640 likes | 861 Views
Managing and querying encrypted data. Trần Mỹ Giao Huỳnh Mai Thúy. 1. 3. 2. 4. Outline. Introduction. DAS - Storing and querying encrypted data. Trust, Encryption Key- Management, Integrity & Data confidentiality. References. Introduction. Two new challenges emerge:
E N D
Managing and querying encrypted data Trần Mỹ Giao Huỳnh Mai Thúy
1 3 2 4 Outline Introduction DAS - Storing and querying encrypted data Trust, Encryption Key- Management, Integrity & Data confidentiality References
Introduction Two new challenges emerge: • Efficient encryption algorithms for relational data • Supporting query on the encrypted relational data. Example: secure email server.
1 3 2 4 Outline Introduction DAS - Storing and querying encrypted data Trust, Encryption Key- Management, Integrity & Data confidentiality References
What is DAS ? • It is a paradigm wherein data owned by a client is hosted on a third-party server • There is significant interest in secure query evaluation over encrypted databases.
DAS - Storing and querying encrypted data • DAS set up and security model • Querying encrypted relational data • Relational encryption and storage model • Keyword search on encrypted text data • Search over encrypted XML data
DAS setup and security • Data-owner, clients, server • Data must be encrypted on the server and only decrypted on the client-side.
Querying encrypted relational data • EMP(eid, ename, salary, addr, did) • DEPARTMENT(did, dname, mgr) • The goal in DAS is to process the query directly at the server without the need to decrypt the data.
Querying encrypted relational data • Requires mechanism to support the following basic operator over encrypted data • Comparison operators • Arithmetic operators
2 categories • Approaches based on new encyption techniques • Information-hiding based Approaches
Approaches based on new encryption techniques • Support either arthrimetic and/or comparison operators • PH supports basic arithmetic operations,and doesn’t allow comparison. • Order-preserving encryption: support comparison, join, selection, sorting, grouping, not support aggregation. • The limitation: • Only safe under limited situations where the adversary knowledge is limited.
Information-hiding based Approaches • Store additional auxiliary information along with encrypted data • Secure indices are designed carefully exploiting information hiding mechanism .
Information-hiding based Approaches • 3 basic techniques: • Pertubation :Add a random value to the true value (numeric attribute) • Generalization : Replace a numeric or categorical value by a more general value • Swapping : swap the values of a specific attribute of two records
Information-hiding based Approaches • Support comparison , select – project - join , sorting ,grouping. • Cannot support aggregation at the server.
Relational encryption and storage model • R(A1, A2,.., An) • Emp(etuple, eid, ename, salary, addr, did)
Relational encryption and storage model • Partition functions: • Patition(emp.eid) = {[0,200], [200, 400],[400,600],[600, 800], [800, 1000]} • Identification functions: E.g. : Ident(emp.eid)([0,200]) =2
Relational encryption and storage model • Mapping functions • Map(emp.eid)(395) = 7 • Storing encrypted data
Relational encryption and storage model • Decyption functions • D(Rs) = R • Mapping condition • To translate query conditions to corresponding conditions over the server-side, Map (cond) is called.
Translating Realtional Operator • The Selection Operator: • E.g. :C = eid < 395 & did = 140 (emp)
Query Execution • Give an example:
Query Execution • Give an example:
Query Execution • Give an example:
Query Execution • Give an example:
Keyword search on encrypted text data • Answer is
Private key based search scheme on encrypted text data • Secure index: reveals no imformation about its content to the adversary • However, allows the adversary to tests the presence or absence of the keyword using a trapdoor • A user search for documents containing word w, generates a trapdoor , which can be used by adversary to retieve documents.
Secure index’s creation • Alice generates a sequence of pseudo-random values s1...sn, using a stream cipher. • For each string si, Alice using pseudo-random function Fk(si) to generate a random m-bit sequence • Then computes n-bit sequence ti= <si, Fk(si)> • Ciphertext ci = wi XOR ti • Secure index is a set of ci.
Secure index’s creation • To prevent adversary from knowing what keyword is, pre- encrypt each word w using algorithm Ek • Instead of using w below, we using xi = Ek(wi) to replace xi.
Search over encrypted XML data • There has been little work in the area of encrypted XML data management. • Two kinds of information the client may consider as sensitive: • Individual node with its content • Association between data values.
Search over encrypted XML data • The notion of security constraints (SCs) that support both types of security requirements above. • Such constraints can be specified in the form of Xpath expressions and may be classified as either node-type constraints or association-type constraints.
Search over encrypted XML data • Hiding individual node with its content by encrypting their content • Hiding Association between data values by encrypting any one of the nodes can enforce the SC
Search over encrypted XML data • Query processing follows the typical DAS approach that we mentioned earlier • Using two indexes( is call discontinuous structural interval index(DSI)) • One is the structural index to enable tree traversal • The second one is a value index for enabling attribute value based queries like range queries.
Search over encrypted XML data • Use an “order-preserving encryption” scheme to transform the values from their original domain to a new domain Use B-trees to implement range-queries • This scheme is unsafe under known plaintext attack
1 3 2 4 Outline Introduction DAS - Storing and querying encrypted data Trust, Encryption Key- Management, Integrity & Data confidentiality References
Trust, Key- management, Integrity & Data confidentiality • 3 basic models of trust that are widely studied in literature: • Complete trust : the data management issues are similar to those arising in standard DBMS systems • Partial trust : ensure the confidentiality of sensitive data • Un-trusted model :ensure authenticity of data and correctness of query results
Trust, Key- management, Integrity & Data confidentiality • Encrypting relational data • Authentication and integrity issues • Key management in DAS
Encrypting relational data • Three important issues to keep in mind • Encryption algorithms • Encryption granularity • Efficient storage for encrypted data
1) Encryption algorithms • Symmetric key • DES : the effective key length is 56 bits, the block size is 64 bits • AES : Each of these ciphers has a 128-bit block size, with key sizes of 128, 192 and 256 bits • Blowfish : 64-bit block size and a variable key length from 32 up to 448 bits
AES DES
1) Encryption algorithms • Public-key encryption: • Avoids the problem of secure key distribution • E.g. : RSA
2) Encryption granularity • Field level • The smallest achievable granularity • Each attribute value of a tuple is encrypted separately
2) Encryption granularity • Record / row level • Each row is encrypted separately • Does not differentiate between sensitive and non-sensitive data
2) Encryption granularity • Attribute / column level: • Only sensitive attributes are encrypted
2) Encryption granularity • Page / block level : • Whenever a page/block of sensitive data is stored, the entire block is encrypted
3) Efficient storage for encrypted data • The performance issues associated with storage of encrypted data on the disk • “ Partitioned Plaintext and Cipher text” (PPC) : • Cluster the non-sensitive and sensitive data minimize the number of encryption operations