research-article

Dual encryption for query integrity assurance

Authors:

Chang-shing Perng,

Philip S. YuAuthors Info & Claims

CIKM '08: Proceedings of the 17th ACM conference on Information and knowledge management

Pages 863 - 872

https://doi.org/10.1145/1458082.1458196

Published: 26 October 2008 Publication History

Abstract

In database outsourcing, an enterprise contracts its database management tasks to an outside database service provider to eliminate in-house hardware, software, and expertise needs for running DBMSs. This is attractive especially for the parties with limited abilities in managing their own data. Typically, the client applications want to obtain quality assurance (e.g., data authenticity and query completeness) of the outsourced database service at a low cost. Previous work on database outsourcing has focused on issues such as communication overhead, secure data access, and data privacy. Recent work has introduced the issue of query integrity assurance, but usually, to obtain such assurance incurs a high cost. In this paper, we present a new method called dual encryption to provide low-cost query integrity assurance for outsourced database services. Dual encryption enables "cross examination" of the outsourced data, which consists of the original data stored under a certain encryption scheme, and another small percentage of the original data stored under a different encryption scheme. We generate queries against the additional piece of data and analyze their results to obtain integrity assurance. Our scheme is provable secure, that is, it is impossible to break our scheme unless some security primitives can be broken. Experiments on commercial workloads show the effectiveness of our approach.

References

[1]

Dakshi Agrawal and Charu C. Aggarwal. On the design and quantification of privacy preserving data mining algorithms. In PODS, 2001.

Digital Library

[2]

Rakesh Agrawal, Jerry Kiernan, Ramakrishnan Srikant, and Yirong Xu. Order-preserving encryption for numeric data. In SIGMOD, 2004.

Digital Library

[3]

Rakesh Agrawal and Ramakrishnan Srikant. Privacy-preserving data mining. In SIGMOD, pages 439--450. ACM Press, May 2000.

Digital Library

[4]

Yijian Bai, Hetal Thakkar, Haixun Wang, Chang Luo, and Carlo Zaniolo. A data stream language and system designed for power and extensibility. In CIKM, 2006.

Digital Library

[5]

Mihir Bellare. Practice-oriented provable security. In Ivan Damgård, editor, Lectures on Data Security, volume 1561 of Lecture Notes in Computer Science, pages 1--15. Springer, 1998.

Digital Library

[6]

Mihir Bellare, Anand Desai, E. Jokipii, and Phillip Rogaway. A concrete security treatment of symmetric encryption. In FOCS, pages 394--403, 1997.

Digital Library

[7]

Mihir Bellare, Roch Guérin, and Phillip Rogaway. XOR MACs: New methods for message authentication using finite pseudorandom functions. In CRYPTO, pages 15--28, 27-31 August 1995.

Digital Library

[8]

Mihir Bellare, Joe Kilian, and Phillip Rogaway. The security of cipher block chaining. Lecture Notes in Computer Science, 839:341--358, 1994.

Digital Library

[9]

Mihir Bellare, Joe Kilian, and Phillip Rogaway. The security of the cipher block chaining message authentication code. Journal of Computer and System Sciences, 61(3):362--399, 2000.

Digital Library

[10]

Mihir Bellare and Phillip Rogaway. Entity authentication and key distribution. In CRYPTO, pages 232--249. Springer, 1994. Lecture Notes in Computer Science No. 773.

Digital Library

[11]

Mihir Bellare and Phillip Rogaway. Provably secure session key distribution: the three party case. pages 57--66, 1995.

Digital Library

[12]

David Chaum, Ivan Damgård, and Jeroen van de Graaf. Multiparty computations ensuring privacy of each party's input and correctness of the result. In CRYPTO, pages 87--119, 1987.

Digital Library

[13]

Standard Performance Evaluation Corporation. The SPECjAppServer benchmark. http://www.spec.org/jAppServer/, 2004.

[14]

Premkumar T. Devanbu, Michael Gertz, Charles U. Martel, and Stuart G. Stubblebine. Authentic third-party data publication. In Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security, 2001.

Digital Library

[15]

O. Goldreich, S. Goldwasser, and S. Micali. How to construct random functions. Journal of the ACM, 33(4):792--807, October 1986.

Digital Library

[16]

Hakan Hacigümüş, Balakrishna R. Iyer, Chen Li, and Sharad Mehrotra. Executing SQL over encrypted data in the database service provider model. In SIGMOD, 2002.

Digital Library

[17]

M. Luby and C. Rackoff. How to construct pseudorandom permutations from pseudorandom functions. SIAM Journal on Computing, 17(2):373--386, 1988.

Digital Library

[18]

Chang Luo, Hetal Thakkar, Haixun Wang, and Carlo Zaniolo. A native extension of SQL for mining data streams. In SIGMOD, 2005.

Digital Library

[19]

Dahlia Malkhi and Michael Reiter. Byzantine quorum systems. In Proc. of annual ACM symposium on Theory of computing, pages 569--578, 1997.

Digital Library

[20]

E. Mykletun, M. Narasimha, and G. Tsudik. Authentication and integrity in outsourced databases. In NDSS, 2004.

[21]

Radu Sion. Query execution assurance for outsourced databases. In VLDB, 2005.

Digital Library

[22]

Haixun Wang and Carlo Zaniolo. ATLaS: A native extension of SQL for data mining. In SDM, 2003.

[23]

Haixun Wang, Carlo Zaniolo, and Chang Luo. ATLaS: a small but complete SQL extension for data mining and data streams. In VLDB, 2003.

Digital Library

[24]

Min Xie, Haixun Wang, Jian Yin, and Xiaofeng Meng. Integrity auditing of outsourced data. In VLDB, pages 782--793. VLDB Endowment, 2007.

Digital Library

[25]

Min Xie, Haixun Wang, Jian Yin, and Xiaofeng Meng. Providing freshness guarantees for outsourced databases. In EDBT, pages 323--332. ACM, 2008.

Digital Library

[26]

Andrew C. Yao. Protocols for secure computation. In Proc. of IEEE Symposium on Foundations of Computer Science, pages 160--164, 1982.

Digital Library

[27]

J. Yin, J. Martin, A. Venkataramani, L. Alvisi, and M. Dahlin. Separating agreement from execution for byzantine fault tolerant services, 2003.

Cited By

De Capitani di Vimercati SForesti SSamarati P(2024)Query Integrity in Smart EnvironmentsSecurity and Privacy in Smart Environments10.1007/978-3-031-66708-4_2(25-48)Online publication date: 29-Oct-2024
https://doi.org/10.1007/978-3-031-66708-4_2
Weintraub GRise LKadosh AMalka MKolodner HBellosa FGabel M(2022)Integrity verification in cloud key-value storesProceedings of the 15th ACM International Conference on Systems and Storage10.1145/3534056.3534996(140-140)Online publication date: 6-Jun-2022
https://dl.acm.org/doi/10.1145/3534056.3534996
Zhang BDong BWang W(2019)Integrity Authentication for SQL Query Evaluation on Outsourced Databases: A SurveyIEEE Transactions on Knowledge and Data Engineering10.1109/TKDE.2019.2947061(1-1)Online publication date: 2019
https://doi.org/10.1109/TKDE.2019.2947061
Show More Cited By

Index Terms

Dual encryption for query integrity assurance
1. Information systems
  1. Data management systems
    1. Database management system engines
      1. Database query processing
2. Theory of computation
  1. Theory and algorithms for application domains
    1. Database theory
      1. Database query processing and optimization (theory)

Recommendations

Integrity analysis of authenticated encryption based on stream ciphers

We study the security of authenticated encryption based on a stream cipher and a universal hash function. We consider ChaCha20-Poly1305 and generic constructions proposed by Sarkar, where the generic constructions include 14 AEAD (authenticated ...
Modified RSA Encryption Algorithm (MREA)
ACCT '12: Proceedings of the 2012 Second International Conference on Advanced Computing & Communication Technologies

In asymmetric key cryptography, also called Public Key cryptography, two different keys (which forms a key pair) are used. One key is used for encryption & only the other corresponding key must be used for decryption. No other key can decrypt the ...
Integrity Analysis of Authenticated Encryption Based on Stream Ciphers
ProvSec 2016: Proceedings of the 10th International Conference on Provable Security - Volume 10005

We study the security of authenticated encryption based on a stream cipher and a universal hash function. We consider ChaCha20-Poly1305 and generic constructions proposed by Sarkar, where the generic constructions include 14 AEAD authenticated ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CIKM '08: Proceedings of the 17th ACM conference on Information and knowledge management

October 2008

1562 pages

ISBN:9781595939913

DOI:10.1145/1458082

General Chair:
James G. Shanahan
Church and Duncan Group Inc, USA
,
Program Chairs:
Sihem Amer-Yahia
Yahoo! Research, USA
,
Ioana Manolescu
INRIA, France
,
Yi Zhang
University of California, Santa Cruz, USA
,
David A. Evans
JustSystems Evans Research, USA
,
Alek Kolcz
Microsoft Live Labs, USA
,
Key-Sun Choi
KAIST, Korea
,
Abdur Chowdury
Twitter, USA

Copyright © 2008 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 26 October 2008

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CIKM08

Sponsor:

CIKM08: Conference on Information and Knowledge Management

October 26 - 30, 2008

California, Napa Valley, USA

Acceptance Rates

Overall Acceptance Rate 1,861 of 8,427 submissions, 22%

Upcoming Conference

CIKM '25

Sponsor:
sigir
sigir

The 34th ACM International Conference on Information and Knowledge Management

November 10 - 14, 2025

Seoul , Republic of Korea

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

45
Total Citations
View Citations
661
Total Downloads

Downloads (Last 12 months)7
Downloads (Last 6 weeks)0

Reflects downloads up to 23 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

De Capitani di Vimercati SForesti SSamarati P(2024)Query Integrity in Smart EnvironmentsSecurity and Privacy in Smart Environments10.1007/978-3-031-66708-4_2(25-48)Online publication date: 29-Oct-2024
https://doi.org/10.1007/978-3-031-66708-4_2
Weintraub GRise LKadosh AMalka MKolodner HBellosa FGabel M(2022)Integrity verification in cloud key-value storesProceedings of the 15th ACM International Conference on Systems and Storage10.1145/3534056.3534996(140-140)Online publication date: 6-Jun-2022
https://dl.acm.org/doi/10.1145/3534056.3534996
Zhang BDong BWang W(2019)Integrity Authentication for SQL Query Evaluation on Outsourced Databases: A SurveyIEEE Transactions on Knowledge and Data Engineering10.1109/TKDE.2019.2947061(1-1)Online publication date: 2019
https://doi.org/10.1109/TKDE.2019.2947061
Zhang BDong BWang H(2019)CorrectMR: Authentication of Distributed SQL Execution on MapReduceIEEE Transactions on Knowledge and Data Engineering10.1109/TKDE.2019.2935968(1-1)Online publication date: 2019
https://doi.org/10.1109/TKDE.2019.2935968
Rady MAbdelkader TIsmail R(2019)Integrity and Confidentiality in Cloud Outsourced DataAin Shams Engineering Journal10.1016/j.asej.2019.03.002Online publication date: Apr-2019
https://doi.org/10.1016/j.asej.2019.03.002
Weintraub GGudes E(2018)Data Integrity Verification in Column-Oriented NoSQL DatabasesData and Applications Security and Privacy XXXII10.1007/978-3-319-95729-6_11(165-181)Online publication date: 10-Jul-2018
https://doi.org/10.1007/978-3-319-95729-6_11
Hong JWen TGuo QYe Z(2017) Secure kNN Computation and Integrity Assurance of Data Outsourcing in the Cloud Mathematical Problems in Engineering10.1155/2017/81097302017:1Online publication date: 13-Dec-2017
https://doi.org/10.1155/2017/8109730
Weintraub GGudes E(2017)Crowdsourced Data Integrity Verification for Key-Value Stores in the CloudProceedings of the 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing10.1109/CCGRID.2017.17(498-503)Online publication date: 14-May-2017
https://dl.acm.org/doi/10.1109/CCGRID.2017.17
Sheng GTang CHan HGao WHu X(2017)Authentication of outsourced linear function query with efficient updatesCluster Computing10.1007/s10586-017-1064-4Online publication date: 27-Jul-2017
https://doi.org/10.1007/s10586-017-1064-4
De Capitani di Vimercati SForesti SLivraga GSamarati P(2017)Supporting Users in Data Outsourcing and Protection in the CloudCloud Computing and Services Science10.1007/978-3-319-62594-2_1(3-15)Online publication date: 20-Jul-2017
https://doi.org/10.1007/978-3-319-62594-2_1
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten