Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
SpringerLink
Log in

A Survey of Advanced Encryption for Database Security: Primitives, Schemes, and Attacks

  • Conference paper
  • First Online:
Foundations and Practice of Security (FPS 2020)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12637))

Included in the following conference series:

  • 625 Accesses

Abstract

The use of traditional encryption techniques in Database Management Systems is limited, as encrypting data within the database can prevent basic functionalities such as ordering and searching. Advanced encryption techniques and trusted hardware, however, can enable standard functionalities to be achieved on encrypted databases, and a number of such schemes have been proposed in the recent literature. In this survey, different approaches towards database security through software/hardware components are explored and compared based on performance and security, and relevant attacks are discussed.

Buvana Ganesh is supported by a PhD scholarship funded by the Science Foundation Ireland Centre for Research Training in Artificial Intelligence under Grant No. 18/CRT/6223.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. PALISADE Lattice Cryptography Library (ver.1.9.2). http://palisade-crypto.org

  2. TPC benchmarks. http://www.tpc.org/information/benchmarks.asp

  3. ARM security technology building a secure system using TrustZone technology (rev. C). Technical report, ARM (2009)

    Google Scholar 

  4. Agrawal, D., El Abbadi, A., Emekçi, F., Metwally, A.: Database management as a service: challenges and opportunities. In: IEEE ICDE, pp. 1709–1716 (2009)

    Google Scholar 

  5. Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order-preserving encryption for numeric data. In: ACM SIGMOD International Conference on Management of Data, pp. 563–574 (2004)

    Google Scholar 

  6. Anderson, R.J.: Security Engineering: A Guide to Building Dependable Distributed Systems, 2nd edn. Wiley, Hoboken (2008)

    Google Scholar 

  7. Arasu, A., Eguro, K., Joglekar, M., Kaushik, R., Kossmann, D., Ramamurthy, R.: Transaction processing on confidential data using cipherbase. In: IEEE ICDE, pp. 435–446 (2015)

    Google Scholar 

  8. Bajaj, S., Sion, R.: TrustedDB: a trusted hardware-based database with privacy and data confidentiality. IEEE Trans. Knowl. Data Eng. 26(3), 752–765 (2014)

    Article  Google Scholar 

  9. Boldyreva, A., Chenette, N., Lee, Y., O’Neill, A.: Order-preserving symmetric encryption. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 224–241. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01001-9_13

    Chapter  Google Scholar 

  10. Bost, R.: \(\sum \)o\(\varphi \)o\(\varsigma \): forward secure searchable encryption. In: ACM SIGSAC CCS, pp. 1143–1154. ACM (2016)

    Google Scholar 

  11. Brakerski, Z., Gentry, C., Vaikuntanathan, V.: Fully homomorphic encryption without bootstrapping. Electron. Colloquium Comput. Complex 18, 111 (2011)

    MATH  Google Scholar 

  12. Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: Foundations of Computer Science, FOCS 2001, pp. 136–145. IEEE (2001)

    Google Scholar 

  13. Cash, D., Grubbs, P., Perry, J., Ristenpart, T.: Leakage-abuse attacks against searchable encryption. In: ACM SIGSAC CCS, pp. 668–679. ACM (2015)

    Google Scholar 

  14. Cash, D., Jarecki, S., Jutla, C., Krawczyk, H., Roşu, M.-C., Steiner, M.: Highly-scalable searchable symmetric encryption with support for Boolean queries. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 353–373. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_20

    Chapter  Google Scholar 

  15. Cheon, J.H., Kim, A., Kim, M., Song, Y.: Homomorphic encryption for arithmetic of approximate numbers. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10624, pp. 409–437. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70694-8_15

    Chapter  Google Scholar 

  16. Costan, V., Devadas, S.: Intel SGX explained. IACR Cryptology ePrint Archive 2016/86 (2016)

    Google Scholar 

  17. Cui, S., Song, X., Asghar, M.R., Galbraith, S.D., Russello, G.: Privacy-preserving searchable databases with controllable leakage. CoRR abs/1909.11624 (2019)

    Google Scholar 

  18. van Dijk, M., Gentry, C., Halevi, S., Vaikuntanathan, V.: Fully homomorphic encryption over the integers. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 24–43. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13190-5_2

    Chapter  Google Scholar 

  19. Dyer, J., Dyer, M.E., Djemame, K.: Order-preserving encryption using approximate common divisors. Inf. Secur. Appl. 49, 102391 (2019)

    Google Scholar 

  20. Eskandarian, S., Zaharia, M.: ObliDB: oblivious query processing for secure databases. PVLDB 13(2), 169–183 (2019). https://github.com/SabaEskandarian/ObliDB

  21. Fan, J., Vercauteren, F.: Somewhat practical fully homomorphic encryption. IACR Cryptology ePrint Archive 2012/144 (2012)

    Google Scholar 

  22. Fuller, B., et al.: SoK: cryptographically protected database search. In: IEEE Security & Privacy, pp. 172–191 (2017)

    Google Scholar 

  23. Garg, S., Mohassel, P., Papamanthou, C.: TWORAM: efficient oblivious RAM in two rounds with applications to searchable encryption. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9816, pp. 563–592. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53015-3_20

    Chapter  MATH  Google Scholar 

  24. Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game, or a completeness theorem for protocols with honest majority. In: Providing Sound Foundations for Cryptography: On the Work of Shafi Goldwasser and Silvio Micali, pp. 307–328. ACM (2019)

    Google Scholar 

  25. Graepel, T., Lauter, K., Naehrig, M.: ML confidential: machine learning on encrypted data. In: Kwon, T., Lee, M.-K., Kwon, D. (eds.) ICISC 2012. LNCS, vol. 7839, pp. 1–21. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37682-5_1

    Chapter  Google Scholar 

  26. Grubbs, P., Lacharité, M., Minaud, B., Paterson, K.: Pump up the volume: practical database reconstruction from volume leakage on range queries. In: ACM CCS, pp. 315–331 (2018)

    Google Scholar 

  27. Grubbs, P., Lacharite, M.S., Minaud, B., Paterson, K.G.: Learning to reconstruct: statistical learning theory and encrypted database attacks. In: IEEE Security & Privacy, pp. 1067–1083 (2019)

    Google Scholar 

  28. Grubbs, P., Ristenpart, T., Shmatikov, V.: Why your encrypted database is not secure. In: 16th Workshop on Hot Topics in Operating Systems, pp. 162–168 (2017)

    Google Scholar 

  29. Halevi, S., Shoup, V.: Algorithms in HElib. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 554–571. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44371-2_31

    Chapter  MATH  Google Scholar 

  30. He, W., Akhawe, D., Jain, S., Shi, E., Song, D.X.: ShadowCrypt: encrypted web applications for everyone. In: ACM SIGSAC, pp. 1028–1039. ACM (2014)

    Google Scholar 

  31. Ishai, Y., Kushilevitz, E., Lu, S., Ostrovsky, R.: Private large-scale databases with distributed searchable symmetric encryption. In: Sako, K. (ed.) CT-RSA 2016. LNCS, vol. 9610, pp. 90–107. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29485-8_6

    Chapter  Google Scholar 

  32. Islam, M.S., Kuzu, M., Kantarcioglu, M.: Access pattern disclosure on searchable encryption: ramification, attack and mitigation. In: NDSS. The Internet Society (2012)

    Google Scholar 

  33. Jarecki, S., Jutla, C.S., Krawczyk, H., Rosu, M., Steiner, M.: Outsourced symmetric private information retrieval. In: ACM SIGSAC CCS 2013, pp. 875–888. ACM (2013)

    Google Scholar 

  34. Kamara, S., Papamanthou, C., Roeder, T.: Dynamic searchable symmetric encryption. In: Yu, T., Danezis, G., Gligor, V.D. (eds.) the ACM CCS 2012, pp. 965–976. ACM (2012)

    Google Scholar 

  35. Katz, J., Lindell, Y.: Introduction to Modern Cryptography, 2nd edn. CRC Press, Boca Raton (2014)

    Book  Google Scholar 

  36. Lacharité, M., Minaud, B., Paterson, K.G.: Improved reconstruction attacks on encrypted data using range query leakage. In: 2018 IEEE Security & Privacy, pp. 297–314 (2018)

    Google Scholar 

  37. Lai, S., Yuan, X., Sun, S., Liu, J.K., Liu, Y., Liu, D.: GraphSE\({^2}\): an encrypted graph database for privacy-preserving social search. In: ACM Security Asia CCS, pp. 41–54. ACM (2019)

    Google Scholar 

  38. Lau, B., Chung, S.P., Song, C., Jang, Y., Lee, W., Boldyreva, A.: Mimesis aegis: a mimicry privacy shield-a system’s approach to data privacy on public cloud. In: 23rd USENIX Security Symposium. pp. 33–48. USENIX Association (2014)

    Google Scholar 

  39. Lewi, K., Wu, D.J.: Order-revealing encryption: new constructions, applications, and lower bounds. In: ACM SIGSAC- CCS 2016. ACM Press (2016)

    Google Scholar 

  40. Liu, G., Yang, G., Wang, H., Xiang, Y., Dai, H.: A novel secure scheme for supporting complex SQL queries over encrypted databases in cloud computing. Secur. Commun. Netw. 2018(2), 1–15 (2018)

    Article  Google Scholar 

  41. Meng, X., Kamara, S., Nissim, K., Kollios, G.: GRECS: graph encryption for approximate shortest distance queries. In: 22nd ACM SIGSAC. ACM (2015)

    Google Scholar 

  42. Mishra, P., Poddar, R., Chen, J., Chiesa, A., Popa, R.A.: Oblix: an efficient oblivious search index. In: 2018 IEEE Symposium on Security and Privacy, pp. 279–296 (2018)

    Google Scholar 

  43. Naveed, M., Kamara, S., Wright, C.V.: Inference attacks on property preserving encrypted databases. In: 22nd ACM SIGSAC-CCS 2015. ACM Press (2015)

    Google Scholar 

  44. Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_16

    Chapter  Google Scholar 

  45. Papadimitriou, A., et al.: Big data analytics over encrypted datasets with seabed. In: 12th USENIX Symposium on OS Design and Implementation. USENIX Association (2016)

    Google Scholar 

  46. Pappas, V., et al.: Blind seer: a scalable private DBMS. In: 2014 IEEE Security & Privacy, pp. 359–374. IEEE (2014)

    Google Scholar 

  47. Poddar, R., Boelter, T., Popa, R.A.: Arx: an encrypted database using semantically secure encryption. Proc. VLDB Endow. 12(11), 1664–1678 (2019)

    Article  Google Scholar 

  48. Popa, R.A., Li, F.H., Zeldovich, N.: An ideal-security protocol for order-preserving encoding. In: 2013 IEEE Symposium on Security and Privacy, pp. 463–477 (2013)

    Google Scholar 

  49. Popa, R.A., Redfield, C.M.S., Zeldovich, N., Balakrishnan, H.: CryptDB: processing queries on an encrypted database. Commun. ACM 55(9), 103–111 (2012). https://github.com/CryptDB/cryptdb

  50. Pouliot, D., Wright, C.V.: The shadow nemesis: inference attacks on efficiently deployable, efficiently searchable encryption. In: ACM SIGSAC, pp. 1341–1352. ACM (2016)

    Google Scholar 

  51. Priebe, C., Vaswani, K., Costa, M.: EnclaveDB: a secure database using SGX. In: 2018 IEEE Symposium on Security and Privacy, pp. 264–278 (2018)

    Google Scholar 

  52. Saha, T.K., Rathee, M., Koshiba, T.: Efficient private database queries using ring-LWE somewhat homomorphic encryption. J. Inf. Secur. Appl. 49, 102406 (2019)

    Google Scholar 

  53. Sarfraz, M.I., Nabeel, M., Cao, J., Bertino, E.: DBMask: fine-grained access control on encrypted relational databases. Trans. Data Priv. 9(3), 187–214 (2016)

    Google Scholar 

  54. Microsoft SEAL: Microsoft Research (release 3.5), Redmond, WA (2020). https://github.com/Microsoft/SEAL

  55. Shay, R., Blumenthal, U., Gadepally, V., Hamlin, A., Mitchell, J., Cunningham, R.: Don’t even ask: database access control through query control. SIGMOD Rec. 47(3), 17–22 (2018)

    Article  Google Scholar 

  56. Song, D.X., Wagner, D.A., Perrig, A.: Practical techniques for searches on encrypted data. In: 2000 IEEE Symposium on Security and Privacy, pp. 44–55 (2000)

    Google Scholar 

  57. Stefanov, E., et al.: Path ORAM: an extremely simple oblivious RAM protocol. J. ACM 65(4), 18:1–18:26 (2018)

    Article  MathSciNet  Google Scholar 

  58. Tex, C., Schäler, M., Böhm, K.: Towards meaningful distance-preserving encryption. In: 30th International Conference on Scientific and Statistical Database Management, SSDBM, pp. 2:1–2:12 (2018)

    Google Scholar 

  59. Tu, S., Kaashoek, M.F., Madden, S., Zeldovich, N.: Processing analytical queries over encrypted data. Proc. VLDB Endow. 6, 289–300 (2013). https://github.com/stephentu/monomi-optimizer/

  60. Vinayagamurthy, D., Gribov, A., Gorbunov, S.: StealthDB: a scalable encrypted database with full SQL query support. PoPETs 2019(3), 370–388 (2019)

    Google Scholar 

  61. Wiese, L., Waage, T., Brenner, M.: CloudDBGuard: a framework for encrypted data storage in NoSQL wide column stores. Data Knowl. Eng. 126, 101732 (2020)

    Article  Google Scholar 

  62. Wong, W.K., Cheung, D.W., Kao, B., Mamoulis, N.: Secure kNN computation on encrypted databases. In: ACM SIGMOD 2009, pp. 139–152 (2009)

    Google Scholar 

  63. Yao, A.C.: Protocols for secure computations (extended abstract). In: 23rd Annual Symposium on Foundations of Computer Science, pp. 160–164. IEEE Computer Society (1982)

    Google Scholar 

  64. Yuan, X., Guo, Y., Wang, X., Wang, C., Li, B., Jia, X.: EncKV: an encrypted key-value store with rich queries. In: ACM Asia CCS, pp. 423–435 (2017)

    Google Scholar 

  65. Zhou, Y., Li, N., Tian, Y., An, D., Wang, L.: Public key encryption with keyword search in cloud: a survey. Entropy 22(4), 421 (2020)

    Article  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science and IT, University College Cork, Cork, Ireland

    Buvana Ganesh & Paolo Palmieri

Authors
  1. Buvana Ganesh
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Paolo Palmieri
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Buvana Ganesh .

Editor information

Editors and Affiliations

  1. Polytechnique Montréal, Montréal, QC, Canada

    Gabriela Nicolescu

  2. CEA-Leti Technology Research Institute, Grenoble, France

    Assia Tria

  3. Polytechnique Montréal, Montréal, QC, Canada

    José M. Fernandez

  4. University of Lorraine, Vandœuvre lès Nancy, France

    Jean-Yves Marion

  5. Télécom SudParis, Evry, France

    Joaquin Garcia-Alfaro

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Ganesh, B., Palmieri, P. (2021). A Survey of Advanced Encryption for Database Security: Primitives, Schemes, and Attacks. In: Nicolescu, G., Tria, A., Fernandez, J.M., Marion, JY., Garcia-Alfaro, J. (eds) Foundations and Practice of Security. FPS 2020. Lecture Notes in Computer Science(), vol 12637. Springer, Cham. https://doi.org/10.1007/978-3-030-70881-8_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-70881-8_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-70880-1

  • Online ISBN: 978-3-030-70881-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation