research-article

SAGMA: Secure Aggregation Grouped by Multiple Attributes

Authors:

Timon Hackenjos,

Florian KerschbaumAuthors Info & Claims

SIGMOD '20: Proceedings of the 2020 ACM SIGMOD International Conference on Management of Data

Pages 587 - 601

https://doi.org/10.1145/3318464.3380569

Published: 31 May 2020 Publication History

Abstract

Encryption can protect data in outsourced databases -- in the cloud -- while still enabling query processing over the encrypted data. However, the processing leaks information about the data specific to the type of query, e.g., aggregation queries. Aggregation over user-defined groups using SQL's GROUP BY clause is extensively used in data analytics, e.g., to calculate the total number of visitors each month or the average salary in each department. The information leaked, e.g., the access pattern to a group, may reveal the group's frequency enabling simple, yet detrimental leakage-abuse attacks. In this work we present SAGMA -- an encryption scheme for performing secure aggregation grouped by multiple attributes. The querier can choose any combination of one or multiple attributes in the GROUP BY clause among the set of all grouping attributes. The encryption scheme only stores semantically secure ciphertexts at the cloud and query processing hides the access pattern, i.e., the frequency of each group. We implemented our scheme and our evaluation results underpin its practical feasibility.

Supplementary Material

MP4 File (3318464.3380569.mp4)

Presentation Video

Download
98.00 MB

References

[1]

A. Akavia, D. Feldman, and H. Shaul. Secure search on encrypted data via multi-ring sketch. In Proceedings of the 25th ACM Conference on Computer and Communications Security, CCS, 2018.

Digital Library

[2]

E. B. Barker. Recommendation for key management, part 1: General. Technical report, National Institute of Standards & Technology, Gaithersburg, MD, United States, 2016.

[3]

J. Bater, G. Elliott, C. Eggen, S. Goel, A. N. Kho, and J. Rogers. SMCQL: secure query processing for private data networks. PVLDB, 10(6), 2017.

Digital Library

[4]

D. Boneh, E.-J. Goh, and K. Nissim. Evaluating 2-DNF formulas on ciphertexts. In Theory of Cryptography Conference, TCC, 2005.

Digital Library

[5]

J. V. Bulck, M. Minkin, O. Weisse, D. Genkin, B. Kasikci, F. Piessens, M. Silberstein, T. F. Wenisch, Y. Yarom, and R. Strackx. Foreshadow: Extracting the keys to the intel SGX kingdom with transient out-of-order execution. In Proceedings of the 27th USENIX Security Symposium, USENIX, 2018.

[6]

D. Cash, S. Jarecki, C. Jutla, H. Krawczyk, M.-C. Rocs u, and M. Steiner. Highly-scalable searchable symmetric encryption with support for boolean queries. In Advances in Cryptology, Crypto. 2013.

[7]

A. Ceselli, E. Damiani, S. D. C. D. Vimercati, S. Jajodia, S. Paraboschi, and P. Samarati. Modeling and assessing inference exposure in encrypted databases. ACM Transactions on Information and System Security (TISSEC), 8(1):119--152, 2005.

Digital Library

[8]

V. Costan and S. Devadas. Intel sgx explained. IACR Cryptology ePrint Archive, 2016:86, 2016.

[9]

R. Curtmola, J. Garay, S. Kamara, and R. Ostrovsky. Searchable symmetric encryption: improved definitions and efficient constructions. In Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS, 2006.

Digital Library

[10]

M. Ermolov and M. Goryachy. How to hack a turned-off computer, or running unsigned code in intel management engine. In Black Hat Europe, 2017.

[11]

S. Faber, S. Jarecki, H. Krawczyk, Q. Nguyen, M. Rosu, and M. Steiner. Rich queries on encrypted data: Beyond exact matches. In European Symposium on Research in Computer Security, pages 123--145, 2015.

[12]

D. M. Freeman. Converting pairing-based cryptosystems from composite-order groups to prime-order groups. In Advances in Cryptology -- EUROCRYPT 2010, pages 44--61. Springer Berlin Heidelberg, 2010.

Digital Library

[13]

B. Fuller, M. Varia, A. Yerukhimovich, E. Shen, A. Hamlin, V. Gadepally, R. Shay, J. D. Mitchell, and R. K. Cunningham. Sok: Cryptographically protected database search. arXiv preprint 1703.02014, 2017.

[14]

T. Ge and S. Zdonik. Answering aggregation queries in a secure system model. In Proceedings of the 33rd international conference on Very Large Data Bases, VLDB, 2007.

Digital Library

[15]

C. Gentry et al. Fully homomorphic encryption using ideal lattices. In STOC, volume 9, pages 169--178, 2009.

Digital Library

[16]

P. Grubbs, K. Sekniqi, V. Bindschaedler, M. Naveed, and T. Ristenpart. Leakage-abuse attacks against order-revealing encryption. Cryptology ePrint Archive, Report 2016/895, 2016.

[17]

H. Hacigümücs, B. Iyer, C. Li, and S. Mehrotra. Executing sql over encrypted data in the database-service-provider model. In Proceedings of the ACM SIGMOD Conference on Management of Data, SIGMOD, 2002.

[18]

F. Hahn, N. Loza, and F. Kerschbaum. Practical and secure substring search. In Proceedings of the ACM SIGMOD Conference on Management of Data, SIGMOD, 2018.

Digital Library

[19]

B. Hore, S. Mehrotra, M. Canim, and M. Kantarcioglu. Secure multidimensional range queries over outsourced data. The VLDB Journal-The International Journal on Very Large Data Bases, (3):333--358, 2012.

[20]

B. Hore, S. Mehrotra, and G. Tsudik. A privacy-preserving index for range queries. In Proceedings of the 30th international conference on Very Large Data Bases, VLDB, 2004.

[21]

Y. Hu, W. J. Martin, and B. Sunar. Enhanced flexibility for homomorphic encryption schemes via CRT. In Applied Cryptography and Network Security (ACNS), 2012.

[22]

S. Kamara and T. Moataz. Sql on structurally-encrypted databases. In International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT. Springer, 2018.

Digital Library

[23]

M. Naveed, S. Kamara, and C. V. Wright. Inference attacks on property-preserving encrypted databases. In Proceedings of the 22nd ACM Conference on Computer and Communications Security, CCS, 2015.

Digital Library

[24]

P. Paillier. Public-key cryptosystems based on composite degree residuosity classes. In Eurocrypt, 1999.

Digital Library

[25]

A. Papadimitriou, R. Bhagwan, N. Chandran, and R. Ramjee. Big data analytics over encrypted datasets with seabed. In 12th USENIX Symposium on Operating Systems Design and Implementation, OSDI, 2016.

[26]

R. A. Popa, C. M. S. Redfield, N. Zeldovich, and H. Balakrishnan. Cryptdb: protecting confidentiality with encrypted query processing. In Proceedings of the 23rd ACM Symposium on Operating Systems Principles, SOSP, 2011.

Digital Library

[27]

W. Zheng, A. Dave, J. G. Beekman, R. A. Popa, J. E. Gonzalez, and I. Stoica. Opaque: An oblivious and encrypted distributed analytics platform. In NSDI, pages 283--298, 2017.

Digital Library

Cited By

Guan ZMao RZhang QZhang ZZhao ZBian S(2024)AutoHoG: Automating Homomorphic Gate Design for Large-Scale Logic Circuit EvaluationIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2024.335759843:7(1971-1983)Online publication date: Jul-2024
https://doi.org/10.1109/TCAD.2024.3357598
Matsumoto MTakahashi TOguchi M(2024)IPEQ: Querying Multi-attribute Records with Inner Product EncryptionICT Systems Security and Privacy Protection10.1007/978-3-031-65175-5_24(338-352)Online publication date: 26-Jul-2024
https://doi.org/10.1007/978-3-031-65175-5_24
Bian SZhang ZPan HMao RZhao ZJin YGuan ZMeng WJensen CCremers CKirda E(2023)HE3DB: An Efficient and Elastic Encrypted Database Via Arithmetic-And-Logic Fully Homomorphic EncryptionProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3616608(2930-2944)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3616608
Show More Cited By

Index Terms

SAGMA: Secure Aggregation Grouped by Multiple Attributes
1. Security and privacy
  1. Database and storage security
    1. Management and querying of encrypted data
  2. Security services
    1. Privacy-preserving protocols

Recommendations

Discrete logarithm based additively homomorphic encryption and secure data aggregation

At PKC 2006, Chevallier-Mames, Paillier, and Pointcheval proposed discrete logarithm based encryption schemes that are partially homomorphic, either additively or multiplicatively and announced an open problem: finding a discrete logarithm based ...
Secure Data Aggregation in WSNs: A Two Level Framework
SIN '18: Proceedings of the 11th International Conference on Security of Information and Networks

Energy efficiency is an important issue in wireless sensor networks; clustering of nodes and sensor data aggregation are popular techniques to address the issue. Sensors generate sensitive data in many applications and thus methods to secure the data so ...
Efficient and provably secure aggregation of encrypted data in wireless sensor networks

Wireless sensor networks (WSNs) are composed of tiny devices with limited computation and battery capacities. For such resource-constrained devices, data transmission is a very energy-consuming operation. To maximize WSN lifetime, it is essential to ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SIGMOD '20: Proceedings of the 2020 ACM SIGMOD International Conference on Management of Data

June 2020

2925 pages

ISBN:9781450367356

DOI:10.1145/3318464

General Chairs:
David Maier
Portland State University, USA
,
Rachel Pottinger
University of British Columbia, Canada
,
Program Chairs:
AnHai Doan
University of Wisconsin, USA
,
Wang-Chiew Tan
Megagon Labs, USA
,
Publications Chairs:
Abdussalam Alawini
University of Illinois at Urbana-Champaign, USA
,
Hung Q. Ngo
RelationalAI, USA

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGMOD: ACM Special Interest Group on Management of Data

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 31 May 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

SIGMOD/PODS '20

Sponsor:

SIGMOD

SIGMOD/PODS '20: International Conference on Management of Data

June 14 - 19, 2020

OR, Portland, USA

Acceptance Rates

Overall Acceptance Rate 785 of 4,003 submissions, 20%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
504
Total Downloads

Downloads (Last 12 months)69
Downloads (Last 6 weeks)6

Reflects downloads up to

Other Metrics

View Author Metrics

Citations

Cited By

Guan ZMao RZhang QZhang ZZhao ZBian S(2024)AutoHoG: Automating Homomorphic Gate Design for Large-Scale Logic Circuit EvaluationIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2024.335759843:7(1971-1983)Online publication date: Jul-2024
https://doi.org/10.1109/TCAD.2024.3357598
Matsumoto MTakahashi TOguchi M(2024)IPEQ: Querying Multi-attribute Records with Inner Product EncryptionICT Systems Security and Privacy Protection10.1007/978-3-031-65175-5_24(338-352)Online publication date: 26-Jul-2024
https://doi.org/10.1007/978-3-031-65175-5_24
Bian SZhang ZPan HMao RZhao ZJin YGuan ZMeng WJensen CCremers CKirda E(2023)HE3DB: An Efficient and Elastic Encrypted Database Via Arithmetic-And-Logic Fully Homomorphic EncryptionProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3616608(2930-2944)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3616608
Zhang SRay SLu RGuan YZheng YShao J(2023)SecBerg: Secure and Practical Iceberg Queries in CloudIEEE Transactions on Services Computing10.1109/TSC.2023.326471016:5(3696-3710)Online publication date: Sep-2023
https://doi.org/10.1109/TSC.2023.3264710
Ren XSu LGu ZWang SLi FXie YBian SLi CZhang F(2022)HEDAProceedings of the VLDB Endowment10.14778/3574245.357424816:4(601-614)Online publication date: 1-Dec-2022
https://dl.acm.org/doi/10.14778/3574245.3574248
Kundi DKhalid ABian SLiu W(2022)Approximate Computing for CryptographyApproximate Computing10.1007/978-3-030-98347-5_13(313-331)Online publication date: 18-Mar-2022
https://doi.org/10.1007/978-3-030-98347-5_13
Cash DNg RRivkin A(2021)Improved Structured Encryption for SQL Databases via Hybrid IndexingApplied Cryptography and Network Security10.1007/978-3-030-78375-4_19(480-510)Online publication date: 21-Jun-2021
https://dl.acm.org/doi/10.1007/978-3-030-78375-4_19

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents