DOI QR코드

DOI QR Code

Address Permutation for Privacy-Preserving Searchable Symmetric Encryption

  • Choi, Dae-Seon (Cyber Security-Convergence Research Department, ETRI) ;
  • Kim, Seung-Hyun (Cyber Security-Convergence Research Department, ETRI) ;
  • Lee, Youn-Ho (Department of Information and Communication Engineering, Yeungnam University)
  • Received : 2011.04.22
  • Accepted : 2011.09.06
  • Published : 2012.02.01

Abstract

This paper proposes a privacy-preserving database encryption scheme that provides access pattern hiding against a service provider. The proposed scheme uses a session key to permute indices of database records each time they are accessed. The proposed scheme can achieve access pattern hiding in situations in which an adversary cannot access the inside of the database directly, by separating the entity with an index table and data table and permuting both the index and position where the data are stored. Moreover, it is very efficient since only O(1) server computation and communication cost are required in terms of the number of the data stored. It can be applied to cloud computing, where the intermediate entities such as cloud computing service provider can violate the privacy of users or patients.

Keywords

References

  1. R. Curtmola et al., "Searchable Symmetric Encryption: Improved Definitions and Efficient Constructions," 13th ACM Conf. Comput. Commun. Security, 2006.
  2. Y.C. Chang and M. Mitzenmacher, "Privacy Preserving Keyword Searches on Remote Encrypted Data," Applied Cryptography Netw. Security Conf., 2005.
  3. Z. Yang, S. Zhong, and R. Wright, "Privacy-Preserving Queries on Encrypted Data," 11th European Symposium Research in Security, 2006.
  4. M. Kantarcioglu and C. Clifton, "Security Issues in Querying Encrypted Data," Purdue Computer Science Technical Report 04- 013, 2004.
  5. M. Abdalla et al., "Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions," Crypto, 2005.
  6. D. Song, D. Wagner, and A. Perrig, "Practical Techniques for Searches on Encrypted Data," Proc. IEEE Symp. Security Privacy, 2000, pp. 44-55.
  7. O. Goldreich and R. Ostrovsky, "Software Protection and Simulation on Oblivious RAMs," J. ACM, vol. 43, no. 3, 1996, pp. 431-473
  8. B. Chor et al., "Private Information Retrieval," J. ACM, vol. 45, no. 6, 1998, pp. 965-982.
  9. S.W. Smith and D. Safford, "Practical Private Information Retrieval with Secure Coprocessors," IBM Research Report, RC 21806, 2000.
  10. R. Ostrovsky and W.E. Skeith, "A Survey of Single-Database Private Information Retrieval: Techniques and Applications," LNCS, vol. 4450, 2007, pp. 393-411.
  11. Q. Chai and G. Gondm, "Verifiable Symmetric Searchable Encryption for Semi-Honest-but-Curious Cloud Servers." http://www.cacr.math.uwaterloo.ca/techreports/2011/cacr2011- 22.pdf
  12. E. Shi et al., "Multi-Dimensional Range Query over Encrypted Data," Proc. IEEE Symp. Security Privacy, 2007, pp. 350-364.
  13. H. Pang and K.L. Tan, "Verifying Completeness of Relational Query Answers from Online Servers," ACM Trans. Inf. Syst. Security, vol. 11, no. 2, article 9, May 2008.
  14. M. Abdalla et al., "Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, End Extensions," Proc. Adv. Cryptology, LNCS, vol. 3621, 2005, pp. 205-222.
  15. J. Bethencourt, D. Song, and B. Waters, "New Techniques for Private Stream Searching," ACM Trans. Inf. Syst. Security, vol. 12, no. 3, article 16, Jan. 2009.
  16. P. Paillier, "Public-Key Cryptosystems Based on Composite Degree Residuosity Classes," Proc. Adv. Cryptology: EUROCRYPT, LNCS, vol. 1592, 1999, pp. 232-238.
  17. H. Pang, J. Shen, and R. Krishnan, "Privacy-Preserving Similarity-Based Text Retrieval," ACM Trans. Internet Technol., vol. 10, no. 1, article 4, Feb. 2010.
  18. C. Wang et al., "Secure Ranked Keyword Search over Encrypted Cloud Data," Proc. Int. Conf. Distrib. Comput. Syst., 2010, pp. 253-262.
  19. N. Cao et al., "Privacy-Preserving Multi-keyword Ranked Search over Encrypted Cloud Data," Proc. IEEE INFOCOM, 2011, pp. 829-837.
  20. A. Boldyreva et al., "Order-Preserving Symmetric Encryption," Proc. Eurocrypt, LNCS, vol. 5479, 2009, pp. 224-241.
  21. H. Pang, J. Zhang, and K. Mouratidis, "Scalable Verification for Outsourced Dynamic Databases," Proc. 35th VLDB Conf., Aug. 2009, pp. 802-813.
  22. S. Papadopoulos, W. Cheng, and K.L. Tan, "Separating Authentication from Query Execution in Outsourced Databases," Proc. 25th Int. Conf. Data Eng., Apr. 2009, pp. 1148-1151.
  23. R. Gennaro, C. Gentry, and B. Parno, "Non-interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers," Proc. Adv. Cryptology: CRYPTO, 2010, pp. 465-482.
  24. C. Gentry, "Fully Homomorphic Encryption Using Ideal Lattices," Proc. 41st Annual ACM Symp. Theory Comput., 2009,pp. 169-178.
  25. M. Dijk et al., "Fully Homomorphic Encryption over the Integers," Proc. Adv. Cryptology: EUROCRYPT, 2010, pp. 24- 43.
  26. A. Joux, "A One Round Protocol for Tripartite Diffie-Hellman," Proc. Algorithmic Number Theory, LNCS, vol. 1838, 2000, pp. 385-393.

Cited by

  1. Symmetric searchable encryption with efficient range query using multi-layered linked chains vol.72, pp.11, 2012, https://doi.org/10.1007/s11227-015-1497-6