Managing and querying encrypted data

Trần Mỹ Giao

Huỳnh Mai Thúy

Outline

Introduction1

DAS - Storing and querying encrypted data

Trust, Encryption Key- Management, Integrity & Data confidentiality

References

2

3

4

Introduction

Two new challenges emerge:oEfficient encryption algorithms for

relational dataoSupporting query on the encrypted

relational data.

Example: secure email server.

Outline

Introduction1

DAS - Storing and querying encrypted data

Trust, Encryption Key- Management, Integrity & Data confidentiality

References

2

3

4

What is DAS ?

• It is a paradigm wherein data owned by a client is hosted on a third-party server

• There is significant interest in secure query evaluation over encrypted databases.

DAS - Storing and querying encrypted data

• DAS set up and security model

• Querying encrypted relational data

• Relational encryption and storage model

• Keyword search on encrypted text data

• Search over encrypted XML data

DAS setup and security

• Data-owner, clients, server• Data must be encrypted on the server and

only decrypted on the client-side.

Querying encrypted relational data

• EMP(eid, ename, salary, addr, did)• DEPARTMENT(did, dname, mgr)• The goal in DAS is to process the query

directly at the server without the need to decrypt the data.

Querying encrypted relational data

• Requires mechanism to support the following basic operator over encrypted data

• Comparison operators• Arithmetic operators

2 categories

• Approaches based on new encyption techniques

• Information-hiding based Approaches

Approaches based on new encryption techniques

• Support either arthrimetic and/or comparison operators– PH supports basic arithmetic operations,and

doesn’t allow comparison.– Order-preserving encryption: support comparison,

join, selection, sorting, grouping, not support aggregation.

• The limitation: – Only safe under limited situations where the

adversary knowledge is limited.

Information-hiding based Approaches

• Store additional auxiliary information along with encrypted data

• Secure indices are designed carefully exploiting information hiding mechanism .

Information-hiding based Approaches

• 3 basic techniques:– Pertubation :Add a random value to the true

value (numeric attribute)– Generalization : Replace a numeric or categorical

value by a more general value– Swapping : swap the values of a specific attribute

of two records

Information-hiding based Approaches

• Support comparison , select – project - join , sorting ,grouping.

• Cannot support aggregation at the server.

Query processing architecture for DAS

Relational encryption and storage model

• R(A1, A2,.., An)

• Emp(etuple, eid, ename, salary, addr, did)

Relational encryption and storage model

• Partition functions:– Patition(emp.eid) = {[0,200], [200, 400],[400,600],

[600, 800], [800, 1000]}

• Identification functions:

E.g. : Ident(emp.eid)([0,200]) =2

Relational encryption and storage model

• Mapping functions– Map(emp.eid)(395) = 7

• Storing encrypted data

Relational encryption and storage model

• Decyption functions– D(Rs) = R

• Mapping condition– To translate query conditions to corresponding

conditions over the server-side, Map (cond) is called.

Translating Realtional Operator

• The Selection Operator:

• E.g. :C = eid < 395 & did = 140 (emp)

Query Execution

• Give an example:

Query Execution

• Give an example:

Query Execution

• Give an example:

Query Execution

• Give an example:

Keyword search on encrypted text data

•

• Answer is

Private key based search scheme on encrypted text data

• Secure index: reveals no imformation about its content to the adversary

• However, allows the adversary to tests the presence or absence of the keyword using a trapdoor

• A user search for documents containing word w, generates a trapdoor , which can be used by adversary to retieve documents.

Secure index’s creation

• Alice generates a sequence of pseudo-random values s1...sn, using a stream cipher.

• For each string si, Alice using pseudo-random function Fk(si) to generate a random m-bit sequence

• Then computes n-bit sequence ti= <si, Fk(si)>• Ciphertext ci = wi XOR ti• Secure index is a set of ci.

Secure index’s creation

• To prevent adversary from knowing what keyword is, pre- encrypt each word w using algorithm Ek

• Instead of using w below, we using xi = Ek(wi) to replace xi.

Search over encrypted XML data

• There has been little work in the area of encrypted XML data management.

• Two kinds of information the client may consider as sensitive: Individual node with its content Association between data values.

Search over encrypted XML data

• The notion of security constraints (SCs) that support both types of security requirements above.

• Such constraints can be specified in the form of Xpath expressions and may be classified as either node-type constraints or association-type constraints.

Search over encrypted XML data

• Hiding individual node with its content by encrypting their content

• Hiding Association between data values by encrypting any one of the nodes can enforce the SC

Search over encrypted XML data

• Query processing follows the typical DAS approach that we mentioned earlier

• Using two indexes( is call discontinuous structural interval index(DSI))– One is the structural index to enable tree

traversal– The second one is a value index for enabling

attribute value based queries like range queries.

Search over encrypted XML data

• Use an “order-preserving encryption” scheme to transform the values from their original domain to a new domain

Use B-trees to implement range-queries

• This scheme is unsafe under known plaintext attack

Outline

Introduction1

DAS - Storing and querying encrypted data

Trust, Encryption Key- Management, Integrity & Data confidentiality

References

2

3

4

Trust, Key- management, Integrity & Data confidentiality

• 3 basic models of trust that are widely studied in literature: Complete trust : the data management

issues are similar to those arising in standard DBMS systems

Partial trust : ensure the confidentiality of sensitive data

Un-trusted model :ensure authenticity of data and correctness of query results

Trust, Key- management, Integrity & Data confidentiality

• Encrypting relational data

• Authentication and integrity issues

• Key management in DAS

Encrypting relational data

• Three important issues to keep in mind1) Encryption algorithms

2) Encryption granularity

3) Efficient storage for encrypted data

1) Encryption algorithms

• Symmetric key DES : the effective key length is 56 bits,

the block size is 64 bits AES : Each of these ciphers has a 128-bit

block size, with key sizes of 128, 192 and 256 bits

Blowfish : 64-bit block size and a variable key length from 32 up to 448 bits

DESAES

Blowfish

1) Encryption algorithms

1) Encryption algorithms

• Public-key encryption: Avoids the problem of secure key distribution E.g. : RSA

2) Encryption granularity

• Field level The smallest achievable granularity Each attribute value of a tuple is encrypted

separately

2) Encryption granularity

• Record / row level Each row is encrypted separately Does not differentiate between sensitive and

non-sensitive data

2) Encryption granularity

• Attribute / column level: Only sensitive attributes are encrypted

2) Encryption granularity

• Page / block level : Whenever a page/block of sensitive data is

stored, the entire block is encrypted

3) Efficient storage for encrypted data

• The performance issues associated with storage of encrypted data on the disk

• “ Partitioned Plaintext and Cipher text” (PPC) :– Cluster the non-sensitive and sensitive data

minimize the number of encryption operations

3) Efficient storage for encrypted data

– Use NSM requires only modifications to the page layout.

Authentication and integrity issues

• Data integrity and authentication can be provided at difference levels of granularity:

the level of a table, a column, a row, an individual attribute value.

• Three flavor of database model: Unified client model

Multiple clients-single owner

Multiple clients-multiple owners

Authentication and integrity issues• One natural and intuitive solution for record-level

integrity is to use message authentication codes (MAC)

• MAC is a keyed hash of record ‘s content , tend to be small and of constant length

• The MAC-s are attractive for the unified client model

• In multi owner and multi querier models, potentially many queriers for each client. In these settings, MAC-s are not useful (repudiation)

Key management in DAS

• The data owner first decides the key-assignment granularity: Database level : generate a single key for

the whole database Table level : tables in database may be

grouped one key generate for each group Row level : records in table be grouped

each group is encrypted with a separate key

Key management in DAS

• In DAS key generation can be carried out at the client-side or at a third-party trusted server.

• The key generation process is classified into two classes: Pre computation :

Key is generated ahead of time After that, be stored in the key registry(key-Id , key

correspondence information , key mode, key material…) of the system

Re computation The key generating information is stored

Outline

Introduction1

DAS - Storing and querying encrypted data

Trust, Encryption Key- Management, Integrity & Data confidentiality

References

2

3

4

References

• Handbook of Database Security Applications and Trends 2007

• www.google.com.vn• www.en.wikipedia.org

THANK YOU FOR LISTENING