research-article

CryptDB: protecting confidentiality with encrypted query processing

Authors:
Raluca Ada Popa

MIT CSAIL

MIT CSAIL
View Profile

,
Catherine M. S. Redfield

MIT CSAIL

MIT CSAIL
View Profile

,
Nickolai Zeldovich

MIT CSAIL

MIT CSAIL
View Profile

,
Hari Balakrishnan

MIT CSAIL

MIT CSAIL
View Profile

SOSP '11: Proceedings of the Twenty-Third ACM Symposium on Operating Systems PrinciplesOctober 2011Pages 85–100https://doi.org/10.1145/2043556.2043566

Published:23 October 2011Publication History

SOSP '11: Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles

Pages 85–100

ABSTRACT

Online applications are vulnerable to theft of sensitive information because adversaries can exploit software bugs to gain access to private data, and because curious or malicious administrators may capture and leak data. CryptDB is a system that provides practical and provable confidentiality in the face of these attacks for applications backed by SQL databases. It works by executing SQL queries over encrypted data using a collection of efficient SQL-aware encryption schemes. CryptDB can also chain encryption keys to user passwords, so that a data item can be decrypted only by using the password of one of the users with access to that data. As a result, a database administrator never gets access to decrypted data, and even if all servers are compromised, an adversary cannot decrypt the data of any user who is not logged in. An analysis of a trace of 126 million SQL queries from a production MySQL server shows that CryptDB can support operations over encrypted data for 99.5% of the 128,840 columns seen in the trace. Our evaluation shows that CryptDB has low overhead, reducing throughput by 14.5% for phpBB, a web forum application, and by 26% for queries from TPC-C, compared to unmodified MySQL. Chaining encryption keys to user passwords requires 11--13 unique schema annotations to secure more than 20 sensitive fields and 2--7 lines of source code changes for three multi-user web applications.

References

R. Agrawal, J. Kiernan, R. Srikant, and Y. Xu. Order preserving encryption for numeric data. In Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data, Paris, France, June 2004. Google ScholarDigital Library
G. Amanatidis, A. Boldyreva, and A. O'Neill. Provably-secure schemes for basic query support in outsourced databases. In Proceedings of the 21st Annual IFIP WG 11.3 Working Conference on Database and Applications Security. Redondo Beach, CA, July 2007. Google ScholarDigital Library
F. Bao, R. H. Deng, X. Ding, and Y. Yang. Private query on encrypted data in multi-user settings. In Proceedings of the 4th International Conference on Information Security Practice and Experience, Sydney. Australia, April 2008. Google ScholarDigital Library
A. Boldyreva, N. Chenette, Y. Lee, and A. O'Neill. Order-preserving symmetric encryption. In Proceedings of the 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT), Cologne, Germany, April 2009. Google ScholarDigital Library
D. Boneh and B. Waters. Conjunctive, subset, and range queries on encrypted data. In Proceedings of the 4th Conference on Theory of Cryptography, 2007. Google ScholarDigital Library
A. Chen. GCreep: Google engineer stalked teens, spied on chats. Gawker, September 2010. http://gawker.com/5637234/.Google Scholar
A. Chlipala. Static checking of dynamically-varying security policies in database-backed applications. In Proceedings of the 9th Symposium on Operating Systems Design and Implementation, Vancouver, Canada, October 2010. Google ScholarDigital Library
S. S. M. Chow, J.-H. Lee, and L. Subramanian. Two-party computation model for privacy-preserving queries over distributed databases. In Proceedings of the 16th Network and Distributed System Security Symposium, February 2009.Google Scholar
V. Ciriani, S. D. C. di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, and P. Samarati. Keep a few: Outsourcing data while maintaining confidentiality. In Proceedings of the 14th European Symposium on Research in Computer Security, September 2009. Google ScholarDigital Library
M. Cooney. IBM touts encryption innovation; new technology performs calculations on encrypted data without decrypting it. Computer World, June 2009.Google Scholar
C. Curino, E. P. C. Jones, R. A. Popa, N. Malviya, E. Wu, S. Madden, H. Balakrishnan, and N. Zeldovich. Relational cloud: A database-as-a-service for the cloud. In Proceedings of the 5th Biennial Conference on Innovative Data Systems Research, pages 235--241, Pacific Grove, CA, January 2011.Google Scholar
E. Damiani, S. D. C. di Vimercati, S. Jajodia, S. Paraboschi, and P. Samarati. Balancing confidentiality and efficiency in untrusted relational DBMSs. In Proceedings of the 10th ACM Conference on Computer and Communications Security, Washington, DC, October 2003. Google ScholarDigital Library
A. Desai. New paradigms for constructing symmetric encryption schemes secure against chosen-ciphertext attack. In Proceedings of the 20th Annual International Conference on Advances in Cryptology, pages 394--412, August 2000. Google ScholarDigital Library
C. Dwork. Differential privacy: a survey of results. In Proceedings of the 5th International Conference on Theory and Applications of Models of Computation, Xi'an, China, April 2008. Google ScholarDigital Library
S. Evdokimov and O. Guenther. Encryption techniques for secure database outsourcing. Cryptology ePrint Archive, Report 2007/335.Google Scholar
A. J. Feldman, W. P. Zeller, M. J. Freedman, and E. W. Felten. SPORC: Group collaboration using untrusted cloud resources. In Proceedings of the 9th Symposium on Operating Systems Design and Implementation, Vancouver, Canada, October 2010. Google ScholarDigital Library
T. Ge and S. Zdonik. Answering aggregation queries in a secure system model. In Proceedings of the 33rd International Conference on Very Large Data Bases, Vienna, Austria, September 2007. Google ScholarDigital Library
R. Gennaro, C. Gentry, and B. Parno. Non-interactive verifiable computing: Outsourcing computation to untrusted workers. In Advances in Cryptology (CRYPTO), Santa Barbara, CA, August 2010. Google ScholarDigital Library
C. Gentry. Fully homomorphic encryption using ideal lattices. In Proceedings of the 41st Annual ACM Symposium on Theory of Computing, Bethesda, MD, May-June 2009. Google ScholarDigital Library
O. Goldreich. Foundations of Cryptography: Volume I Basic Tools. Cambridge University Press, 2001. Google ScholarDigital Library
A. Greenberg. DARPA will spend 20 million to search for crypto's holy grail. Forbes, April 2011.Google Scholar
H. Hacigumus, B. Iyer, C. Li, and S. Mehrotra. Executing SQL over encrypted data in the database-service-provider model. In Proceedings of the 2002 ACM SIGMOD International Conference on Management of Data, Madison, WI, June 2002. Google ScholarDigital Library
J. A. Halderman, S. D. Schoen, N. Heninger, W. Clarkson, W. Paul, J. A. Calandrino, A. J. Feldman, J. Appelbaum, and E. W. Felten. Lest we remember: Cold boot attacks on encryption keys. In Proceedings of the 17th Usenix Security Symposium, San Jose, CA, July-August 2008. Google ScholarDigital Library
S. Halevi and P. Rogaway. A tweakable enciphering mode. In Advances in Cryptology (CRYPTO), 2003.Google ScholarCross Ref
V. Kachitvichyanukul and B. W. Schmeiser. Algorithm 668: H2PEC: Sampling from the hypergeometric distribution. ACM Transactions on Mathematical Software, 14(4):397--398, 1988. Google ScholarDigital Library
M. Kantarcioglu and C. Clifton. Security issues in querying encrypted data. In Proceedings of the 19th Annual IFIP WG 11.3 Working Conference on Database and Applications Security, Storrs, CT, August 2005. Google ScholarDigital Library
E. Kohler. Hot crap! In Proceedings of the Workshop on Organizing Workshops, Conferences, and Symposia for Computer Systems, San Francisco, CA, April 2008. Google ScholarDigital Library
J. Li, M. Krohn, D. Mazieres, and D. Shasha. Secure untrusted data repository (SUNDR). In Proceedings of the 6th Symposium on Operating Systems Design and Implementation, pages 91--106, San Francisco, CA, December 2004. Google ScholarDigital Library
V. B. Livshits and M. S. Lam. Finding security vulnerabilities in Java applications with static analysis. In Proceedings of the 14th Usenix Security Symposium, pages 271--286, Baltimore, MD, August 2005. Google ScholarDigital Library
P. Mahajan, S. Setty, S. Lee, A. Clement, L. Alvisi, M. Dahlin, and M. Walfish. Depot: Cloud storage with minimal trust. In Proceedings of the 9th Symposium on Operating Systems Design and Implementation, Vancouver, Canada, October 2010. Google ScholarDigital Library
M. Martin, B. Livshits, and M. Lam. Finding application errors and security flaws using PQL: a program query language. In Proceedings of the 2005 Conference on Object-Oriented Programming, Systems, Languages and Applications, pages 365--383, San Diego, CA, October 2005. Google ScholarDigital Library
National Vulnerability Database. CVE statistics. http://web.nvd.nist.gov/view/vuln/statistics, February 2011.Google Scholar
V. H. Nguyen, T. K. Dang, N. T. Son, and J. Kung. Query assurance verification for dynamic outsourced XML databases. In Proceedings of the 2nd Conference on Availability, Reliability and Security, Vienna, Austria, April 2007. Google ScholarDigital Library
Oracle Corporation. Oracle advanced security. http://www.oracle.com/technetwork/database/options/advanced-security/.Google Scholar
P. Paillier. Public-key cryptosystems based on composite degree residuosity classes. In Proceedings of the 18th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT), Prague, Czech Republic, May 1999. Google ScholarDigital Library
B. Parno, J. M. McCune, D. Wendlandt, D. G. Andersen, and A. Perrig. CLAMP: Practical prevention of large-scale data leaks. In Proceedings of the 30th IEEE Symposium on Security and Privacy, Oakland, CA, May 2009. Google ScholarDigital Library
R. A. Popa, C. M. S. Redfield, N. Zeldovich, and H. Balakrishnan. CryptDB web site. http://css.csail.mit.edu/cryptdb/.Google Scholar
R. A. Popa, J. R. Lorch, D. Molnar, H. J. Wang, and L. Zhuang. Enabling security in cloud storage SLAs with CloudProof. In Proceedings of 2011 USENIX Annual Technical Conference, Portland, OR, 2011. Google ScholarDigital Library
R. A. Popa, N. Zeldovich, and H. Balakrishnan. CryptDB: A practical encrypted relational DBMS. Technical Report MIT-CSAIL-TR-2011-005, MIT Computer Science and Artificial Intelligence Laboratory, Cambridge, MA, January 2011.Google Scholar
Privacy Rights Clearinghouse. Chronology of data breaches. http://www.privacyrights.org/data-breach.Google Scholar
S. Rizvi, A. Meridelzon, S. Sudarshan, and P. Roy. Extending query rewriting techniques for fine-grained access control. In Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data, Paris, France, June 2004. Google ScholarDigital Library
H. Shacham, N. Modadugu, and D. Boneh. Sirius: Securing remote untrusted storage. In Proceedings of the 10th Network and Distributed System Security Symposium, 2003.Google Scholar
E. Shi, J. Bethencourt, H. Chan, D. Song, and A. Perrig. Multidimensional range query over encrypted data. In Proceedings of the 28th IEEE Symposium on Security and Privacy, Oakland, CA, May 2007. Google ScholarDigital Library
V. Shoup. NTL: A library for doing number theory. http://www.shoup.net/ntl/, August 2009.Google Scholar
R. Sion. Query execution assurance for outsourced databases. In Proceedings of the 31st International Conference on Very Large Data Bases, pages 601--612. Trondheim, Norway, August-September 2005. Google ScholarDigital Library
D. X. Song, D. Wagner, and A. Perrig. Practical techniques for searches on encrypted data. In Proceedings of the 21st IEEE Symposium on Security and Privacy, Oakland, CA, May 2000. Google ScholarDigital Library
M. Taylor. MySQL proxy. https://launchpad.net/mysql-proxy.Google Scholar
B. Thompson, S. Haber, W. G. Horne, T. S. and D. Yao. Privacy-preserving computation and verification of aggregate queries on outsourced databases. Technical Report HPL-2009-119, HP Labs, 2009.Google ScholarDigital Library
E. P. Wobber, M. Abadi, M. Burrows, and B. Lampson. Authentication in the Taos operating system. ACM Transactions on Computer Systems, 12(1):3--32, 1994. Google ScholarDigital Library
L. Xiong, S. Chitti, and L. Liu. Preserving data privacy for outsourcing data aggregation services. Technical Report TR-2007-013, Emory University, Department of Mathematics and Computer Science, 2007.Google ScholarDigital Library
Z. Yang, S. Zhong, and R. N. Wright. Privacy-preserving queries on encrypted data. In European Symposium on Research in Computer Security, 2006. Google ScholarDigital Library
A. Yip, X. Wang, N. Zeldovich, and M. F. Kaashoek. Improving application security with data flow assertions. In Proceedings of the 22nd ACM Symposium on Operating Systems Principles, pages 291--304, Big Sky, MT, October 2009. Google ScholarDigital Library

Index Terms

CryptDB: protecting confidentiality with encrypted query processing
1. Security and privacy
  1. Database and storage security
2. Theory of computation
  1. Theory and algorithms for application domains
    1. Database theory
      1. Theory of database privacy and security

Recommendations

CryptDB: processing queries on an encrypted database
Read More
On the Difficulty of Securing Web Applications Using CryptDB
BDCLOUD '14: Proceedings of the 2014 IEEE Fourth International Conference on Big Data and Cloud Computing

Crypt DB has been proposed as a practical and secure middleware to protect databases deployed on semi-honest cloud servers. While CD provides sufficient protection under Threat-1, here we demonstrate that when CD is deployed to secure the cloud hosted ...
Read More
Secure E-Voting System Implementation Using CryptDB
Abstract
Voting process is important in any part of the world in public elections, private or autonomous bodies for electing someone. Due to the current pandemic situation, it is difficult to organize elections physically in the near future. Electronic ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
SOSP '11: Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
October 2011
417 pages
ISBN:9781450309776
DOI:10.1145/2043556
General Chair:
Ted Wobber
MSR Silicon Valley
,
Program Chair:
Peter Druschel
MPI-SWS
Copyright © 2011 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 23 October 2011
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate131of716submissions,18%
Upcoming Conference
SOSP '24

Sponsor:

sigops

ACM SIGOPS 29th Symposium on Operating Systems Principles

November 5 - 8, 2024

Austin , TX , USA
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 850
  Total Citations
  View Citations
- 4,308
  Total Downloads
- Downloads (Last 12 months)322
- Downloads (Last 6 weeks)54
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

CryptDB: protecting confidentiality with encrypted query processing

SOSP '11: Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles

ABSTRACT

References

Cited By

Index Terms

Recommendations

CryptDB: processing queries on an encrypted database

On the Difficulty of Securing Web Applications Using CryptDB

Secure E-Voting System Implementation Using CryptDB

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

Caption

CryptDB: protecting confidentiality with encrypted query processing

SOSP '11: Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles

ABSTRACT

References

Cited By

Index Terms

Recommendations

CryptDB: processing queries on an encrypted database

On the Difficulty of Securing Web Applications Using CryptDB

Secure E-Voting System Implementation Using CryptDB

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

Share this Publication link

Share on Social Media