: An efficient privacy-preserving location-based services query scheme in outsourced cloud. IEEE Trans. Veh. Technol. 65(9), 7729–7739 (2015)

    CrossRef  Google Scholar 

Download references

Author information

Authors and Affiliations


Corresponding author

Correspondence to Shabnam Kasra Kermanshahi .

Editor information

Editors and Affiliations

A Security analysis

A Security analysis

In our construction, each search result is a share of a list associated with a leaf node and client is the one who reconstructs the final result using these shares. To insert or delete an object within a list, the client generates the new shares of the list and the servers will replace the old shares with the new ones. Thus, 1) there is no leakage regarding the content of the dataset (object’s identifier), 2) it is impossible to distinguish which object was being updated, 3) the search queries do not leak matching objects after they have been deleted. As a result, our construction is content and backward private as proved below.

Theorem 1

Let \(\mathcal {L}\) denote the leakage function of our Geo-DRS\(^+\) scheme as defined in Sect. 3.3. Our constructed Geo-DRS\(^+\) is \(\mathcal { L }\)-adaptively-secure, if the protocol of De Cock et al.(we call it \(\pi _s\)) [6] is secure. Let \(\varSigma \) represents Geo-DRS\(^+\), and \(\mathcal {A}\) be the adversary (the honest-but-curious server)Footnote 5, who breaks the security of \(\varSigma \). Suppose \(\mathcal {A}\) make at most \(q_u > 0\) update queries. One can construct an algorithm \(\mathcal {B}\) that can break the UC-security of De Cock et al. [6] protocol by running \(\mathcal {A}\) as a subroutine with non-negligible probability if \(\log _2 q_s +\ell \ge \lambda \), for security parameter \(\lambda \).


The proof proceeds using a hybrid argument, by game hopping, starting from the real-world game \({\texttt {REAL}}_{\mathcal {A}}^{\varSigma }(\lambda )\).

  • Game \(G_{0}\): This game is exactly the same as the real world security game \({\texttt {REAL}}_{\mathcal {A}}^{\varSigma }(\lambda )\). Hence, we have

    $$\mathbb {P}\left[ {\texttt {REAL}}_{\mathcal {A}}^{\varSigma }(\lambda )=1\right] =\mathbb {P}\left[ G_{0}=1\right] . $$
  • Game \(G_{1}\): In this game, we pick random values instead of the output of \(\pi _{s}\) as a share of a search query and store it in a table to be reused if same query is issued. The advantage of the adversary in distinguishing between \(G_0\) and \(G_1\) is exactly the same as advantage for \(\pi _{s}\). Thus, we can build a reduction \(\mathcal {B}\) which is able to distinguish between \(\pi _{s}\) and a truly random function.

  • Game \(G_{2}\): To update (delete/insert) an object from the list associated to a leaf node on the R\(^{+}\)tree, this game replaces the shares of the leaf node with random shares. For update token, it uses the leakage to learn which node should be updated. The adversary \(\mathcal {A}\) cannot distinguish the real shares from the truly random shares. Suppose \(\mathcal {A}\) makes at most \(q_u > 0\) update queries, then we have

    $$\begin{aligned} |\mathbb {P}\left[ G_{2}=1\right] -\mathbb {P}\left[ G_{1}=1\right] | \le \frac{1}{q_u\cdot 2^\ell }. \end{aligned}$$
  • Simulator. We can simulate the \({\texttt {IDEAL}}\) game like Game \(G_{2}\). Let \(\mathcal {S}_{\pi _s}\) be the simulator for De Cock et al. [6] protocol; then we construct a simulator \(\mathcal {S}\) for our construction to perform the search. The algorithm \(\mathcal {B}\) uses \(\mathcal {S}_{\pi _s}\) to construct the simulator \(\mathcal {S}\) in order to answer the queries issued by \(\mathcal {A}\). We just need to use \(\mathcal {S}_{\pi _s}\) for \(\mathcal {A}_{\pi _s}\), to construct \(\mathcal {S}\) for \(\mathcal {A}\). We have that

    For the update, simulator \(\mathcal {S}\) works the same as \(G_{1}\) without knowing the content (objects’ identifiers). The simulator only uses \(\mathsf {ru}\) to identify the bounding box of the update query and not the object’s identifier. Therefore, it can simulate the attacker’s view using only \(\mathcal { L } ^{Updt}\).

As a result, our construction satisfies content and backward privacy as the search leakage does not include \(\text {TimeDB}(w)\) or \(\text {Updates}(w)\).    \(\square \)

Rights and permissions

Reprints and Permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Kermanshahi, S.K. et al. (2021). Geo-DRS: Geometric Dynamic Range Search on Spatial Data with Backward and Content Privacy. In: Bertino, E., Shulman, H., Waidner, M. (eds) Computer Security – ESORICS 2021. ESORICS 2021. Lecture Notes in Computer Science(), vol 12973. Springer, Cham.

Download citation

  • DOI:

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-88427-7

  • Online ISBN: 978-3-030-88428-4

  • eBook Packages: Computer ScienceComputer Science (R0)