Skip to main content
SpringerLink
Log in

Controlled Joining on Encrypted Relational Database

  • Conference paper
Pairing-Based Cryptography – Pairing 2012 (Pairing 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7708))

Included in the following conference series:

Abstract

If a user encrypts data, stores them in a relational database (RDB), and keeps the key for both encryption and decryption by himself, then the risk of leaking data from the RDB directly can be mitigated. Such a strategy can be considered as a natural solution for preventing data leakage when the manager of the database cannot be entirely trusted or the burden of managing the database needs to be lightened. However, if the database cannot access to this key, it can execute only a few relational algebraic operations by itself, which spoils the serviceability of the database.

This paper first introduces the notion of an encryption for controlled joining (ECJ), which enables RDB to execute “natural join” of tables when and only when its user required it. This technique can directly be applied for union, difference, and intersection of tables also. Then, the paper proposes an instance under a novel but natural assumption on asymmetric bilinear group. Combining an ECJ with a searchable encryption and an order-preserving encryption, one can construct an encrypted database which can executes the major part of relational algebraic operations. The proposed instance is efficient in a reasonable extent and sacrifices its security only in a minimum extent. We consider such a technique can bring an enhanced security into the database-as-service environment.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Motwani, R., Srivastava, U., Thomas, D., Xu, Y.: Two can keep a secret: A distributed architecture for secure database services. In: CIDR, pp. 186–199 (2005)

    Google Scholar 

  2. Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order-preserving encryption for numeric data. In: Weikum, G., König, A.C., Deßloch, S. (eds.) SIGMOD Conference, pp. 563–574. ACM (2004)

    Google Scholar 

  3. Amanatidis, G., Boldyreva, A., O’Neill, A.: Provably-Secure Schemes for Basic Query Support in Outsourced Databases. In: Barker, S., Ahn, G.-J. (eds.) Data and Applications Security 2007. LNCS, vol. 4602, pp. 14–30. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  4. Ateniese, G., Fu, K., Green, M., Hohenberger, S.: Improved proxy re-encryption schemes with applications to secure distributed storage. In: NDSS. The Internet Society (2005)

    Google Scholar 

  5. Bellare, M., Boldyreva, A., O’Neill, A.: Deterministic and Efficiently Searchable Encryption. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 535–552. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  6. Bellare, M., Namprempre, C.: Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531–545. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  7. Beuchat, J.-L., González-Díaz, J.E., Mitsunari, S., Okamoto, E., Rodríguez-Henríquez, F., Teruya, T.: High-Speed Software Implementation of the Optimal Ate Pairing over Barreto–Naehrig Curves. In: Joye, M., Miyaji, A., Otsuka, A. (eds.) Pairing 2010. LNCS, vol. 6487, pp. 21–39. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  8. Blaze, M., Bleumer, G., Strauss, M.J.: Divertible Protocols and Atomic Proxy Cryptography. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 127–144. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  9. Boldyreva, A., Chenette, N., Lee, Y., O’Neill, A.: Order-Preserving Symmetric Encryption. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 224–241. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  10. Boldyreva, A., Chenette, N., O’Neill, A.: Order-Preserving Encryption Revisited: Improved Security Analysis and Alternative Solutions. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 578–595. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  11. Boneh, D., Boyen, X., Goh, E.-J.: Hierarchical Identity Based Encryption with Constant Size Ciphertext. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 440–456. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  12. Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public Key Encryption with Keyword Search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  13. Canard, S., Fuchsbauer, G., Gouget, A., Laguillaumie, F.: Plaintext-Checkable Encryption. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 332–348. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  14. Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology, revisited. J. ACM 51(4), 557–594 (2004)

    Article  MathSciNet  MATH  Google Scholar 

  15. Ceselli, A., Damiani, E., di Vimercati, S.D.C., Jajodia, S., Paraboschi, S., Samarati, P.: Modeling and assessing inference exposure in encrypted databases. ACM Trans. Inf. Syst. Secur. 8(1), 119–152 (2005)

    Article  Google Scholar 

  16. Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private information retrieval. In: FOCS, pp. 41–50 (1995)

    Google Scholar 

  17. Chor, B., Kushilevitz, E., Goldreich, O., Sudan, M.: Private information retrieval. J. ACM 45(6), 965–981 (1998)

    Article  MathSciNet  MATH  Google Scholar 

  18. CipherGate. eciphergate, http://www.ciphergate.co.jp/product/ecipher/index.html

  19. Ciriani, V., di Vimercati, S.D.C., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Combining fragmentation and encryption to protect privacy in data storage. ACM Trans. Inf. Syst. Secur. 13(3) (2010)

    Google Scholar 

  20. Codd, E.F.: A relational model of data for large shared data banks. Commun. ACM 13(6), 377–387 (1970)

    Article  MATH  Google Scholar 

  21. Curtmola, R., Garay, J.A., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. In: Juels, A., Wright, R.N., di Vimercati, S.D.C. (eds.) ACM Conference on Computer and Communications Security, pp. 79–88. ACM (2006)

    Google Scholar 

  22. di Vimercati, S.D.C., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Controlled information sharing in collaborative distributed query processing. In: ICDCS, pp. 303–310. IEEE Computer Society (2008)

    Google Scholar 

  23. Goh, E.-J.: Secure indexes. Cryptology ePrint Archive, Report 2003/216 (2003), http://eprint.iacr.org/

  24. Hacigümüs, H., Iyer, B.R., Li, C., Mehrotra, S.: Executing sql over encrypted data in the database-service-provider model. In: Franklin, M.J., Moon, B., Ailamaki, A. (eds.) SIGMOD Conference, pp. 216–227. ACM (2002)

    Google Scholar 

  25. Hacigümüs, H., Mehrotra, S., Iyer, B.R.: Providing database as a service. In: ICDE, p. 29. IEEE Computer Society (2002)

    Google Scholar 

  26. Hore, B., Mehrotra, S., Tsudik, G.: A privacy-preserving index for range queries. In: Nascimento, M.A., Özsu, M.T., Kossmann, D., Miller, R.J., Blakeley, J.A., Schiefer, K.B. (eds.) VLDB, pp. 720–731. Morgan Kaufmann (2004)

    Google Scholar 

  27. Jakobsson, M.: On Quorum Controlled Asymmetric Proxy Re-encryption. In: Imai, H., Zheng, Y. (eds.) PKC 1999. LNCS, vol. 1560, pp. 112–121. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  28. Kushilevitz, E., Ostrovsky, R.: Replication is not needed: Single database, computationally-private information retrieval. In: FOCS, pp. 364–373 (1997)

    Google Scholar 

  29. Microsoft. Deploying sql server 2008 based on payment card industry data security standards (2008), http://www.parentebeard.com/Uploads/Files/Deploying_SQL_Server_2008_Based_on_PCI_DSS.PDF

  30. Miyaji, A., Nakabayashi, M., Takano, S.: Characterization of Elliptic Curve Traces under FR-Reduction. In: Won, D. (ed.) ICISC 2000. LNCS, vol. 2015, pp. 90–108. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  31. Oracle. Oracle database 11g, oracle advanced security, http://www.oracle.com/technology/global/jp/products/security/db_security/htdocs/aso.html

  32. PCI-DSS. Payment card industry (pci) data security standard version 2.0, https://www.pcisecuritystandards.org/documents/pci_dss_v2.pdf

  33. Popa, R.A., Redfield, C.M.S., Zeldovich, N., Balakrishnan, H.: Cryptdb: protecting confidentiality with encrypted query processing. In: Wobber, T., Druschel, P. (eds.) SOSP, pp. 85–100. ACM (2011)

    Google Scholar 

  34. Samarati, P.: Protecting data privacy in outsourcing scenarios: invited talk. In: Daniel, F., Delcambre, L.M.L., Fotouhi, F., Garrigós, I., Guerrini, G., Mazón, J.-N., Mesiti, M., Müller-Feuerstein, S., Trujillo, J., Truta, T.M., Volz, B., Waller, E., Xiong, L., Zimányi, E. (eds.) EDBT/ICDT Workshops. ACM International Conference Proceeding Series. ACM (2010)

    Google Scholar 

  35. Samarati, P., di Vimercati, S.D.C.: Data protection in outsourcing scenarios: issues and directions. In: Feng, D., Basin, D.A., Liu, P. (eds.) ASIACCS, pp. 1–14. ACM (2010)

    Google Scholar 

  36. Shoup, V.: Sequences of games: a tool for taming complexity in security proofs. Cryptology ePrint report 2004/332 (November 30, 2004)

    Google Scholar 

  37. Tang, Q.: Towards Public Key Encryption Scheme Supporting Equality Test with Fine-Grained Authorization. In: Parampalli, U., Hawkes, P. (eds.) ACISP 2011. LNCS, vol. 6812, pp. 389–406. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  38. Yang, G., Tan, C.H., Huang, Q., Wong, D.S.: Probabilistic Public Key Encryption with Equality Test. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 119–131. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. NEC Corporation, Japan

    Jun Furukawa & Toshiyuki Isshiki

Authors
  1. Jun Furukawa
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Toshiyuki Isshiki
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Départment d’Informatique, École Normale Supérieure and CNRS, 45 rue d’Ulm, 75005, Paris, France

    Michel Abdalla

  2. Department of Mathematics and Computer Science, Technische Universiteit Eindhoven, P.O. Box 513, 5600 MB, Eindhoven, The Netherlands

    Tanja Lange

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Furukawa, J., Isshiki, T. (2013). Controlled Joining on Encrypted Relational Database. In: Abdalla, M., Lange, T. (eds) Pairing-Based Cryptography – Pairing 2012. Pairing 2012. Lecture Notes in Computer Science, vol 7708. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-36334-4_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-36334-4_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-36333-7

  • Online ISBN: 978-3-642-36334-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation