research-article

Practical Private Range Search Revisited

Authors:

Ioannis Demertzis,

Stavros Papadopoulos,

Odysseas Papapetrou,

Antonios Deligiannakis,

Minos GarofalakisAuthors Info & Claims

SIGMOD '16: Proceedings of the 2016 International Conference on Management of Data

Pages 185 - 198

https://doi.org/10.1145/2882903.2882911

Published: 14 June 2016 Publication History

Abstract

We consider a data owner that outsources its dataset to an untrusted server. The owner wishes to enable the server to answer range queries on a single attribute, without compromising the privacy of the data and the queries. There are several schemes on "practical" private range search (mainly in Databases venues) that attempt to strike a trade-off between efficiency and security. Nevertheless, these methods either lack provable security guarantees, or permit unacceptable privacy leakages. In this paper, we take an interdisciplinary approach, which combines the rigor of Security formulations and proofs with efficient Data Management techniques. We construct a wide set of novel schemes with realistic security/performance trade-offs, adopting the notion of Searchable Symmetric Encryption (SSE) primarily proposed for keyword search. We reduce range search to multi-keyword search using range covering techniques with tree-like indexes. We demonstrate that, given any secure SSE scheme, the challenge boils down to (i) formulating leakages that arise from the index structure, and (ii) minimizing false positives incurred by some schemes under heavy data skew. We analytically detail the superiority of our proposals over prior work and experimentally confirm their practicality.

References

[1]

B. H. Bloom. Space/Time Trade-offs in Hash Coding with Allowable Errors. Commun. of the ACM, 1970.

Digital Library

[2]

A. Boldyreva, N. Chenette, Y. Lee, and A. O Neill. Order-Preserving Symmetric Encryption. In EUROCRYPT, 2009.

Digital Library

[3]

A. Boldyreva, N. Chenette, and A. O'Neill. Order-Preserving Encryption Revisited: Improved Security Analysis and Alternative Solutions. In CRYPTO, 2011.

Digital Library

[4]

D. Boneh and B. Waters. Conjunctive, Subset, and Range Queries on Encrypted Data. In Theory of cryptography, pages 535--554. Springer, 2007.

[5]

D. Cash, J. Jaeger, S. Jarecki, C. Jutla, H. Krawczyk, M. Rosu, and M. Steiner. Dynamic Searchable Encryption in Very-Large Databases: Data Structures and Implementation. In NDSS, 2014.

[6]

D. Cash, S. Jarecki, C. Jutla, H. Krawczyk, M.-C. Roşu, and M. Steiner. Highly-Scalable Searchable Symmetric Encryption with Support for Boolean Queries. In CRYPTO, 2013.

[7]

Y.-C. Chang and M. Mitzenmacher. Privacy Preserving Keyword Searches on Remote Encrypted Data. In ACNS, 2005.

Digital Library

[8]

M. Chase and S. Kamara. Structured Encryption and Controlled Disclosure. In ASIACRYPT, 2010.

[9]

R. Curtmola, J. Garay, S. Kamara, and R. Ostrovsky. Searchable Symmetric Encryption: Improved Definitions and Efficient Constructions. In CCS, 2006.

Digital Library

[10]

R. Curtmola, J. Garay, S. Kamara, and R. Ostrovsky. Searchable Symmetric Encryption: Improved Definitions and Efficient Constructions. Journal of Computer Security, 19(5):895--934, 2011.

Digital Library

[11]

S. Faber, S. Jarecki, H. Krawczyk, Q. Nguyen, M. Rosu, and M. Steiner. Rich queries on encrypted data: Beyond exact matches. In ESORICS. 2015.

[12]

C. Gentry. A Fully Homomorphic Encryption Scheme. PhD thesis, Stanford University, 2009.

Digital Library

[13]

C. Gentry. Computing Arbitrary Functions of Encrypted Data. Commun. of the ACM, 2010.

Digital Library

[14]

E.-J. Goh et al. Secure Indexes. IACR Cryptology ePrint Archive, 2003.

[15]

O. Goldreich. Foundations of Cryptography: Volume 1. Cambridge University Press, 2006.

Digital Library

[16]

O. Goldreich, S. Goldwasser, and S. Micali. How to Construct Random Functions. J. ACM, 33(4):792--807, 1986.

Digital Library

[17]

O. Goldreich and R. Ostrovsky. Software Protection and Simulation on Oblivious RAMs. J. ACM, 43(3):431--473, 1996.

Digital Library

[18]

H. Hacigümüş, B. Iyer, C. Li, and S. Mehrotra. Executing SQL over Encrypted Data in the Database-Service-Provider Model. In SIGMOD, 2002.

Digital Library

[19]

B. Hore, S. Mehrotra, M. Canim, and M. Kantarcioglu. Secure Multidimensional Range Queries over Outsourced Data. VLDB J., 21(3):333--358, 2012.

Digital Library

[20]

B. Hore, S. Mehrotra, and G. Tsudik. A Privacy-Preserving Index for Range Queries. In VLDB, 2004.

Digital Library

[21]

S. Kamara and C. Papamanthou. Parallel and Dynamic Searchable Symmetric Encryption. In Financial Cryptography, 2013.

[22]

S. Kamara, C. Papamanthou, and T. Roeder. Dynamic Searchable Symmetric Encryption. In CCS, 2012.

Digital Library

[23]

F. Kerschbaum and A. Schroepfer. Optimal Average-Complexity Ideal-Security Order-Preserving Encryption. In CCS, 2014.

Digital Library

[24]

A. Kiayias, S. Papadopoulos, N. Triandopoulos, and T. Zacharias. Delegatable Pseudorandom Functions and Applications. In CCS, 2013.

Digital Library

[25]

A. Lamb, M. Fuller, R. Varadarajan, N. Tran, B. Vandiver, L. Doshi, and C. Bear. The Vertica Analytic Database: C-store 7 Years Later. PVLDB, 2012.

Digital Library

[26]

R. Li, A. X. Liu, A. L. Wang, and B. Bruhadeshwar. Fast Range Query Processing with Strong Privacy Protection for Cloud Computing. PVLDB, 2014.

Digital Library

[27]

C. Mavroforakis, N. Chenette, A. O'Neill, G. Kollios, and R. Canetti. Modular Order-Preserving Encryption, Revisited. In SIGMOD, 2015.

Digital Library

[28]

M. Naveed, M. Prabhakaran, and C. A. Gunter. Dynamic searchable encryption via blind storage. In SP, 2014.

Digital Library

[29]

R. Ostrovsky. Efficient Computation on Oblivious RAMs. In STOC, 1990.

Digital Library

[30]

R. A. Popa, F. H. Li, and N. Zeldovich. An Ideal-Security Protocol for Order-Preserving Encoding. SP, 2013.

Digital Library

[31]

R. A. Popa, C. Redfield, N. Zeldovich, and H. Balakrishnan. CryptDB: Protecting Confidentiality with Encrypted Query Processing. In SOSP, 2011.

Digital Library

[32]

E. Shi, J. Bethencourt, T.-H. Chan, D. Song, and A. Perrig. Multi-Dimensional Range Query over Encrypted Data. In SP, 2007.

Digital Library

[33]

D. X. Song, D. Wagner, and A. Perrig. Practical Techniques for Searches on Encrypted Data. In SP, 2000.

Digital Library

[34]

E. Stefanov, C. Papamanthou, and E. Shi. Practical Dynamic Searchable Encryption with Small Leakage. 2014.

[35]

E. Stefanov and E. Shi. ObliviStore: High Performance Oblivious Cloud Storage. In SP, 2013.

Digital Library

[36]

E. Stefanov, E. Shi, and D. Song. Towards Practical Oblivious RAM. NDSS, 2012.

[37]

E. Stefanov, M. Van Dijk, E. Shi, C. Fletcher, L. Ren, X. Yu, and S. Devadas. Path ORAM: An Extremely Simple Oblivious RAM Protocol. In CCS, 2013.

Digital Library

[38]

S. Tu, M. F. Kaashoek, S. Madden, and N. Zeldovich. Processing Analytical Queries over Encrypted Data. In PVLDB, 2013.

Digital Library

[39]

P. Van Liesdonk, S. Sedghi, J. Doumen, P. Hartel, and W. Jonker. Computationally Efficient Searchable Symmetric Encryption. In SDM. 2010.

Digital Library

Cited By

Mei ZHuang JWu BZhang CZou HShi JCheng Z(2024)A Secure and Fast Range Query Scheme for Encrypted Multi-Dimensional DataInternational Journal of Web Services Research10.4018/IJWSR.34039121:1(1-17)Online publication date: 9-Apr-2024
https://dl.acm.org/doi/10.4018/IJWSR.340391
De Capitani di Vimercati SFacchinetti DForesti SOldani GParaboschi SRossi MSamarati P(2024)Multi-Dimensional Flat Indexing for Encrypted DataIEEE Transactions on Cloud Computing10.1109/TCC.2024.340890512:3(928-941)Online publication date: Jul-2024
https://doi.org/10.1109/TCC.2024.3408905
Dou YChan H(2024)Leakage-Suppressed Encrypted Keyword Queries Over Multiple Cloud ServersIEEE Transactions on Cloud Computing10.1109/TCC.2023.333322312:1(26-39)Online publication date: Jan-2024
https://doi.org/10.1109/TCC.2023.3333223
Show More Cited By

Index Terms

Practical Private Range Search Revisited
1. Information systems
  1. Data management systems
    1. Database management system engines
      1. Database query processing
2. Security and privacy
  1. Database and storage security
    1. Management and querying of encrypted data
  2. Security services
    1. Privacy-preserving protocols

Recommendations

Practical Private Range Search in Depth
Best of SIGMOD 2016 Papers and Regular Papers

We consider a data owner that outsources its dataset to an untrusted server. The owner wishes to enable the server to answer range queries on a single attribute, without compromising the privacy of the data and the queries. There are several schemes on “...
Order-preserving encryption revisited: improved security analysis and alternative solutions
CRYPTO'11: Proceedings of the 31st annual conference on Advances in cryptology

We further the study of order-preserving symmetric encryption (OPE), a primitive for allowing efficient range queries on encrypted data, recently initiated (from a cryptographic perspective) by Boldyreva et al. (Eurocrypt'09). First, we address the open ...
Modular Order-Preserving Encryption, Revisited
SIGMOD '15: Proceedings of the 2015 ACM SIGMOD International Conference on Management of Data

Order-preserving encryption (OPE) schemes, whose ciphertexts preserve the natural ordering of the plaintexts, allow efficient range query processing over outsourced encrypted databases without giving the server access to the decryption key. Such schemes ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

SIGMOD '16: Proceedings of the 2016 International Conference on Management of Data

June 2016

2300 pages

ISBN:9781450335317

DOI:10.1145/2882903

General Chairs:
Fatma Özcan
IBM Research, USA
,
Georgia Koutrika
HP Labs, USA
,
Program Chair:
Sam Madden
Massachusetts Institute of Technology, USA

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGMOD: ACM Special Interest Group on Management of Data

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 June 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Seventh Framework Programme

Conference

SIGMOD/PODS'16

Sponsor:

SIGMOD

SIGMOD/PODS'16: International Conference on Management of Data

June 26 - July 1, 2016

California, San Francisco, USA

Acceptance Rates

Overall Acceptance Rate 785 of 4,003 submissions, 20%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

101
Total Citations
View Citations
978
Total Downloads

Downloads (Last 12 months)67
Downloads (Last 6 weeks)10

Reflects downloads up to 16 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Mei ZHuang JWu BZhang CZou HShi JCheng Z(2024)A Secure and Fast Range Query Scheme for Encrypted Multi-Dimensional DataInternational Journal of Web Services Research10.4018/IJWSR.34039121:1(1-17)Online publication date: 9-Apr-2024
https://dl.acm.org/doi/10.4018/IJWSR.340391
De Capitani di Vimercati SFacchinetti DForesti SOldani GParaboschi SRossi MSamarati P(2024)Multi-Dimensional Flat Indexing for Encrypted DataIEEE Transactions on Cloud Computing10.1109/TCC.2024.340890512:3(928-941)Online publication date: Jul-2024
https://doi.org/10.1109/TCC.2024.3408905
Dou YChan H(2024)Leakage-Suppressed Encrypted Keyword Queries Over Multiple Cloud ServersIEEE Transactions on Cloud Computing10.1109/TCC.2023.333322312:1(26-39)Online publication date: Jan-2024
https://doi.org/10.1109/TCC.2023.3333223
Ngai NDemertzis IChamani JPapadopoulos D(2024)Distributed & Scalable Oblivious Sorting and Shuffling2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00153(4277-4295)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00153
Shirotake SShimizu K(2024)Efficient Privacy Preserving Range Query Using Segment Tree2024 58th Annual Conference on Information Sciences and Systems (CISS)10.1109/CISS59072.2024.10480202(1-6)Online publication date: 13-Mar-2024
https://doi.org/10.1109/CISS59072.2024.10480202
Chamani JDemertzis IPapadopoulos DPapamanthou CJalili R(2023)GraphOS: Towards Oblivious Graph ProcessingProceedings of the VLDB Endowment10.14778/3625054.362506716:13(4324-4338)Online publication date: 4-Dec-2023
https://doi.org/10.14778/3625054.3625067
Li FMa JMiao YLiu XNing JDeng R(2023)A Survey on Searchable Symmetric EncryptionACM Computing Surveys10.1145/361799156:5(1-42)Online publication date: 27-Nov-2023
https://dl.acm.org/doi/10.1145/3617991
Yang XWang AWang QQi SQi Y(2023)A Practical and Privacy-Preserving Vehicular Data Sharing Framework by Using Blockchain2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)10.1109/TrustCom60117.2023.00177(1300-1305)Online publication date: 1-Nov-2023
https://doi.org/10.1109/TrustCom60117.2023.00177
Zhang SRay SLu RGuan YZheng YShao J(2023)SecBerg: Secure and Practical Iceberg Queries in CloudIEEE Transactions on Services Computing10.1109/TSC.2023.326471016:5(3696-3710)Online publication date: Sep-2023
https://doi.org/10.1109/TSC.2023.3264710
Sun LZhang YZheng YSong WLu R(2023)Towards Efficient and Privacy-Preserving High-Dimensional Range Query in CloudIEEE Transactions on Services Computing10.1109/TSC.2023.325964216:5(3766-3781)Online publication date: Sep-2023
https://doi.org/10.1109/TSC.2023.3259642
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents