Sage Journals: Discover world-class research

Abstract

We study the problem of privately performing database queries (i.e., keyword searches and conjunctions over them), where a server provides its own database for a client’s query-based access. We propose a cryptographic model for the study of such protocols, by expanding previous well-studied models of keyword search and private information retrieval to incorporate a more practical data model: a time-varying, multi-attribute and multiple-occurrence database table.

Our first result is a 2-party private database retrieval protocol. This is the first protocol that preserves query and data privacy on such a practical data model. Like all previous work in private information retrieval and keyword search, this protocol still satisfies server time complexity linear in the database size.

Our main result is a private database retrieval protocol in a 3-party model where encrypted data is outsourced to a third party (i.e., a cloud server), satisfying highly desirable privacy and efficiency properties; most notably: (1) no unintended information is leaked to clients or servers, and only minimal ‘access pattern’ information is leaked to the third party; (2) for each query, all parties run in time only logarithmic in the number of database records; (3) the protocol’s runtime is practical for real-life applications, as shown in our implementation where we achieve response time that is only a small constant slower than commercial non-private protocols like MySQL. This is the first protocol that achieves privacy of database and query content with practical performance.

Finally, we show a second private database retrieval protocol in the 3-party model for which we can show that no unintended information is leaked to an adversary corrupting both clients and third parties, at an only constant additional performance overhead cost.

Keywords

Privacy for outsourced data privacy and big data database as a service

Get full access to this article

View all access options for this article.

References

Beaver, Commodity-based cryptography (extended abstract), in: Proc. of ACM STOC, 1997, pp. 446–455.

Boneh,

Di Crescenzo,

Ostrovsky and

Persiano, Public key encryption with keyword search, in: Proc. of EUROCRYPT, Springer, 2004, pp. 506–522.

Chor,

Gilboa and

Naor, Private information retrieval by keywords, IACR Cryptology ePrint Archive (1998).

Chor,

Kushilevitz,

Goldreich and

Sudan, Private information retrieval, J. ACM 45(6) (1998), 965–981.

T.M.

Cover and

J.A.

Thomas, Elements of Information Theory, 2nd edn, Wiley, 2006.

Di Crescenzo,

Cook,

McIntosh and

Panagos, Practical private information retrieval from a time-varying, multi-attribute, and multiple-occurrence database, in: Proc. of IFIP DBSec, Springer, 2014.

Di Crescenzo,

Feigenbaum,

Gupta,

Panagos,

Perry and

R.N.

Wright, Practical and privacy-preserving policy compliance for outsourced data, in: Proc. of WAHC, Springer, 2014.

Di Crescenzo and

Ghosh, Privacy-preserving range queries from keyword queries, in: Proc. of ACM DBSec, 2015.

Di Crescenzo,

Ishai and

Ostrovsky, Universal service-providers for private information retrieval, J. Cryptology 14(1) (2001), 37–74.

10.

Di Crescenzo and

Shallcross, On minimizing the size of encrypted databases, in: Proc. of IFIP DBSec, Springer, 2014.

11.

M.J.

Freedman,

Ishai,

Pinkas and

Reingold, Keyword search and oblivious pseudorandom functions, in: Proc. of TCC, Springer, 2005, pp. 303–324.

12.

Goldreich,

Goldwasser and

Micali, How to construct random functions, J. ACM 33(4) (1986), 792–807.

13.

Goldreich,

Micali and

Wigderson, How to play any mental game or a completeness theorem for protocols with honest majority, in: Proc. of ACM STOC, 1987, pp. 218–229.

14.

Goldreich and

Ostrovsky, Software protection and simulation on oblivious RAMs, J. ACM 43(3) (1996), 431–473.

15.

Hacigümüs,

B.R.

Iyer,

Li and

Mehrotra, Executing SQL over encrypted data in the database-service-provider model, in: Proc. of ACM SIGMOD, 2002, pp. 216–227.

16.

M.S.

Islam,

Kuzu and

Kantarcioglu, Access pattern disclosure on searchable encryption: Ramification, attack and mitigation, in: Proc. of NDSS, 2012.

17.

Jarecki,

C.S.

Jutla,

Krawczyk,

M.-C.

Rosu and

Steiner, Outsourced symmetric private information retrieval, in: Proc. of ACM CCS, 2013, pp. 875–888.

18.

Jarecki and

Liu, Efficient oblivious pseudorandom function with applications to adaptive OT and secure computation of set intersection, in: Proc. of TCC, Springer, 2009, pp. 577–594.

19.

Kushilevitz and

Ostrovsky, Replication is not needed: Single database, computationally-private information retrieval, in: Proc. of IEEE FOCS, 1997, pp. 364–373.

20.

Luby and

Rackoff, How to construct pseudorandom permutations from pseudorandom functions, SIAM J. Comput. 17(2) (1988), 373–386.

21.

Ostrovsky and

Skeith, A survey of single-database private information retrieval: Techniques and applications, in: Proc. of PKC, Springer, 2007, pp. 393–411.

22.

Pappas,

Krell,

Vo,

Kolesnikov,

Malkin,

S.G.

Choi,

George,

A.D.

Keromytis and

Bellovin, Blind seer: A scalable private DBMS, in: Proc. of 2014 IEEE SOSP, 2014, pp. 359–374.

23.

Project Gutenberg, http://www.gutenberg.org.

24.

D.X.

Song,

Wagner and

Perrig, Practical techniques for searches on encrypted data, in: Proc. of IEEE SOSP, 2000, pp. 44–55.

25.

Stefanov,

van Dijk,

Shi,

C.W.

Fletcher,

Ren,

Yu and

Devadas, Path ORAM: an extremely simple oblivious RAM protocol, in: Proc. of 2013 ACM CCS, 2013, pp. 299–310.

26.

Wang,

Ding,

R.H.

Deng and

Bao, Private information retrieval using trusted hardware, in: Proc. of ESORICS, Springer, 2006, pp. 49–64.

27.

A.C.-C.

Yao, How to generate and exchange secrets (extended abstract), in: Proc. of IEEE FOCS, 1986, pp. 162–167.

Practical and privacy-preserving information retrieval from a database table

Abstract

Keywords

Get full access to this article

References