Embed Size (px)
Citation preview
Managing and querying encrypted data
Trần Mỹ Giao
Huỳnh Mai Thúy
Outline
Introduction1
DAS - Storing and querying encrypted data
Trust, Encryption Key- Management, Integrity & Data confidentiality
References
2
3
4
Introduction
Two new challenges emerge:oEfficient encryption algorithms for
relational dataoSupporting query on the encrypted
relational data.
Example: secure email server.
Outline
Introduction1
DAS - Storing and querying encrypted data
Trust, Encryption Key- Management, Integrity & Data confidentiality
References
2
3
4
What is DAS ?
• It is a paradigm wherein data owned by a client is hosted on a third-party server
• There is significant interest in secure query evaluation over encrypted databases.
DAS - Storing and querying encrypted data
• DAS set up and security model
• Querying encrypted relational data
• Relational encryption and storage model
• Keyword search on encrypted text data
• Search over encrypted XML data
DAS setup and security
• Data-owner, clients, server• Data must be encrypted on the server and
only decrypted on the client-side.
Querying encrypted relational data
• EMP(eid, ename, salary, addr, did)• DEPARTMENT(did, dname, mgr)• The goal in DAS is to process the query
directly at the server without the need to decrypt the data.
Querying encrypted relational data
• Requires mechanism to support the following basic operator over encrypted data
• Comparison operators• Arithmetic operators
2 categories
• Approaches based on new encyption techniques
• Information-hiding based Approaches
Approaches based on new encryption techniques
• Support either arthrimetic and/or comparison operators– PH supports basic arithmetic operations,and
doesn’t allow comparison.– Order-preserving encryption: support comparison,
join, selection, sorting, grouping, not support aggregation.
• The limitation: – Only safe under limited situations where the
adversary knowledge is limited.
Information-hiding based Approaches
• Store additional auxiliary information along with encrypted data
• Secure indices are designed carefully exploiting information hiding mechanism .
Information-hiding based Approaches
• 3 basic techniques:– Pertubation :Add a random value to the true
value (numeric attribute)– Generalization : Replace a numeric or categorical
value by a more general value– Swapping : swap the values of a specific attribute
of two records
Information-hiding based Approaches
• Support comparison , select – project - join , sorting ,grouping.
• Cannot support aggregation at the server.
Query processing architecture for DAS
Relational encryption and storage model
• R(A1, A2,.., An)
• Emp(etuple, eid, ename, salary, addr, did)
Relational encryption and storage model
• Partition functions:– Patition(emp.eid) = {[0,200], [200, 400],[400,600],
[600, 800], [800, 1000]}
• Identification functions:
E.g. : Ident(emp.eid)([0,200]) =2
Relational encryption and storage model
• Mapping functions– Map(emp.eid)(395) = 7
• Storing encrypted data
Relational encryption and storage model
• Decyption functions– D(Rs) = R
• Mapping condition– To translate query conditions to corresponding
conditions over the server-side, Map (cond) is called.
Translating Realtional Operator
• The Selection Operator:
• E.g. :C = eid < 395 & did = 140 (emp)
Query Execution
• Give an example:
Query Execution
• Give an example:
Query Execution
• Give an example:
Query Execution
• Give an example:
Keyword search on encrypted text data
•
• Answer is
Private key based search scheme on encrypted text data
• Secure index: reveals no imformation about its content to the adversary
• However, allows the adversary to tests the presence or absence of the keyword using a trapdoor
• A user search for documents containing word w, generates a trapdoor , which can be used by adversary to retieve documents.
Secure index’s creation
• Alice generates a sequence of pseudo-random values s1...sn, using a stream cipher.
• For each string si, Alice using pseudo-random function Fk(si) to generate a random m-bit sequence
• Then computes n-bit sequence ti= <si, Fk(si)>• Ciphertext ci = wi XOR ti• Secure index is a set of ci.
Secure index’s creation
• To prevent adversary from knowing what keyword is, pre- encrypt each word w using algorithm Ek
• Instead of using w below, we using xi = Ek(wi) to replace xi.
Search over encrypted XML data
• There has been little work in the area of encrypted XML data management.
