Abstract
Privacy-preserving query processing (PPQP) techniques are increasingly important in collaborative scenarios, where users need to execute queries on large amount of data shared among different parties who do not want to disclose private data to the others. In many cases, secure multi-party computation (SMC) protocols can be applied, but the resulting solutions are known to suffer from high computation and communication costs. In this paper, we describe a scalable protocol for performing queries in distributed data while respecting the data owners’ privacy. Our solution is applicable both to equality and range queries, and relies on a bucketization technique in order to reduce time complexity. We show the effectiveness of our approach through theoretical and practical analysis.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
User authentication is outside the scope of the current paper and will not be discussed here.
- 2.
The initiator is selected at the time of matrix \(W\) generation by TTP.
- 3.
Without loss of generality, the association of row vectors to data owners can be changed according to the selected permutation \(\pi _i\) when the TTP generates the matrix \(W\).
- 4.
The keys \(k_1, k_2,\dots , k_m\) represent a commutative set of keys.
- 5.
For now, we do not consider the case where a malicious participant can become aware of the distribution of query values by receiving multiple queries.
- 6.
- 7.
For normal distribution, the standard deviation and mean are equal to \(sd=10\) and \(\mu =50.5\) respectively in order to ensure adequate coverage of buckets.
References
Kerschbaum, F.: Outsourced private set intersection using homomorphic encryption. In: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, ASIACCS ’12, pp. 85–86. ACM, New York (2012)
Freedman, M.J., Nissim, K., Pinkas, B.: Efficient private matching and set intersection. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 1–19. Springer, Heidelberg (2004)
Kissner, L., Song, D.: Privacy-preserving set operations. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 241–257. Springer, Heidelberg (2005)
Agrawal, R., Evfimievski, A., Srikant, R.: Information sharing across private databases. In: Proceedings of the 2003 ACM SIGMOD International Conference on Management of Data, SIGMOD ’03, pp. 86–97. ACM, New York (2003)
Vaidya, J., Clifton, C.: Secure set intersection cardinality with application to association rule mining. J. Comput. Secur. 13, 593–622 (2005)
Yao, A.C.C.: How to generate and exchange secrets. In: Proceedings of the 27th Annual Symposium on Foundations of Computer Science, SFCS ’86, pp. 162–167. IEEE Computer Society, Washington, DC (1986)
Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game. In: Proceedings of the Nineteenth Annual ACM Symposium on Theory of Computing, STOC ’87, pp. 218–229. ACM, New York (1987)
Hacigümüş, H., Iyer, B., Li, C., Mehrotra, S.: Executing sql over encrypted data in the database-service-provider model. In: Proceedings of the 2002 ACM SIGMOD International Conference on Management of Data, SIGMOD ’02, pp. 216–227. ACM, New York (2002)
Damiani, E., Vimercati, S.D.C., Jajodia, S., Paraboschi, S., Samarati, P.: Balancing confidentiality and efficiency in untrusted relational dbmss. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, CCS ’03, pp. 93–102. ACM, New York (2003)
Boneh, D., Waters, B.: Conjunctive, subset and range queries on encrypted data. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 535–554. Springer, Heidelberg (2007)
Shi, E., Bethencourt, J., Hubert, T.-H., Dawn, C., Perrig, S.A.: Multi-dimension range query over encrypted data. In: IEEE Symposium on Security and Privacy, pp. 350–364. Smith (2007)
Sepehri, M., Cimato, S., Damiani, E.: A scalable multi-party protocol for privacy-preserving equality test. In: Franch, X., Soffer, P. (eds.) CAiSE Workshops 2013. LNBIP, vol. 148, pp. 466–477. Springer, Heidelberg (2013)
Li, J., Omiecinski, E.R.: Efficiency and security trade-off in supporting range queries on encrypted databases. In: Jajodia, S., Wijesekera, D. (eds.) Data and Applications Security 2005. LNCS, vol. 3654, pp. 69–83. Springer, Heidelberg (2005)
Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data, SIGMOD ’04, pp. 563–574. ACM, New York (2004)
Boldyreva, A., Chenette, N., Lee, Y., O’Neill, A.: Order-preserving symmetric encryption. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 224–241. Springer, Heidelberg (2009)
Hore, B., Mehrotra, S., Tsudik, G.: A privacy-preserving index for range queries. In: Proceedings of the Thirtieth International Conference on Very Large Data Bases, VLDB ’04, vol. 30, pp. 720–731, VLDB Endowment (2004)
Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: IEEE Symposium on Security and Privacy, pp. 44–55 (2000)
Goh, E.J.: Secure indexes. Cryptology ePrint Archive, Report 2003/216 (2003) http://eprint.iacr.org/2003/216/
Chang, Y.-C., Mitzenmacher, M.: Privacy preserving keyword searches on remote encrypted data. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 442–455. Springer, Heidelberg (2005)
Acknowledgments
This work was partly supported by the EU project CUMULUS (contract n. FP7-318580).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendices
Appendix
Finding Optimal Number of Buckets
For finding the optimal bucket number that is independent from the data and query distribution, we generate two different set of queries \(Q_{uni}\), \(Q_{nor}\) in which each has 8 queries with wide ranges corresponding to the searchable attribute with range \([1.0, 100.0]\). Range of each query in \(Q_{uni}\), \(Q_{nor}\) is selected randomly from uniform and normal distribution, respectively (Fig. 4).
(a) Uniform data-Uniform query, (b) Normal data-Uniform query and (c) Normal data-Normal query
For each experiment, we generated 4 range queries whose value is extracted according to a uniform distribution and 4 queries whose values are extracted according to a normal distribution on searchable attribute \(A\) with range \([1.0, \ldots , 100.0]\) Footnote 7.
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Sepehri, M., Cimato, S., Damiani, E. (2014). A Multi-Party Protocol for Privacy-Preserving Range Queries. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2013. Lecture Notes in Computer Science(), vol 8425. Springer, Cham. https://doi.org/10.1007/978-3-319-06811-4_15
Download citation
DOI: https://doi.org/10.1007/978-3-319-06811-4_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-06810-7
Online ISBN: 978-3-319-06811-4
eBook Packages: Computer ScienceComputer Science (R0)