Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Security

IWSEC 2018: Advances in Information and Computer Security pp 35–47Cite as

Inference Attacks on Encrypted Databases Based on Order Preserving Assignment Problem

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11049))

Abstract

In ACM CCS 2015, Naveed et al. proposed attacks using plaintext auxiliary data for databases encrypted by ordered preserving encryption or more general property preserving encryptions. Their attacks are based on the Hungarian algorithm for solving the linear sum assignment problem (LSAP). In this work, we define a new assignment optimization problem with an additional condition of order structure and propose a search algorithm for finding its exact solution. We apply the new algorithm to attack an encrypted database in the same situation as Naveed et al. and found that our proposed method improves the success probability of the attacks compared with the attacks of Naveed et al.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of the SIGMOD, pp. 563–574 (2004)

    Google Scholar 

  2. Boldyreva, A., Chenette, N., Lee, Y., O’Neill, A.: Order-preserving symmetric encryption. In: Proceedings of the EUROCRYPT, pp. 224–241 (2009)

    Chapter  Google Scholar 

  3. Boldyreva, A., Chenette, N., O’Neill, A.: Order-preserving encryption revisited: improved security analysis and alternative solutions. In Proceedings of the CRYPTO, pp. 578–595 (2011)

    Chapter  Google Scholar 

  4. Karras, P., Malhotra, S., Bhatt, R., Nikitin, A., Antyukhov, D., Idreos, S.: Adaptive indexing over encrypted numeric data. In Proceedings of the SIGMOD, pp. 171–183 (2016)

    Google Scholar 

  5. Boneh, D., Lewi, K., Raykova, M., Sahai, A., Zhandry, M., Zimmerman, J.: Semantically secure order-revealing encryption: multi-input functional encryption without obfuscation. In: Proceedings of the EUROCRYPT, pp. 563–594 (2015)

    Google Scholar 

  6. Chenette, N., Lewi, K., Weis, S.A., Wu, D.J.: Practical Order-Revealing Encryption with Limited Leakage. In: Proceedings of the FSE, pp. 474–493 (2016)

    Chapter  Google Scholar 

  7. Lewi, K., Wu, D.J.: Order-Revealing Encryption: New Constructions, Applications, and Lower Bounds. In: Proceedings of ACM CCS 2016, pp. 1167–1178 (2016)

    Google Scholar 

  8. Popa, R.A., Redeld, C., Zeldovich, N., Balakrishnan, H.: CryptDB: protecting confidentiality with encrypted query processing. In: Proceedings of the SOSP 2011, pp. 85–100 (2011)

    Google Scholar 

  9. Naveed, M., Kamara, S., Wright, C.V.: Inference attacks on property-preserving encrypted databases. In: Proceedings of the ACM CCS 2015, 644–655 (2015)

    Google Scholar 

  10. Horst, C., Kikuchi, R., Xagawa, K.: Cryptanalysis of comparable encryption in SIGMOD 2016. In: Proceedings of SIGMOD 2017, pp. 1069–1084 (2017)

    Google Scholar 

  11. Betül Durak, F., DuBuisson, T.M., Cash, D.: What else is revealed by order-revealing encryption? In: Proceedings of the ACM CCS, pp. 1155–1166 (2016)

    Google Scholar 

  12. Kuhn, H.W.: The Hungarian method for the assignment problem. Naval Res. Logistics Q. 2, 83–87 (1955)

    Article  MathSciNet  Google Scholar 

  13. Munkres, J.: Algorithms for the assignment and transportation problems. J. Soc. Ind. Appl. Math. 5(1), 32–38 (1957)

    Article  MathSciNet  Google Scholar 

  14. UCI Machine Learning Repository: Adult Data Set. https://archive.ics.uci.edu/ml/datasets/adult

  15. Privacy Rights Clearinghouse. Chronology of data breaches. http://www.privacyrights.org/data-breach

  16. Navarro, G.: A guided tour to approximate string matching. ACM Comput. Surv. 33(1), 31–88 (2001)

    Article  Google Scholar 

  17. Grubbs, P., Sekniqi, K., Bindschaedler, V., Naveed, M., Ristenpart, T.: Leakage-abuse attacks against order-revealing encryption. IEEE Symp. Secur. Priv. 2017, 665–672 (2017)

    Google Scholar 

  18. Kerschbaum, F.: Frequency-hiding order-preserving encryption. ACM Conf. Comput. Commun. Secur. 2015, 656–667 (2015)

    Google Scholar 

  19. Google, Encrypted BigQueqy. https://github.com/google/encrypted-bigquery-client

  20. Sap AG, SEEED. https://www.sics.se/sites/default/files/pub/andreasschaad.pdf

  21. Microsoft, Always Encrypted SQL Server. https://docs.microsoft.com/en-us/sql/relational-databases/security/encryption/always-encrypted-database-engine?view=sql-server-2017

Download references

Acknowledgments

This research was partially supported by JST CREST Grant Number JPMJCR1302, Japan.

Author information

Authors and Affiliations

  1. The University of Tokyo, Tokyo, Japan

    Sota Onozawa, Noboru Kunihiro & Ken Naganuma

  2. Hitachi, Ltd., Tokyo, Japan

    Masayuki Yoshino & Ken Naganuma

Authors
  1. Sota Onozawa
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Noboru Kunihiro
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Masayuki Yoshino
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ken Naganuma
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Masayuki Yoshino .

Editor information

Editors and Affiliations

  1. Tokyo Denki University, Tokyo, Japan

    Atsuo Inomata

  2. Nippon Telegraph and Telephone Corporation, Tokyo, Japan

    Kan Yasuda

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Onozawa, S., Kunihiro, N., Yoshino, M., Naganuma, K. (2018). Inference Attacks on Encrypted Databases Based on Order Preserving Assignment Problem. In: Inomata, A., Yasuda, K. (eds) Advances in Information and Computer Security. IWSEC 2018. Lecture Notes in Computer Science(), vol 11049. Springer, Cham. https://doi.org/10.1007/978-3-319-97916-8_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-97916-8_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-97915-1

  • Online ISBN: 978-3-319-97916-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation