Skip to main content
SpringerLink
Log in

Enabling Compressed Encryption for Cloud Based Big Data Stores

  • Conference paper
  • First Online:
Cryptology and Network Security (CANS 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11829))

Included in the following conference series:

Abstract

We propose a secure yet efficient data query system for cloud-based key-value store. Our system supports encryption and compression to ensure confidentiality and query efficiency simultaneously. To reconcile encryption and compression without compromising performance, we propose a new encrypted key-value storage structure based on the concept of horizontal-vertical division. Our storage structure enables fine-grained access to compressed yet encrypted key-value data. We further combine several cryptographic primitives to build secure search indexes on the storage structure. As a result, our system supports rich types of queries including key-value query and range query. We implement a prototype of our system on top of Cassandra. Our evaluation shows that our system increases the throughput by up to 7 times and compression ratio by up to 1.3 times with respect to previous works.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Enron email dataset. https://www.cs.cmu.edu/~enron/, Accessed 4 Feb 2019

  2. Hbase: the hadoop database, a distributed, scalable, big data store. http://hbase.apache.org. Accessed 4 Feb 2019

  3. Redis: an advanced key-value cache and store. http://redis.io/. Accessed 4 Feb 2019

  4. Abadi, D., Madden, S., Ferreira, M.: Integrating compression and execution in column-oriented database systems. In: Proceedings of the 2006 ACM SIGMOD International Conference on Management of Data, pp. 671–682. ACM (2006)

    Google Scholar 

  5. Agarwal, R., Khandelwal, A., Stoica, I.: Succinct: enabling queries on compressed data. In: 12th USENIX Symposium on Networked Systems Design and Implementation (NSDI 2015), pp. 337–350 (2015)

    Google Scholar 

  6. Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data, pp. 563–574. ACM (2004)

    Google Scholar 

  7. Binnig, C., Hildenbrand, S., Färber, F.: Dictionary-based order-preserving string compression for main memory column stores. In: Proceedings of the 2009 ACM SIGMOD International Conference on Management of Data, pp. 283–296. ACM (2009)

    Google Scholar 

  8. Blaze, M.: A cryptographic file system for UNIX. In: Proceedings of the 1st ACM Conference on Computer and Communications Security, pp. 9–16. ACM (1993)

    Google Scholar 

  9. Boldyreva, A., Chenette, N., Lee, Y., O’Neill, A.: Order-preserving symmetric encryption. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 224–241. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01001-9_13

    Chapter  Google Scholar 

  10. Boldyreva, A., Chenette, N., O’Neill, A.: Order-preserving encryption revisited: improved security analysis and alternative solutions. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 578–595. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22792-9_33

    Chapter  Google Scholar 

  11. Boneh, D., Lewi, K., Raykova, M., Sahai, A., Zhandry, M., Zimmerman, J.: Semantically secure order-revealing encryption: multi-input functional encryption without obfuscation. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 563–594. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46803-6_19

    Chapter  Google Scholar 

  12. Chang, F., et al.: A distributed storage system for structured data. In: Proceedings of OSDI, pp. 6–8 (2006)

    Google Scholar 

  13. Chen, X., Huang, X., Li, J., Ma, J., Lou, W., Wong, D.S.: New algorithms for secure outsourcing of large-scale systems of linear equations. IEEE Trans. Inf. Forensics Secur. 10(1), 69–78 (2015)

    Article  Google Scholar 

  14. Chen, X., Li, J., Ma, J., Tang, Q., Lou, W.: New algorithms for secure outsourcing of modular exponentiations. IEEE Trans. Parallel Distrib. Syst. 25(9), 2386–2396 (2014)

    Article  Google Scholar 

  15. Chenette, N., Lewi, K., Weis, S.A., Wu, D.J.: Practical order-revealing encryption with limited leakage. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 474–493. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-52993-5_24

    Chapter  MATH  Google Scholar 

  16. DeCandia, G., et al.: Dynamo: Amazon’s highly available key-value store. In: ACM SIGOPS Operating Systems Review, vol. 41, pp. 205–220. ACM (2007)

    Google Scholar 

  17. Escriva, R., Wong, B., Sirer, E.G.: HyperDex: a distributed, searchable key-value store. In: Proceedings of the ACM SIGCOMM 2012 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, pp. 25–36. ACM (2012)

    Google Scholar 

  18. Goh, E.J., Shacham, H., Modadugu, N., Boneh, D.: SiRiUS: securing remote untrusted storage. In: NDSS, vol. 3, pp. 131–145 (2003)

    Google Scholar 

  19. Goldstein, J., Ramakrishnan, R., Shaft, U.: Compressing relations and indexes. In: Proceedings of the 14th International Conference on Data Engineering, pp. 370–379. IEEE (1998)

    Google Scholar 

  20. Graefe, G., Shapiro, L.D.: Data compression and database performance. In: Proceedings of the 1991 Symposium on Applied Computing, pp. 22–27. IEEE (1991)

    Google Scholar 

  21. Guo, Y., Yuan, X., Wang, X., Wang, C., Li, B., Jia, X.: Enabling encrypted rich queries in distributed key-value stores. IEEE Trans. Parallel Distrib. Syst. 30(6), 1283–1297 (2018)

    Article  Google Scholar 

  22. He, Y., et al.: RCFile: a fast and space-efficient data placement structure in MapReduce-based warehouse systems. In: 2011 IEEE 27th International Conference on Data Engineering, pp. 1199–1208. IEEE (2011)

    Google Scholar 

  23. Heron, S.: Advanced encryption standard (AES). Netw. Secur. 2009(12), 8–12 (2009)

    Article  Google Scholar 

  24. Holloway, A.L., Raman, V., Swart, G., DeWitt, D.J.: How to barter bits for chronons: compression and bandwidth trade offs for database scans. In: Proceedings of the 2007 ACM SIGMOD International Conference on Management of Data, pp. 389–400. ACM (2007)

    Google Scholar 

  25. Iyer, B.R., Wilhite, D.: Data compression support in databases. In: VLDB, vol. 94, pp. 695–704 (1994)

    Google Scholar 

  26. Johnson, T.: Performance measurements of compressed bitmap indices. In: Proceedings of the 25th International Conference on Very Large Data Bases, pp. 278–289. Morgan Kaufmann Publishers Inc. (1999)

    Google Scholar 

  27. Kallahalla, M., Riedel, E., Swaminathan, R., Wang, Q., Fu, K.: Plutus: scalable secure file sharing on untrusted storage. In: Fast, vol. 3, pp. 29–42 (2003)

    Google Scholar 

  28. Kher, V., Kim, Y.: Securing distributed storage: challenges, techniques, and systems. In: Proceedings of the 2005 ACM Workshop on Storage Security and Survivability, pp. 9–25. ACM (2005)

    Google Scholar 

  29. Lakshman, A., Malik, P.: Cassandra: a decentralized structured storage system. ACM SIGOPS Oper. Syst. Rev. 44(2), 35–40 (2010)

    Article  Google Scholar 

  30. Macedo, R., et al.: A practical framework for privacy-preserving NoSQL databases. In: 2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS), pp. 11–20. IEEE (2017)

    Google Scholar 

  31. MacNicol, R., French, B.: Sybase IQ multiplex-designed for analytics. In: Proceedings of the Thirtieth International Conference on Very Large Data Bases, vol. 30, pp. 1227–1230. VLDB Endowment (2004)

    Google Scholar 

  32. Ousterhout, J., et al.: The ramcloud storage system. ACM Trans. Comput. Syst. (TOCS) 33(3), 7 (2015)

    Article  Google Scholar 

  33. Pappas, V., et al.: Blind seer: a scalable private DBMS. In: 2014 IEEE Symposium on Security and Privacy, pp. 359–374. IEEE (2014)

    Google Scholar 

  34. Poddar, R., Boelter, T., Popa, R.A.: Arx: a strongly encrypted database system. IACR Cryptology ePrint Archive 2016/591 (2016)

    Google Scholar 

  35. Popa, R.A., Redfield, C., Zeldovich, N., Balakrishnan, H.: CryptDB: protecting confidentiality with encrypted query processing. In: Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, pp. 85–100. ACM (2011)

    Google Scholar 

  36. Ray, G., Haritsa, J.R., Seshadri, S.: Database compression: a performance enhancement tool. In: COMAD. Citeseer (1995)

    Google Scholar 

  37. Ren, K., Wang, C., Wang, Q.: Security challenges for the public cloud. IEEE Internet Comput. 16(1), 69–73 (2012)

    Article  MathSciNet  Google Scholar 

  38. Wang, J., Chen, X., Li, J., Zhao, J., Shen, J.: Towards achieving flexible and verifiable search for outsourced database in cloud computing. Future Gener. Comput. Syst. 67, 266–275 (2017)

    Article  Google Scholar 

  39. Wang, J., Miao, M., Gao, Y., Chen, X.: Enabling efficient approximate nearest neighbor search for outsourced database in cloud computing. Soft. Comput. 20(11), 4487–4495 (2016)

    Article  Google Scholar 

  40. Yuan, X., Wang, X., Wang, C., Qian, C., Lin, J.: Building an encrypted, distributed, and searchable key-value store. In: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, pp. 547–558. ACM (2016)

    Google Scholar 

  41. Zheng, W., Li, F., Popa, R.A., Stoica, I., Agarwal, R.: MiniCrypt: reconciling encryption and compression for big data stores. In: Proceedings of the Twelfth European Conference on Computer Systems, pp. 191–204. ACM (2017)

    Google Scholar 

  42. Zukowski, M., Heman, S., Nes, N., Boncz, P.A.: Super-scalar RAM-CPU cache compression. In: ICDE, vol. 6, p. 59 (2006)

    Google Scholar 

Download references

Acknowledgement

We acknowledge the support from National Natural Science Foundation of China (Nos. 61602363 and 61572382), China 111 Project (No. B16037) and China Postdoctoral Science Foundation (No. 2016M590927).

Author information

Authors and Affiliations

  1. School of Cyber Engineering, Xidian University, Xi’an, 710071, China

    Meng Zhang, Saiyu Qi & Fuyou Zhang

  2. State Key Laboratory of Cryptology, P.O. Box 5159, Beijing, 100878, China

    Meng Zhang

  3. National Engineering Laboratory for Wireless Security, Xi’an University of Posts and Telecommunications, Xi’an, 710121, China

    Meixia Miao

Authors
  1. Meng Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Saiyu Qi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Meixia Miao
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Fuyou Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Saiyu Qi .

Editor information

Editors and Affiliations

  1. Fujian Normal University, Fuzhou, China

    Yi Mu

  2. Singapore Management University, Singapore, Singapore

    Robert H. Deng

  3. Fujian Normal University, Fuzhou, China

    Xinyi Huang

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Zhang, M., Qi, S., Miao, M., Zhang, F. (2019). Enabling Compressed Encryption for Cloud Based Big Data Stores. In: Mu, Y., Deng, R., Huang, X. (eds) Cryptology and Network Security. CANS 2019. Lecture Notes in Computer Science(), vol 11829. Springer, Cham. https://doi.org/10.1007/978-3-030-31578-8_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-31578-8_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-31577-1

  • Online ISBN: 978-3-030-31578-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation