期刊论文详细信息
ETRI Journal
Address Permutation for Privacy-Preserving Searchable Symmetric Encryption
关键词: access pattern;    searchable symmetric encryption;    privacy;    Database security;   
Others  :  1186428
DOI  :  10.4218/etrij.12.0111.0243
PDF
【 摘 要 】

This paper proposes a privacy-preserving database encryption scheme that provides access pattern hiding against a service provider. The proposed scheme uses a session key to permute indices of database records each time they are accessed. The proposed scheme can achieve access pattern hiding in situations in which an adversary cannot access the inside of the database directly, by separating the entity with an index table and data table and permuting both the index and position where the data are stored. Moreover, it is very efficient since only O(1) server computation and communication cost are required in terms of the number of the data stored. It can be applied to cloud computing, where the intermediate entities such as cloud computing service provider can violate the privacy of users or patients.

【 授权许可】

   

【 预 览 】
附件列表
Files Size Format View
20150520125611831.pdf 464KB PDF download
【 参考文献 】
  • [1]R. Curtmola et al., "Searchable Symmetric Encryption: Improved Definitions and Efficient Constructions," 13th ACM Conf. Comput. Commun. Security, 2006.
  • [2]Y.C. Chang and M. Mitzenmacher, "Privacy Preserving Keyword Searches on Remote Encrypted Data," Applied Cryptography Netw. Security Conf., 2005.
  • [3]Z. Yang, S. Zhong, and R. Wright, "Privacy-Preserving Queries on Encrypted Data," 11th European Symposium Research in Security, 2006.
  • [4]M. Kantarcıoglu and C. Clifton, "Security Issues in Querying Encrypted Data," Purdue Computer Science Technical Report 04-013, 2004.
  • [5]M. Abdalla et al., "Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions," Crypto, 2005.
  • [6]D. Song, D. Wagner, and A. Perrig, "Practical Techniques for Searches on Encrypted Data," Proc. IEEE Symp. Security Privacy, 2000, pp. 44-55.
  • [7]O. Goldreich and R. Ostrovsky, "Software Protection and Simulation on Oblivious RAMs," J. ACM, vol. 43, no. 3, 1996, pp. 431-473.
  • [8]B. Chor et al., "Private Information Retrieval," J. ACM, vol. 45, no. 6, 1998, pp. 965-982.
  • [9]S.W. Smith and D. Safford, "Practical Private Information Retrieval with Secure Coprocessors," IBM Research Report, RC 21806, 2000.
  • [10]R. Ostrovsky and W.E. Skeith, "A Survey of Single-Database Private Information Retrieval: Techniques and Applications," LNCS, vol. 4450, 2007, pp. 393-411.
  • [11]Q. Chai and G. Gondm, "Verifiable Symmetric Searchable Encryption for Semi-Honest-but-Curious Cloud Servers." http://www.cacr.math.uwaterloo.ca/techreports/2011/cacr2011-22.pdf
  • [12]E. Shi et al., "Multi-Dimensional Range Query over Encrypted Data," Proc. IEEE Symp. Security Privacy, 2007, pp. 350-364.
  • [13]H. Pang and K.L. Tan, "Verifying Completeness of Relational Query Answers from Online Servers," ACM Trans. Inf. Syst. Security, vol. 11, no. 2, article 9, May 2008.
  • [14]M. Abdalla et al., "Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, End Extensions," Proc. Adv. Cryptology, LNCS, vol. 3621, 2005, pp. 205-222.
  • [15]J. Bethencourt, D. Song, and B. Waters, "New Techniques for Private Stream Searching," ACM Trans. Inf. Syst. Security, vol. 12, no. 3, article 16, Jan. 2009.
  • [16]P. Paillier, "Public-Key Cryptosystems Based on Composite Degree Residuosity Classes," Proc. Adv. Cryptology: EUROCRYPT, LNCS, vol. 1592, 1999, pp. 232-238.
  • [17]H. Pang, J. Shen, and R. Krishnan, "Privacy-Preserving Similarity-Based Text Retrieval," ACM Trans. Internet Technol., vol. 10, no. 1, article 4, Feb. 2010.
  • [18]C. Wang et al., "Secure Ranked Keyword Search over Encrypted Cloud Data," Proc. Int. Conf. Distrib. Comput. Syst., 2010, pp. 253-262.
  • [19]C. Wang et al., "Secure Ranked Keyword Search over Encrypted Cloud Data," Proc. Int. Conf. Distrib. Comput. Syst., 2010, pp. 253-262.
  • [20]A. Boldyreva et al., "Order-Preserving Symmetric Encryption," Proc. Eurocrypt, LNCS, vol. 5479, 2009, pp. 224-241.
  • [21]H. Pang, J. Zhang, and K. Mouratidis, "Scalable Verification for Outsourced Dynamic Databases," Proc. 35th VLDB Conf., Aug. 2009, pp. 802-813.
  • [22]S. Papadopoulos, W. Cheng, and K.L. Tan, "Separating Authentication from Query Execution in Outsourced Databases," Proc. 25th Int. Conf. Data Eng., Apr. 2009, pp. 1148-1151.
  • [23]R. Gennaro, C. Gentry, and B. Parno, "Non-interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers," Proc. Adv. Cryptology: CRYPTO, 2010, pp. 465-482.
  • [24]C. Gentry, "Fully Homomorphic Encryption Using Ideal Lattices," Proc. 41st Annual ACM Symp. Theory Comput., 2009, pp. 169-178.
  • [25]M. Dijk et al., "Fully Homomorphic Encryption over the Integers," Proc. Adv. Cryptology: EUROCRYPT, 2010, pp. 24-43.
  • [26]A. Joux, "A One Round Protocol for Tripartite Diffie-Hellman," Proc. Algorithmic Number Theory, LNCS, vol. 1838, 2000, pp. 385-393.
  文献评价指标  
  下载次数:3次 浏览次数:36次