Skip to main content
SpringerLink
Log in

ObliviousDB: Practical and Efficient Searchable Encryption with Controllable Leakage

  • Conference paper
  • First Online:
Foundations and Practice of Security (FPS 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10723))

Included in the following conference series:

Abstract

Searchable encryption allows users to execute encrypted queries over encrypted databases. Several encryption schemes have been proposed in the literature but they leak sensitive information that could lead to inference attacks. We propose ObliviousDB, a searchable encryption scheme for an outsourced database that limits information leakage. Moreover, our scheme allows users to execute SQL-like queries on encrypted data and efficiently supports multi-user access without requiring key sharing. We have implemented ObliviousDB and show its practical efficiency.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    For simplicity, we assume there is only a single table in \(\varDelta \) and regard \(\varDelta \) as a table. Without loss of generality, our proofs will hold for a database containing a set of tables.

References

  1. Gartner expects five years for hybrid cloud to reach productivity. http://www.cloudcomputing-news.net/news/2015/aug/18/gartner-expects-hybrid-cloud-reach-productivity-five-years-are-they-right/. Accessed 19 Feb 2016

  2. Rightscale 2016 state of the cloud report. https://www.rightscale.com/lp/state-of-the-cloud. Accessed 3 July 2016

  3. Cui, S., Asghar, M.R., Galbraith, S.D., Russello, G.: Secure and practical searchable encryption: a position paper. In: Pieprzyk, J., Suriadi, S. (eds.) ACISP 2017. LNCS, vol. 10342, pp. 266–281. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-60055-0_14

    Chapter  Google Scholar 

  4. Cash, D., Grubbs, P., Perry, J., Ristenpart, T.: Leakage-abuse attacks against searchable encryption. In: Ray, I., Li, N., Kruegel, C. (eds.) SIGSAC 2015, pp. 668–679. ACM, New York (2015)

    Google Scholar 

  5. Naveed, M., Kamara, S., Wright, C.V.: Inference attacks on property-preserving encrypted databases. In: Ray, I., Li, N., Kruegel, C. (eds.) SIGSAC 2015, pp. 644–655. ACM, New York (2015)

    Google Scholar 

  6. Zhang, Y., Katz, J., Papamanthou, C.: All your queries are belong to us: the power of file-injection attacks on searchable encryption. In: USENIX Security 2016, pp. 707–720. USENIX Association (2016)

    Google Scholar 

  7. Popa, R.A., Redfield, C.M.S., Zeldovich, N., Balakrishnan, H.: CryptDB: protecting confidentiality with encrypted query processing. In: Wobber, T., Druschel, P. (eds.) SOSP 2011, pp. 85–100. ACM, New York (2011)

    Google Scholar 

  8. Stefanov, E., Papamanthou, C., Shi, E.: Practical dynamic searchable encryption with small leakage. In: NDSS 2013, vol. 71, pp. 72–75 (2014)

    Google Scholar 

  9. Bost, R.: \(\sum \)o\(\varphi \)o\(\varsigma \): forward secure searchable encryption. In: Weippl, E.R., Katzenbeisser, S., Kruegel, C., Myers, A.C., Halevi, S. (eds.) SIGSAC 2016, pp. 1143–1154. ACM, New York (2016)

    Google Scholar 

  10. Chang, Y.-C., Mitzenmacher, M.: Privacy preserving keyword searches on remote encrypted data. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 442–455. Springer, Heidelberg (2005). https://doi.org/10.1007/11496137_30

    Chapter  Google Scholar 

  11. Asghar, M.R., Russello, G., Crispo, B., Ion, M.: Supporting complex queries and access policies for multi-user encrypted databases. In: Juels, A., Parno, B. (eds.) CCSW 2013, pp. 77–88. ACM, New York (2013)

    Google Scholar 

  12. Asghar, M.R.: Privacy preserving enforcement of sensitive policies in outsourced and distributed environments. Ph.D. dissertation, University of Trento, Trento, Italy, December 2013. http://eprints-phd.biblio.unitn.it/1124/

  13. Galbraith, S.D., Paterson, K.G., Smart, N.P.: Pairings for cryptographers. Discret. Appl. Math. 156(16), 3113–3121 (2008)

    Article  MathSciNet  MATH  Google Scholar 

  14. Dong, C., Russello, G., Dulay, N.: Shared and searchable encrypted data for untrusted servers. In: Atluri, V. (ed.) DBSec 2008. LNCS, vol. 5094, pp. 127–143. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-70567-3_10

    Chapter  Google Scholar 

  15. Yang, G., Tan, C.H., Huang, Q., Wong, D.S.: Probabilistic public key encryption with equality test. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 119–131. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-11925-5_9

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. The University of Auckland, Auckland, New Zealand

    Shujie Cui, Muhammad Rizwan Asghar, Steven D. Galbraith & Giovanni Russello

Authors
  1. Shujie Cui
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Muhammad Rizwan Asghar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Steven D. Galbraith
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Giovanni Russello
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shujie Cui .

Editor information

Editors and Affiliations

  1. University of Lorraine, Villers-lès-Nancy, France

    Abdessamad Imine

  2. Polytechnique de Montréal, Montreal, Québec, Canada

    José M. Fernandez

  3. LORIA, Vandœuvre-lès-Nancy, France

    Jean-Yves Marion

  4. Université du Québec en Outaouais, Gatineau, Québec, Canada

    Luigi Logrippo

  5. Télécom SudParis, Evry Cedex, France

    Joaquin Garcia-Alfaro

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG, part of Springer Nature

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Cui, S., Asghar, M.R., Galbraith, S.D., Russello, G. (2018). ObliviousDB: Practical and Efficient Searchable Encryption with Controllable Leakage. In: Imine, A., Fernandez, J., Marion, JY., Logrippo, L., Garcia-Alfaro, J. (eds) Foundations and Practice of Security. FPS 2017. Lecture Notes in Computer Science(), vol 10723. Springer, Cham. https://doi.org/10.1007/978-3-319-75650-9_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-75650-9_13

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-75649-3

  • Online ISBN: 978-3-319-75650-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation