ABSTRACT
Graph encryption schemes (introduced by [Chase and Kamara, 2010]) have been receiving growing interest across various disciplines due to their attractive tradeoff between functionality, efficiency and privacy. In this paper, we advance the state of the art on encrypted graph search by providing an efficient graph encryption scheme for shortest path queries. The preprocessing time and space and the query time are proportional to those for building and querying the search structure for the unencrypted graph. Hence, the overhead of providing structured encryption is asymptotically optimal. We implement our scheme and experimentally validate its performance on real world networks. Furthermore, we extend our scheme to support verifiability.
Our scheme is the first structured encryption scheme that supports a recursive algorithm, where the number of recursion steps is not known at setup time (unlike the chaining technique from [Chase and Kamara, 2010]). Recursion is an important algorithmic design paradigm. Hence, our technique may help develop other practical encrypted structures for recursive algorithms.
- Amazon. 2020. Amazon Neptune. https://aws.amazon.com/neptune.Google Scholar
- Aurelius LLC. 2015. Titan. http://titan.thinkaurelius.com.Google Scholar
- Raphael Bost. 2016. (sum)o(varphi)o(varsigma): Forward Secure Searchable Encryption. In Proc. ACM Conf. on Computer and Communications Security. 1143--1154. https://doi.org/10.1145/2976749.2978303Google Scholar
- Raphael Bost, Pierre-Alain Fouque, and David Pointcheval. 2016. Verifiable Dynamic Symmetric Searchable Encryption: Optimality and Forward Security. IACR Cryptology ePrint Archive, Vol. Report 2016/062 (2016). http://eprint.iacr.org/2016/062Google Scholar
- Alina Campan, Yasmeen Alufaisan, and Traian Marius Truta. 2015. Preserving Communities in Anonymized Social Networks. Trans. Data Privacy, Vol. 8, 1 (Dec. 2015), 55--87. http://dl.acm.org/citation.cfm?id=2870564.2870568Google Scholar
- David Cash, Joseph Jaeger, Stanislaw Jarecki, Charanjit S. Jutla, Hugo Krawczyk, Marcel-Catalin Rosu, and Michael Steiner. 2014. Dynamic Searchable Encryption in Very-Large Databases: Data Structures and Implementation. In Network and Distributed System Security Symposium, NDSS.Google Scholar
- David Cash, Stanislaw Jarecki, Charanjit S. Jutla, Hugo Krawczyk, Marcel-Catalin Rosu, and Michael Steiner. 2013. Highly-Scalable Searchable Symmetric Encryption with Support for Boolean Queries. In Advances in Cryptology - CRYPTO (Lecture Notes in Computer Science, Vol. 8042), Ran Canetti and Juan A. Garay (Eds.). Springer, 353--373. https://doi.org/10.1007/978--3--642--40041--4_20Google ScholarCross Ref
- Moses Charikar. 2000. Greedy approximation algorithms for finding dense components in a graph. In Approximation Algorithms for Combinatorial Optimization, Third International Workshop, APPROX (Lecture Notes in Computer Science, Vol. 1913), Klaus Jansen and Samir Khuller (Eds.). Springer, 84--95. https://doi.org/10.1007/3--540--44436-X_10Google Scholar
- Melissa Chase and Seny Kamara. 2010. Structured Encryption and Controlled Disclosure. In Advances in Cryptology - ASIACRYPT (Lecture Notes in Computer Science, Vol. 6477), Masayuki Abe (Ed.). Springer, 577--594. https://doi.org/10.1007/978--3--642--17373--8_33Google ScholarCross Ref
- Edith Cohen, Eran Halperin, Haim Kaplan, and Uri Zwick. 2002. Reachability and Distance Queries via 2-hop Labels. In ACM-SIAM Symposium on Discrete Algorithms (SODA). Society for Industrial and Applied Mathematics, 937--946. http://dl.acm.org/citation.cfm?id=545381.545503Google Scholar
- Thomas H. Cormen, Clifford Stein, Ronald L. Rivest, and Charles E. Leiserson. 2001. Introduction to Algorithms 2nd ed.). McGraw-Hill Higher Education.Google ScholarDigital Library
- Reza Curtmola, Juan A. Garay, Seny Kamara, and Rafail Ostrovsky. 2006. Searchable symmetric encryption: improved definitions and efficient constructions. In ACM Conf. on Computer and Communications Security, CCS, Ari Juels, Rebecca N. Wright, and Sabrina De Capitani di Vimercati (Eds.). ACM, 79--88. https://doi.org/10.1145/1180405.1180417Google ScholarDigital Library
- Ioannis Demertzis, Dimitrios Papadopoulos, Charalampos Papamanthou, and Saurabh Shintre. 2020. SEAL: Attack Mitigation for Encrypted Databases via Adjustable Leakage. In USENIX Security Symposium .Google Scholar
- E. W. Dijkstra. 1959. A Note on Two Problems in Connexion with Graphs. Numer. Math., Vol. 1, 1 (Dec. 1959), 269--271. https://doi.org/10.1007/BF01386390Google ScholarDigital Library
- Cynthia Dwork. 2011. Differential Privacy. In Encyclopedia of Cryptography and Security, 2nd Ed., Henk C. A. van Tilborg and Sushil Jajodia (Eds.). Springer, 338--340. https://doi.org/10.1007/978--1--4419--5906--5_752Google Scholar
- Encrypted Systems Lab @ Brown University. 2016. Clusion. https://github.com/encryptedsystems/Clusion.Google Scholar
- Sky Faber, Stanislaw Jarecki, Hugo Krawczyk, Quan Nguyen, Marcel-Catalin Rosu, and Michael Steiner. 2015. Rich Queries on Encrypted Data: Beyond Exact Matches. In Computer Security - ESORICS - European Symposium on Research in Computer Security (Lecture Notes in Computer Science, Vol. 9327), Gü nther Pernul, Peter Y. A. Ryan, and Edgar R. Weippl (Eds.). Springer, 123--145. https://doi.org/10.1007/978--3--319--24177--7_7Google Scholar
- Francesca Falzon, Evangelia Anna Markatou, Akshima, David Cash, Adam Rivkin, Jesse Stern, and Roberto Tamassia. 2020. Full Database Reconstruction in Two Dimensions. In ACM Conf. on Computer and Communications Security (CCS).Google Scholar
- Robert W. Floyd. 1962. Algorithm 97: Shortest Path. Commun. ACM, Vol. 5, 6 (June 1962), 345--. https://doi.org/10.1145/367766.368168Google ScholarDigital Library
- William I. Gasarch. 2004. A Survey on Private Information Retrieval (Column: Computational Complexity). Bulletin of the EATCS, Vol. 82 (2004), 72--107. http://theorie.informatik.uni-ulm.de/Personen/toran/beatcs/column82.pdfGoogle Scholar
- GephiDatasets. 2006. Internet dataset. a symmetrized snapshot of the structure of the Internet at the level of autonomous systems, reconstructed from BGP tables, https://gephi.org/datasets/internet_routers-22july06.gml.zip.Google Scholar
- E.-J. Goh, H. Shacham, N. Modadugu, and D. Boneh. 2003. SiRiUS: Securing Remote Untrusted Storage. In Network and Distributed System Security Symposium (NDSS '03) .Google Scholar
- Paul Grubbs, Anurag Khandelwal, Marie-Sarah Lacharité, Lloyd Brown, Lucy Li, Rachit Agarwal, and Thomas Ristenpart. 2020. Pancake: Frequency Smoothing for Encrypted Data Stores. In USENIX Security Symposium .Google Scholar
- P. Grubbs, M. Lacharité, B. Minaud, and K. G. Paterson. 2019. Learning to Reconstruct: Statistical Learning Theory and Encrypted Database Attacks. In Proc. IEEE Symp. on Security and Privacy 2019 (S&P).Google Scholar
- Jonathon S. Hare, Sina Samangooei, and David P. Dupplaw. 2011. OpenIMAJ and ImageTerrier: Java libraries and tools for scalable multimedia analysis and indexing of images. In ACM Int. Conf. on Multimedia (MM). 691--694. https://doi.org/10.1145/2072298.2072421Google Scholar
- Seny Kamara and Tarik Moataz. 2017. Boolean Searchable Symmetric Encryption with Worst-Case Sub-linear Complexity. In Advances in Cryptology - EUROCRYPT (Lecture Notes in Computer Science, Vol. 10212), Jean-Sé bastien Coron and Jesper Buus Nielsen (Eds.). 94--124. https://doi.org/10.1007/978--3--319--56617--7_4Google ScholarCross Ref
- Seny Kamara and Tarik Moataz. 2019. Computationally Volume-Hiding Structured Encryption. In Advances in Cryptology - EUROCRYPT (LNCS, Vol. 11477). Springer, 183--213. https://doi.org/10.1007/978--3-030--17656--3_7Google ScholarDigital Library
- Seny Kamara and Charalampos Papamanthou. 2013. Parallel and Dynamic Searchable Symmetric Encryption. In Financial Cryptography and Data Security - Int. Conference, FC (Lecture Notes in Computer Science, Vol. 7859), Ahmad-Reza Sadeghi (Ed.). Springer, 258--274. https://doi.org/10.1007/978--3--642--39884--1_22Google Scholar
- Seny Kamara, Charalampos Papamanthou, and Tom Roeder. 2012. Dynamic searchable symmetric encryption. In ACM Conf. on Computer and Communications Security, CCS, Ting Yu, George Danezis, and Virgil D. Gligor (Eds.). ACM, 965--976. https://doi.org/10.1145/2382196.2382298Google ScholarDigital Library
- Georgios Kellaris, George Kollios, Kobbi Nissim, and Adam O'Neill. 2016. Generic Attacks on Secure Outsourced Databases. In ACM Conf. on Computer and Communications Security 2016 (CCS).Google Scholar
- Evgenios M. Kornaropoulos, Charalampos Papamanthou, and Roberto Tamassia. 2019. Data Recovery on Encrypted Databases With k-Nearest Neighbor Query Leakage. In Proc. IEEE Symp. on Security and Privacy (S&P).Google ScholarCross Ref
- Evgenios M. Kornaropoulos, Charalampos Papamanthou, and Roberto Tamassia. 2020. The State of the Uniform: Attacks on Encrypted Databases Beyond the Uniform Query Distribution. In Proc. IEEE Symp.on Security and Privacy (S&P).Google ScholarCross Ref
- Evgenios M. Kornaropoulos, Charalampos Papamanthou, and Roberto Tamassia. 2021. Response-Hiding Encrypted Ranges: Revisiting Security via Parametrized Leakage-Abuse Attacks. In IEEE Symp.on Security and Privacy (S&P). To appear.Google ScholarCross Ref
- Kaoru Kurosawa, Keisuke Sasaki, Kiyohiko Ohta, and Kazuki Yoneyama. 2016. UC-Secure Dynamic Searchable Symmetric Encryption Scheme. In Advances in Information and Computer Security - Int. Workshop on Security, IWSEC (Lecture Notes in Computer Science, Vol. 9836), Kazuto Ogawa and Katsunari Yoshioka (Eds.). Springer, 73--90. https://doi.org/10.1007/978--3--319--44524--3_5Google Scholar
- Jure Leskovec and Andrej Krevl. 2014. SNAP Datasets: Stanford Large Network Dataset Collection. http://snap.stanford.edu/data.Google Scholar
- Evangelia Anna Markatou and Roberto Tamassia. 2019 a. Full Database Reconstruction with Access and Search Pattern Leakage. In Proc. Int. Conf on Information Security (ISC).Google ScholarDigital Library
- Evangelia Anna Markatou and Roberto Tamassia. 2019 b. Mitigation Techniques for Attacks on 1-Dimensional Databases that Support Range Queries. In Proc. Int. Conf on Information Security (ISC).Google ScholarDigital Library
- Xianrui Meng, Seny Kamara, Kobbi Nissim, and George Kollios. 2015. GRECS: Graph Encryption for Approximate Shortest Distance Queries. In ACM Conf. on Computer and Communications Security, Indrajit Ray, Ninghui Li, and Christopher Kruegel (Eds.). ACM, 504--517. https://doi.org/10.1145/2810103.2813672Google ScholarDigital Library
- Neo4j. 2020. Neo4j Graph Database. https://neo4j.com.Google Scholar
- Ontotext. 2020. GraphDB. https://graphdb.ontotext.com.Google Scholar
- OrientDB. 2020. OrientDB Community Edition. https://orientdb.org.Google Scholar
- Vasilis Pappas, Fernando Krell, Binh Vo, Vladimir Kolesnikov, Tal Malkin, Seung Geol Choi, Wesley George, Angelos D. Keromytis, and Steve Bellovin. 2014. Blind Seer: A Scalable Private DBMS. In IEEE Symposium on Security and Privacy, SP. IEEE Computer Society, 359--374. https://doi.org/10.1109/SP.2014.30Google Scholar
- Wei Peng, Xiaofeng Hu, Feng Zhao, and Jinshu Su. 2012. A Fast Algorithm to Find All-Pairs Shortest Paths in Complex Networks. Procedia Computer Science, Vol. 9 (2012), 557 -- 566. https://doi.org/10.1016/j.procs.2012.04.060Google ScholarCross Ref
- Lé on Planken, Mathijs de Weerdt, and Roman van der Krogt. 2012. Computing All-Pairs Shortest Paths by Leveraging Low Treewidth. J. Artif. Intell. Res. (JAIR), Vol. 43 (2012), 353--388. https://doi.org/10.1613/jair.3509Google ScholarDigital Library
- G. S. Poh, M. S. Mohamad, and M. R. Z'aba. 2012. Structured Encryption for Conceptual Graphs. In Advances in Information and Computer Security. 105--122.Google Scholar
- Jagan Sankaranarayanan, Houman Alborzi, and Hanan Samet. 2005. Efficient Query Processing on Spatial Networks. In ACM Int. Workshop on Geographic Information Systems (GIS). 200--209. https://doi.org/10.1145/1097064.1097093Google Scholar
- Jagan Sankaranarayanan, Hanan Samet, and Houman Alborzi. 2009. Path Oracles for Spatial Networks. Proc. VLDB Endow., Vol. 2, 1 (Aug. 2009), 1210--1221. https://doi.org/10.14778/1687627.1687763Google ScholarDigital Library
- D. Song, D. Wagner, and A. Perrig. 2000. Practical Techniques for Searching on Encrypted Data. In IEEE Symp. on Security and Privacy. 44--55.Google Scholar
- Emil Stefanov, Charalampos Papamanthou, and Elaine Shi. 2014. Practical Dynamic Searchable Encryption with Small Leakage. In Network and Distributed System Security Symposium, NDSS. The Internet Society. http://www.internetsociety.org/doc/practical-dynamic-searchable-encryption-small-leakageGoogle Scholar
- Qian Wang, Kui Ren, Minxin Du, Qi Cheng Li, and Aziz Mohaisen. 2017. SecGDB: Graph Encryption for Exact Shortest Distance Queries with Efficient Updates.Google Scholar
- David J. Wu, Joe Zimmerman, Jé ré my Planul, and John C. Mitchell. 2016. Privacy-Preserving Shortest Path Computation. In Network and Distributed System Security Symposium, NDSS. The Internet Society. http://www.internetsociety.org/sites/default/files/blogs-media/privacy-preserving-shortest-path-computation.pdfGoogle Scholar
- Lingkun Wu, Xiaokui Xiao, Dingxiong Deng, Gao Cong, Andy Diwen Zhu, and Shuigeng Zhou. 2012. Shortest Path and Distance Queries on Road Networks: An Experimental Evaluation. Proc. VLDB Endow., Vol. 5, 5 (2012), 406--417. https://doi.org/10.14778/2140436.2140438Google ScholarDigital Library
Index Terms
- Efficient Graph Encryption Scheme for Shortest Path Queries
Recommendations
GRECS: Graph Encryption for Approximate Shortest Distance Queries
CCS '15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications SecurityWe propose graph encryption schemes that efficiently support approximate shortest distance queries on large-scale encrypted graphs. Shortest distance queries are one of the most fundamental graph operations and have a wide range of applications. Using ...
SecGDB: Graph Encryption for Exact Shortest Distance Queries with Efficient Updates
Financial Cryptography and Data SecurityAbstractIn the era of big data, graph databases have become increasingly important for NoSQL technologies, and many systems can be modeled as graphs for semantic queries. Meanwhile, with the advent of cloud computing, data owners are highly motivated to ...
An efficient incomparable public key encryption scheme
Public keys are closely related to the identity of recipients in public key encryption setting. In privacy-sensitive applications of public key encryption, it is desirable to hide the relation between the public key and the identity of the recipient. ...
Comments