Optimal Re-encryption Strategy for Joins in Encrypted Databases

Kerschbaum, Florian; Härterich, Martin; Grofig, Patrick; Köhler, Mathias; Schaad, Andreas; Schröpfer, Axel; Tighzert, Walter

doi:10.1007/978-3-642-39256-6_13

Cited by 11 publications

(6 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The computational effort increases compared to the operations applied in the single user mode as the pairing operation is more expensive [22,25]. In addition, optimization strategies can minimize the number of attribute values that have to be re-encrypted in the single user mode [17]. These are not feasible in the multi user mode.…”

Section: Phasementioning

confidence: 99%

Enki

Hang

Kerschbaum²,

Damiani

2015

Proceedings of the 2015 ACM SIGMOD International Conference on Management of Data

Self Cite

View full text Add to dashboard Cite

A data owner outsourcing the database of a multi user application wants to prevent information leaks caused by outside attackers exploiting software vulnerabilities or by curious personnel. Query processing over encrypted data solves this problem for a single user, but provides only limited functionality in the face of access restrictions for multiple users and keys. ENKI is a system for securely executing queries over sensitive, access restricted data on an outsourced database. It introduces an encryption based access control model and techniques for query execution over encrypted, access restricted data on the database with only a few cases requiring computations on the client. A prototype of ENKI supports all queries seen in three real world use cases and executes queries from TPC-C benchmark with a modest overhead compared to the single user mode.

show abstract

Section: Phasementioning

confidence: 99%

Enki

Hang

Kerschbaum²,

Damiani

2015

Proceedings of the 2015 ACM SIGMOD International Conference on Management of Data

Self Cite

View full text Add to dashboard Cite

show abstract

“…MONOMI [45] is based on CryptDB with a special focus on efficient analytical query processing. [31] adapts the deterministic proxy re-encryption to provide the data confidentiality. The approaches using deterministic encryption directly leak the duplicates and, as a result, the equality information are leaked to the adversarial servers.…”

Section: Related Work On Secure Joinmentioning

confidence: 99%

“…H π(j) = Enc pk (α π(j) ), Enc pk (β π(j) ), Enc pk (γ π(j) ); 30 set H i = Enc pk (α π(j) ) · Enc pk (α i )||Enc pk (β π(j) ) · Enc pk (β i )||Enc pk (γ π(j) ) · Enc pk (γ i ); 31 Generate a random permutation π : [l] → [l]. Permute new list E(I π (i) ) and H π (i) , then send them back to S 1 ;…”

mentioning

confidence: 99%

Top-k Query Processing on Encrypted Databases with Strong Security Guarantees

Meng

Zhu

Kollios

2018

2018 IEEE 34th International Conference on Data Engineering (ICDE)

View full text Add to dashboard Cite

Privacy concerns in outsourced cloud databases have become more and more important recently and many efficient and scalable query processing methods over encrypted data have been proposed. However, there is very limited work on how to securely process top-k ranking queries over encrypted databases in the cloud. In this paper, we focus exactly on this problem: secure and efficient processing of top-k queries over outsourced databases. In particular, we propose the first efficient and provable secure top-k query processing construction that achieves adaptively CQA security. We develop an encrypted data structure called EHL and describe several secure sub-protocols under our security model to answer top-k queries. Furthermore, we optimize our query algorithms for both space and time efficiency. Finally, in the experiments, we empirically analyze our protocol using real world datasets and demonstrate that our construction is efficient and practical. * Amazon

show abstract

“…Changes are made persistent to save costs for future queries. Our database driver loads the current state out of the database and follows the algorithm by Kerschbaum et al [29] for choosing which column to adjust. This algorithm converges to a stable state and it achieves the best possible worst case bound of necessary re-encryption.…”

Section: Deterministic Encryptionmentioning

confidence: 99%

Encrypting Analytical Web Applications

Fuhry¹,

Tighzert²,

Kerschbaum³

2016

Proceedings of the 2016 ACM on Cloud Computing Security Workshop

Self Cite

View full text Add to dashboard Cite

The software-as-a-service (SaaS) market is growing very fast, but still many clients are concerned about the confidentiality of their data in the cloud. Motivated hackers or malicious insiders could try to steal the clients' data. Encryption is a potential solution, but supporting the necessary functionality also in existing applications is difficult. In this paper, we examine encrypting analytical web applications that perform extensive number processing operations in the database. Existing solutions for encrypting data in web applications poorly support such encryption. We employ a proxy that adjusts the encryption to the level necessary for the client's usage and also supports additively homomorphic encryption. This proxy is deployed at the client and all encryption keys are stored and managed there, while the application is running in the cloud. Our proxy is stateless and we only need to modify the database driver of the application. We evaluate an instantiation of our architecture on an exemplary application. We only slightly increase page load time on average from 3.1 seconds to 4.7. However, roughly 40% of all data columns remain probabilistic encrypted. The client can set the desired security level for each column using our policy mechanism. Hence our proxy architecture offers a solution to increase the confidentiality of the data at the cloud provider at a moderate performance penalty.

show abstract

Optimal Re-encryption Strategy for Joins in Encrypted Databases

Cited by 11 publications

References 11 publications

Enki

Enki

Top-k Query Processing on Encrypted Databases with Strong Security Guarantees

Encrypting Analytical Web Applications

Contact Info

Product

Resources

About