Xinle Cao,Jian Liu,Hao Lu,Kui Ren

DOI: https://doi.org/10.14778/3467861.3467865

IF: 2.5

2021-01-01

Proceedings of the VLDB Endowment

Abstract:Encrypted database is an innovative technology proposed to solve the data confidentiality issue in cloud-based DB systems. It allows a data owner to encrypt its database before uploading it to the service provider; and it allows the service provider to execute SQL queries over the encrypted data. Most of existing encrypted databases (e.g., CryptDB in SOSP '11) do not support data interoperability: unable to process complex queries that require piping the output of one operation to another. To the best of our knowledge, SDB (SIGMOD '14) is the only encrypted database that achieves data interoperability. Unfortunately, we found SDB is not secure! In this paper, we revisit the security of SDB and propose a ciphertext-only attack named co-prime attack. It successfully attacks the common operations supported by SDB, including addition, comparison, sum, equi-join and group-by. We evaluate our attack in three real-world benchmarks. For columns that support addition and comparison , we recover 84.9% -- 99.9% plaintexts. For columns that support sum, equi-join and group-by , we recover 100% plaintexts. Besides, we provide potential countermeasures that can prevent the attacks against sum, equi-join, group-by and addition. It is still an open problem to prevent the attack against comparison.

Gongyu Shi,Geng Wang,Shi-Feng Sun,Dawu Gu

DOI: https://doi.org/10.1007/s00778-024-00852-1

2024-05-24

The VLDB Journal

Abstract:In an encrypted database, all data items stored at the server are encrypted and some operations can be performed directly over ciphertexts. Most existing encrypted database schemes cannot support data interoperability, that is, it cannot handle complex queries which require the output of one operator as the input to another. Wong et al. presented the encrypted database SDB (SIGMOD'14), and it is the only scheme that achieves data interoperability to the best of our knowledge. Recently, Cao et al. revisited the security of SDB (PVLDB'21) and proposed a ciphertext-only attack named "co-prime" attack. Their attack has a high success rate (84.9–99.9% on real-world benchmarks) and works on several common operations in SDB, including addition , sum , equi-join and group-by . However, the attack is time-consuming when the plaintext space (denoted as M ) is large, since the time complexity is , or O ( M ) with the meet-in-the-middle strategy. Cao et al. 's experiments showed that the attack takes minutes on a laptop when . And the expected time cost will be 15,261 years if , which is infeasible. In addition, the authors provided the countermeasures to prevent co-prime attack. Our main contribution in this paper is twofold. First, we propose an improved ciphertext-only attack based on lattice reduction against SDB with time complexity O (1). Our attack works on not only the previous four operations discussed by Cao et al., but also some aggregate operations, and its success rate is the same as that of co-prime attack. With the same parameters, our attack only takes  s on a laptop, which is 37 faster than co-prime attack. Besides, our attack works for large M up to while the time cost remains almost unchanged. Thus, our attack is much more efficient and powerful. Next, we analyze the countermeasures proposed by Cao et al. and present an efficient attack with the orthogonal lattice reduction method, which denies the security of Cao et al.'s modified scheme. The time complexity is , and the attack takes several minutes on a laptop. Furthermore, we validate our attacks on two real-world public datasets and make some discussions.

computer science, information systems, hardware & architecture

Hui Li,Jingwen Shi,Qi Tian,Zheng Li,Yan Fu,Bingqing Shen,Yaofeng Tu

2024-04-10

Abstract:As cloud computing gains traction, data owners are outsourcing their data to cloud service providers (CSPs) for Database Service (DBaaS), bringing in a deviation of data ownership and usage, and intensifying privacy concerns, especially with potential breaches by hackers or CSP insiders. To address that, encrypted database services propose encrypting every tuple and query statement before submitting to the CSP, ensuring data confidentiality when the CSP is honest-but-curious, or even compromised. Existing solutions either employ property preserving cryptography schemes, which can perform certain operations over ciphertext without decrypting the data over the CSP, or utilize trusted execution environment (TEE) to safeguard data and computations from the CSP. Based on these efforts, we introduce Enc2DB, a novel secure database system, following a hybrid strategy on PostgreSQL and openGauss. We present a micro-benchmarking test and self-adaptive mode switch strategy that can dynamically choose the best execution path (cryptography or TEE) to answer a given query. Besides, we also design and implement a ciphertext index compatible with native cost model and query optimizers to accelerate query processing. Empirical study over TPC-C test justifies that Enc2DB outperforms pure TEE and cryptography solutions, and our ciphertext index implementation also outperforms the state-of-the-art cryptographic-based system.

Cryptography and Security,Databases

Bo Sun,Sen Zhao,Guohua Tian

DOI: https://doi.org/10.1080/09540091.2024.2323059

2024-03-07

Connection Science

Abstract:Limited by the local storage resource, data users have to encrypt their data and outsource the encrypted databases to cloud servers to enjoy low-cost, professional data management services, which promotes the rapid development of outsourcing database technology. Despite this, the complex underlying setting and loosely coupled database architecture lead to various security risks and performance bottlenecks, while there is currently no work to achieve a comprehensive evaluation of existing encrypted database solutions from the aspects of underlying settings, security levels, functions, etc. In this work, we first propose an evaluation model to assess SQL functionalities and security from multiple dimensions. Secondly, we categorise the existing SQL query schemes into three categories: software-based construction, hardware-based construction, and hybrid-based construction, that is, a combination of software and hardware components. On this basis, we analyse the framework, advantages, and limitations of classic and state-of-the-art schemes. Finally, we summarise the software-based and hardware-based approaches from dimensions of SQL functionality, security, and efficiency, thus clarifying their ideal application scenarios. Notably, SQL query schemes that exhibit minimal equality of pair leakage and support strong obliviousness can achieve higher levels of security. In addition, hardware-based solutions can achieve more complex SQL queries and superior performance without designing complex and functionally-limited cryptographic tools.

computer science, artificial intelligence, theory & methods

Kui Ren,Cong Wang

DOI: https://doi.org/10.1007/978-3-031-21377-9_6

IF: 2.701

2023-01-01

Wireless Networks

Abstract:After acquiring sufficient knowledge about searchable encryption, we are now able to delve into the world of fully functional encrypted databases. First of all, as a real-world application, there are many other dimensions beyond the key functionality “search” that we have to pay attention to. For instance, how to support concurrent queries (i.e., handling multiple queries at the same time), how to deal with the failure caused by various accidental reasons (e.g., power interruptions, unstable network, I/O failures), and how to enforce constraints to guarantee data comply with certain rules, etc.

Kui Ren

DOI: https://doi.org/10.1145/3433210.3434067

2021-01-01

Abstract:In recent years, we have witnessed an upsurge in cyber-attacks and data breach incidents that put tremendous data at risk, affect millions of users, and cause severe economic losses. As an in-depth defence to counter the persistent and pervasive security threats, maintaining data in always encrypted form is becoming a trend and even a regulatory requirement. Satisfying the demand is particularly challenging in the context of databases, which, as a pillar in modern computing infrastructure, provide indispensable means to organize, store and retrieve data at different scales. The difficulty lies in how to perform the database query processing over encrypted data while meeting the requirements of security, performance, and complex query functions. This field has grown tremendously over the past two decades, though there is no dominant solution that is universally applicable. Solutions based on cryptographic techniques, e.g., searchable encryption or property-preserving encryption, can efficiently provide certain primitive operations for database queries. But studies have shown that their allowed leakage profiles can be (sometimes highly) exploitable. The recent advent of secure hardware enclaves opens up new opportunities. Yet, the first few enclave-based proposals mostly explore extreme design points that rest on strong assumptions (e.g., huge enclave) or result in weak security (e.g., leaking relations of ciphertexts). In this talk, we will overview these latest advancements and the potential challenges, respectively, and discuss the possible roadmap ahead towards practically more secure, efficient and functional encrypted databases.

Jing Yao,Helei Cui,Xiaolin Gui

DOI: https://doi.org/10.1109/dsc47296.2019.8937632

2019-01-01

Abstract:Searchable symmetric encryption (SSE) is a practical technique that allows a client to outsource her encrypted files while maintaining an efficient and secure keyword search ability to authorized clients. To support multi-keyword or Boolean search capability, most of the existing SSE designs inevitably reveal the intermediate single keyword search result to the remote server. Such unintended leakage could be abused to infer the valuable information of the encrypted dataset. In order to hide this kind of intermediate search result (even in some private manners), two promising directions could be adopted, one is a hardware-assisted technology, e.g., Intel SGX, and the other is a software-based approach, e.g., indistinguishability obfuscation (iO). Here, we focus on the iO approach and devise a highly-scalable SSE design for supporting Boolean queries without revealing its single keyword search results. To show the advantages of our proposed design, we conduct a theoretical comparison between some related SSE protocols and ours in terms of storage and computation costs.

Bai Wen-yang

2010-01-01

Abstract:This paper proposed a distributed architecture for secure database service which could provide both efficient privacy protection and query processing. Based on the algorithms of automatic quasi-identifiers detection,partitioned the client data across many logically independent database servers vertically,while only encrypted few sensitive data. The client executed queries by transmitting appropriate sub-queries to different databases based on metadata. The experimental results show that this method is well-balanced on dealing with the contradiction between data privacy protection and efficient query processing.

Zheli Liu,Haoyu Ma,Jin Li,Chunfu Jia,Jingwei Li,Ke Yuan

DOI: https://doi.org/10.1007/978-3-642-38631-2_32

2013-01-01

Abstract:Outsourcing database has attracted much attention recently due to the emergence of Cloud Computing. However, there are still two problems to solve, 1) how to encipher and protect the sensitive information before outsourcing while keeping the database structure, and 2) how to enable better utilization of the database like fuzzy queries over the encrypted information. In this paper we propose a new solution based on format-preserving encryption, which protects the privacy of the sensitive data and keeps the data structure as well in the encrypted database. We also show how to perform fuzzy queries over such enciphered data. Specially, our scheme supports fuzzy queries by simply exploiting the internal storing and query mechanism of the databases, thus the influence on both the inner relation of databases and the construction of applications are minimized. Evaluation indicates that our scheme is able to efficiently perform fuzzy query on encrypted database.

Shengshan Hu,Chengjun Cai,Qian Wang,Cong Wang,Minghui Li,Zhibo Wang,Dengpan Ye

DOI: https://doi.org/10.48550/arXiv.1909.09472

2019-09-20

Cryptography and Security

Abstract:Searchable symmetric encryption (SSE) allows the data owner to outsource an encrypted database to a remote server in a private manner while maintaining the ability for selectively search. So far, most existing solutions focus on an honest-but-curious server, while security designs against a malicious server have not drawn enough attention. A few recent works have attempted to construct verifiable SSE that enables the data owner to verify the integrity of search results. Nevertheless, these verification mechanisms are highly dependent on specific SSE schemes, and fail to support complex queries. A general verification mechanism is desired that can be applied to all SSE schemes. In this work, instead of concentrating on a central server, we explore the potential of the smart contract, an emerging blockchain-based decentralized technology, and construct decentralized SSE schemes where the data owner can receive correct search results with assurance without worrying about potential wrongdoings of a malicious server. We study both public and private blockchain environments and propose two designs with a trade-off between security and efficiency. To better support practical applications, the multi-user setting of SSE is further investigated where the data owner allows authenticated users to search keywords in shared documents. We implement prototypes of our two designs and present experiments and evaluations to demonstrate the practicability of our decentralized SSE schemes.

Guoxiu Liu,Geng Yang,Haiwei Wang,Hua Dai,Qiang Zhou

DOI: https://doi.org/10.3837/tiis.2018.07.021

2018-01-01

KSII Transactions on Internet and Information Systems

Abstract:With the advent of database-as-a-service (DAAS) and cloud computing, more and more data owners are motivated to outsource their data to cloud database in consideration of convenience and cost. However, it has become a challenging work to provide security to database as service model in cloud computing, because adversaries may try to gain access to sensitive data, and curious or malicious administrators may capture and leak data. In order to realize privacy preservation, sensitive data should be encrypted before outsourcing. In this paper, we present a secure and practical system over encrypted cloud data, called QSDB (queryable and secure database), which simultaneously supports SQL query operations. The proposed system can store and process the floating point numbers without compromising the security of data. To balance tradeoff between data privacy protection and query processing efficiency, QSDB utilizes three different encryption models to encrypt data. Our strategy is to process as much queries as possible at the cloud server. Encryption of queries and decryption of encrypted queries results are performed at client. Experiments on the real-world data sets were conducted to demonstrate the efficiency and practicality of the proposed system.

Zhiqiang Yang,Sheng Zhong,Rebecca N. Wright

DOI: https://doi.org/10.1007/11863908_29

2006-01-01

Abstract:Data confidentiality is a major concern in database systems. Encryption is a useful tool for protecting the confidentiality of sensitive data. However, when data is encrypted, performing queries becomes more challenging. In this paper, we study efficient and provably secure methods for queries on encrypted data stored in an outsourced database that may be susceptible to compromise. Specifically, we show that, in our system, even if an intruder breaks into the database and observes some interactions between the database and its users, he only learns very little about the data stored in the database and the queries performed on the data.Our work consists of several components. First, we consider databases in which each attribute has a finite domain and give a basic solution for certain kinds of queries on such databases. Then, we present two enhanced solutions, one with a stronger security guarantee and the other with accelerated queries. In addition to providing proofs of our security guarantees, we provide empirical performance evaluations. Our experiments demonstrate that our solutions are fast on large-sized real data.

Xuanle Ren,Le Su,Zhen Gu,Sheng Wang,Feifei Li,Yuan Xie,Song Bian,Chao Li,Fan Zhang

DOI: https://doi.org/10.14778/3574245.3574248

2022-01-01

Abstract:Recent years have witnessed the rapid development of the encrypted database, due to the increasing number of data privacy breaches and the corresponding laws and regulations that caused millions of dollars in loss. These encrypted databases may rely on different techniques, such as cryptographic primitives and trusted execution environments. In this work, we investigate the feasibility of utilizing fully homomorphic encryption (FHE) to support unbounded database aggregation queries, which typically involve comparisons as filtering predicates and a final aggregation. These operators are theoretically supported by FHE, but need careful algorithm design to maximize the efficiency and have not been explored before. We creatively use two types of FHE schemes, i.e., one for numerical and one for binary value, to enjoy their advantages respectively. To bridge the encrypted values between these two schemes for seamless query processing without client-server interaction, we propose a novel ciphertext transformation mechanism, which is of independent research interest, to close this gap. We further implement our system and test it over three TPC-H queries and a query over a real social media e-commerce database. Evaluation results show that, to process an aggregation query over 8k encrypted rows takes about 430 seconds. Although it is slower than plaintext processing in magnitudes and still has much room for improvement, as the very first work in this domain, our system demonstrates the feasibility of using FHE to process OLAP queries.

Guowen Xu,Yan Ren,Hongwei Li,Dongxiao Liu,Yuanshun Dai,Kan Yang

DOI: https://doi.org/10.1109/icc.2017.7997105

2017-01-01

Abstract:In big data era, data are usually stored in databases for easy access and utilization, which are now woven into every aspect of our lives. However, traditional relational databases cannot address users' demands for quick data access and calculating, since they cannot process data in a distributed way. To tackle this problem, non-relational databases such as MongoDB have emerged up and been applied in various Scenarios. Nevertheless, it should be noted that most MongoDB products fail to consider user's data privacy. In this paper, we propose a practical encrypted MongoDB (i.e., CryptMDB). Specifically, we utilize an additive homomorphic asymmetric cryptosystem to encrypt user's data and achieve strong privacy protection. Security analysis indicates that the CryptMDB can achieve confidentiality of user's data and prevent adversaries from illegally gaining access to the database. Furthermore, extensive experiments demonstrate that the CryptMDB achieves better efficiency than existing relational database in terms of data access and calculating.

Mingyu Li,Xuyang Zhao,Le Chen,Cheng Tan,Huorong Li,Sheng Wang,Zeyu Mi,Yubin Xia,Feifei Li,Haibo Chen

2023-01-01

Abstract:State-of-the-art encrypted databases (EDBs) can be divided into two types: one that protects the whole DBMS engine in a trusted domain, and one that protects only operators that support queries over encrypted data. Both types have limitations when dealing with malicious database administrators (DBAs). The first type either exposes the data to DBAs or makes maintenance operations difficult if the DBA role is eliminated. The second type is vulnerable to abuse of the operator interfaces; in particular, we devise a smuggle attack that enables DBAs to secretly and effectively access data. We introduce HEDB, which prevents smuggle attacks and preserves database maintainability. HEDB uses a dual-mode EDB design based on our analysis of DBA maintenance tasks. Execution Mode handles user queries by isolating DBAs from operators to prevent smuggle attacks, while Maintenance Mode enables DBMS maintenance and operator troubleshooting through authenticated replay and anonymized replay, respectively. Our evaluation shows that HEDB blocks smuggle attacks and supports common maintenance tasks with 5.88% runtime cost and 9.26% storage cost.

Alexander J. Titus,Audrey Flower,Patrick Hagerty,Paul Gamble,Charlie Lewis,Todd Stavish,Kevin P. OConnell,Greg Shipley,Stephanie M. Rogers

DOI: https://doi.org/10.1371/journal.pcbi.1006454

2018-03-26

Abstract:Genomic data are becoming increasingly valuable as we develop methods to utilize the information at scale and gain a greater understanding of how genetic information relates to biological function. Advances in synthetic biology and the decreased cost of sequencing are increasing the amount of privately held genomic data. As the quantity and value of private genomic data grows, so does the incentive to acquire and protect such data, which creates a need to store and process these data securely. We present an algorithm for the Secure Interrogation of Genomic DataBases (SIG-DB). The SIG-DB algorithm enables databases of genomic sequences to be searched with an encrypted query sequence without revealing the query sequence to the Database Owner or any of the database sequences to the Querier. SIG-DB is the first application of its kind to take advantage of locality-sensitive hashing and homomorphic encryption to allow generalized sequence-to-sequence comparisons of genomic data.

Quantitative Methods,Cryptography and Security,Databases,Genomics

Aixin Zhang,Shalin Huang,Xinghua Wu,Shilin Wang,Jianhua Li

DOI: https://doi.org/10.1109/CSCloud/EdgeCom.2018.00011

2018-01-01

Abstract:The security of outsourced data has been a key issue in cloud applications. Previous researches have focused on the remote data auditing and verification schemes. Although some of them have the properties of dynamic update and public audit, most of these schemes implicitly assume an honest client. Actually, the client has the motivations to corrupt the verification results against server, and the server may suspect the verification results under the situation where the client is dishonest. Up to now, few solutions have been proposed when both the client and server are not fully trusted and either side could be malicious. In this paper, a strict verifiable database (sVDB) protocol is proposed to tackle this problem. The concrete construction based on the bilinear pair technique can support client's real-time query and batch update operations. We prove the security of the scheme by contradiction under the square computational Diffie-Hellman assumption. We also implement the protocol and carry out several experiments to compare its performance with the state-of-the-art VDB scheme using vector commitment. All the results show that the proposed sVDB scheme achieves good security performance and high computation efficiency.

Zheli Liu,Jingwei Li,Jin Li,Chunfu Jia,Jun Yang,Ke Yuan

DOI: https://doi.org/10.4018/ijdwm.2014100104

2014-01-01

International Journal of Data Warehousing and Mining

Abstract:With the development of cloud computing and big data, data privacy protection has become an urgent problem to solve. Data encryption is the most effective way to protect privacy; however, it will change the data format and result in: 1. database structure and application software will be changed; 2. structured query language (SQL) operations cannot work properly, especially in SQL-based fuzzy query. As a result, it is necessary to provide an SQL-based fuzzy query mechanism over encrypted databases, including traditional databases and cloud outsourced databases. This paper establishes a secure database system using format-preserving encryption (FPE) as the underlying primitive to protect the data privacy while not change the database structure. It further proposes a new SQL-based fuzzy query mechanism supporting directly query over encrypted data, which is constructed by FPE and universal hash function (UHF). The security of the proposed mechanism is analyzed as well. In the end, it makes extensive experiments on the system to demonstrate its practical performance.

Songrui Wu,Qi Li,Guoliang Li,Dong Yuan,Xingliang Yuan,Cong Wang

DOI: https://doi.org/10.1109/icde.2019.00062

2019-01-01

Abstract:Data outsourcing to cloud has been a common IT practice nowadays due to its significant benefits. Meanwhile, security and privacy concerns are critical obstacles to hinder the further adoption of cloud. Although data encryption can mitigate the problem, it reduces the functionality of query processing, e.g., disabling SQL queries. Several schemes have been proposed to enable one-dimensional query on encrypted data, but multi-dimensional range query has not been well addressed. In this paper, we propose a secure and scalable scheme that can support multi-dimensional range queries over encrypted data. The proposed scheme has three salient features: (1) Privacy: the server cannot learn the contents of queries and data records during query processing. (2) Efficiency: we utilize hierarchical cubes to encode multi-dimensional data records and construct a secure tree index on top of such encoding to achieve sublinear query time. (3) Verifiability: our scheme allows users to verify the correctness and completeness of the query results to address server's malicious behaviors. We perform formal security analysis and comprehensive experimental evaluations. The results on real datasets demonstrate that our scheme achieves practical performance while guaranteeing data privacy and result integrity.

WANG Zheng-fei,WANG Wei,SHI Bo-le

DOI: https://doi.org/10.3778/j.issn.1002-8331.2010.28.040

2010-01-01

Computer Engineering and Applications Journal

Abstract:Encryption technology has become an important mechanism of securing data stored in the outsourced database.However,it is a difficulty to query efficiently the encrypted data and many researchers take it into consideration.To solve the problem,an encrypted schema,based on the inner DBMS,is proposed.Through the security dictionary and the extended SQL,the approach implements the encrypted storage and efficient query over the data in the outsourced databases.Results of experiments validate the efficiency and feasibility of the approach.