Abstract
With the growing opportunities in cloud computing, different types of databases are used for storing and managing heterogeneous data in the cloud. However, several reported data breaches show that data security promises as per cloud agreement are not adequate to move critical data to cloud. Homomorphic Encryption (HE) emerges as a security solution in this regard. However, it is a non-trivial task to realize any algorithm in circuit-based representation to be implemented in homomorphic domain. Moreover, existing encrypted databases are with limited features and still not fully able to perform SQL query processing along with complex mathematical operations in encrypted domain without any need of intermediate decryption. In this work, we explore implementing the encrypted counterparts of a few complex transaction-SQL related mathematical functions like ABS(), CEILING(), FLOOR(), SIGN(), SQUARE(), POWER(), and SQRT(), which are heavily used in cloud database queries. We have evaluated these mathematical operators without any intermediate decryption, considering the support of underlying fully homomorphic encryption (FHE). Though the usage of underlying FHE scheme incurs some performance bottleneck, our proposed designs are flexible enough to be realized on any leveled homomorphic encryption (LHE) scheme for performance improvement. Experimental results show FHE encrypted SQL conditional SELECT operations with complex mathematical functions can be performed within 48 min on a single processor for a dataset of 768 rows with 9 columns, and each data size of 16-bit. Performance can be further improved by suitable implementation platform translation from CPU to GPU or with the restrictions of leveled fully homomorphic encryption.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Mai, P.T.A., Nurminen, J.K., Francesco, M.D.: Cloud databases for Internet-of-Things data. In: Proceedings of the IEEE International Conference on Internet of Things (iThings) (2014)
Bradford contel 7 most infamous cloud security breaches (2018). https://blog.storagecraft.com/7-infamous-cloud-security-breaches/
Nie, X., Yang, L.T., Feng, J., Zhang, S.: Differentially private tensor train decomposition in edge-cloud computing for SDN-based internet of things. IEEE Internet Things J. 7, 5695–5705 (2020)
Gentry, C.: A fully homomorphic encryption scheme, in Ph.D. Dissertation, Stanford, CA, USA. Advisor(s) Boneh, D.: AAI3382729 (2009)
Acar, A., Aksu, H., Uluagac, A.S., Conti, M.: A Surveyon homomorphic encryption schemes: theory and implementation. arXiv:1704.03578v2 [cs.CR] (2017)
Vinayagamurthy, D., Gribov, A., Gorbunov, S.: StealthDB: a scalable encrypted database with full SQL query support. arXiv:1711.02279v2, [cs.CR] (2019)
Egorov, M., Wilkison, M.: Zerodb white paper. CoRR absarXiv : 1602.07168
Popa, R.A., Redfield, C.M.S., Zeldovich, N., Balakrishnan, H.: CryptDB: protecting confidentiality with encrypted query processing. In: Proceedings of the 23rd ACM Symposium on Operating System Principles, pp. 85–100 (2011)
Kumarage, H., Khalil, I., Alabdulatif, A., Tari, Z., Yi, X.: Secure data analytics for cloud-integrated Internet of Things applications. IEEE Cloud Comput. 3(2), 46–56 (2016)
Always encrypted. https://www.cs.purdue.edu/homes/csjgwang/cloudb/EncrptedSQLSIGMOD20.pdf
Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystem. In: Proceedings of the Communication. ACM, pp. 120–126 (1978)
Gamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. Inf. IEEE Trans. 31(4), 469–472 (1985)
Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_16
Boneh, D., Goh, E.-J., Nissim, K.: Evaluating 2-DNF formulas on ciphertexts. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 325–341. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30576-7_18
Brakerski, Z., Gentry, C., Vaikuntanathan, V.: (Leveled) fully homo-morphic encryption without bootstrapping. In: Proceedings of the 3rd Innovations in Theoretical Computer Science Conference (ITCS 2012), pp. 309–325. ACM, NewYork (2012)
Grubbs, P., Ristenpart, T., Shmatikov, V.: Why your encrypted database is not secure. HotOS 2017, 162–168 (2017)
Mathematical functions(transact-sql). https://docs.microsoft.com/en-us/sql/t-sql/functions/mathematical-functions-transact-sql?view=sql-server-ver15
Gentry, C.: Computing arbitrary functions of encrypted data. Commun. ACM 53(3), 97–105 (2010)
Chatterjee, A., Aung, K.M.M.: Fully homomorphic encryption in real world application (2019)
Rass, S., Slamanig, D.: Cryptography for Security and Privacy in Cloud Computing. Artech House Inc., Norwood (2013)
Chatterjee, A., Sengupta, I.: Translating algorithms to handle fully homomorphic encrypted data on the cloud. IEEE Trans. Cloud Comput. 6(1), 287–300 (2018)
Ghulam, A.: Top 5 databases to store data of IoT applications (2021). https://iot4beginners.com/top-5-databases-to-store-iot-data/
Influxdb design insights and tradeoffs. https://docs.influxdata.com/influxdb/v1.8/concepts/insights_tradeoffs/
Compare cratedb. https://crate.io/cratedb-comparison/cratedb-vs-mongodb/
RethinkDB: Rethinkdb https://rethinkdb.com/faq/
Xue, K., Li, S., Hong, J., Xue, Y., Yu, P., Hong, N.: Two-cloud secure database for numeric-related SQL range queries with privacy preserving. IEEE Trans. Inf. Forensics Secur. 12(7), 1596–1608 (2017)
Xu, C., Chen, J., Wu, W., Feng, Y.: Homomorphically encrypted arithmetic operations over the integer ring, pp. 167–181 (2016)
Built-in mathematical SQL functions. https://www.sqlite.org/langmathfunc.html
Chillotti, I., Gama, N., Georgieva, M., Izabachne, M.: Faster fully homomorphic encryption : bootstrapping [1] in less than 0.1 seconds. Cryptology ePrint Archive Report 2016/870 (2016). https://eprint.iacr.org/2016/870
Shift-and-add multiplication. https://users.utcluj.ro/baruch/book_ssce/SSCE-Shift-Mult.pdf
Gosh, A., Chatterjee, A.: Practical performance improvement of domain aware encrypted computing. In: Proceedings of the ICMC (2021). Accepted
Jena, A., Panda, S.K.: Revision of various square-root algorithms for efficient VLSI signal processing applications. Proc. MCSP 2016, 38–41 (2016)
Pima indians diabetes database. https://www.kaggle.com/uciml/pima-indians-diabetes-database
NuFHE. A GPU implementation of fully homomorphic encryption on torus. https://github.com/nucypher/nufhe
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 Springer Nature Switzerland AG
About this paper
Cite this paper
Parbat, T., Chatterjee, A. (2022). Encrypted SQL Arithmetic Functions Processing for Secure Cloud Database. In: Batina, L., Picek, S., Mondal, M. (eds) Security, Privacy, and Applied Cryptography Engineering. SPACE 2021. Lecture Notes in Computer Science(), vol 13162. Springer, Cham. https://doi.org/10.1007/978-3-030-95085-9_11
Download citation
DOI: https://doi.org/10.1007/978-3-030-95085-9_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-95084-2
Online ISBN: 978-3-030-95085-9
eBook Packages: Computer ScienceComputer Science (R0)