• Two kinds of information the client may consider as sensitive: Individual node with its content Association between data values.
Search over encrypted XML data
• The notion of security constraints (SCs) that support both types of security requirements above.
• Such constraints can be specified in the form of Xpath expressions and may be classified as either node-type constraints or association-type constraints.
Search over encrypted XML data
• Hiding individual node with its content by encrypting their content
• Hiding Association between data values by encrypting any one of the nodes can enforce the SC
Search over encrypted XML data
• Query processing follows the typical DAS approach that we mentioned earlier
• Using two indexes( is call discontinuous structural interval index(DSI))– One is the structural index to enable tree
traversal– The second one is a value index for enabling
attribute value based queries like range queries.
Search over encrypted XML data
• Use an “order-preserving encryption” scheme to transform the values from their original domain to a new domain
Use B-trees to implement range-queries
• This scheme is unsafe under known plaintext attack
Outline
Introduction1
DAS - Storing and querying encrypted data
Trust, Encryption Key- Management, Integrity & Data confidentiality
References
2
3
4
Trust, Key- management, Integrity & Data confidentiality
• 3 basic models of trust that are widely studied in literature: Complete trust : the data management
issues are similar to those arising in standard DBMS systems
Partial trust : ensure the confidentiality of sensitive data
Un-trusted model :ensure authenticity of data and correctness of query results
Trust, Key- management, Integrity & Data confidentiality
• Encrypting relational data
• Authentication and integrity issues
• Key management in DAS
Encrypting relational data
• Three important issues to keep in mind1) Encryption algorithms
2) Encryption granularity
3) Efficient storage for encrypted data
1) Encryption algorithms
• Symmetric key DES : the effective key length is 56 bits,
the block size is 64 bits AES : Each of these ciphers has a 128-bit
block size, with key sizes of 128, 192 and 256 bits
Blowfish : 64-bit block size and a variable key length from 32 up to 448 bits
DESAES
Blowfish
1) Encryption algorithms
1) Encryption algorithms
• Public-key encryption: Avoids the problem of secure key distribution E.g. : RSA
2) Encryption granularity
• Field level The smallest achievable granularity Each attribute value of a tuple is encrypted
separately
2) Encryption granularity
• Record / row level Each row is encrypted separately Does not differentiate between sensitive and
non-sensitive data
2) Encryption granularity
• Attribute / column level: Only sensitive attributes are encrypted
2) Encryption granularity
• Page / block level : Whenever a page/block of sensitive data is
stored, the entire block is encrypted
3) Efficient storage for encrypted data
• The performance issues associated with storage of encrypted data on the disk
• “ Partitioned Plaintext and Cipher text” (PPC) :– Cluster the non-sensitive and sensitive data
minimize the number of encryption operations
3) Efficient storage for encrypted data
– Use NSM requires only modifications to the page layout.
Authentication and integrity issues
• Data integrity and authentication can be provided at difference levels of granularity:
the level of a table, a column, a row, an individual attribute value.
• Three flavor of database model: Unified client model
Multiple clients-single owner
Multiple clients-multiple owners
Authentication and integrity issues• One natural and intuitive solution for record-level
integrity is to use message authentication codes (MAC)
• MAC is a keyed hash of record ‘s content , tend to be small and of constant length
• The MAC-s are attractive for the unified client model
• In multi owner and multi querier models, potentially many queriers for each client. In these settings, MAC-s are not useful (repudiation)
Key management in DAS
• The data owner first decides the key-assignment granularity: Database level : generate a single key for
the whole database Table level : tables in database may be
grouped one key generate for each group Row level : records in table be grouped
each group is encrypted with a separate key
Key management in DAS
• In DAS key generation can be carried out at the client-side or at a third-party trusted server.
• The key generation process is classified into two classes: Pre computation :
Key is generated ahead of time After that, be stored in the key registry(key-Id , key
correspondence information , key mode, key material…) of the system
Re computation The key generating information is stored
Outline
Introduction1
DAS - Storing and querying encrypted data
Trust, Encryption Key- Management, Integrity & Data confidentiality
References
2
3
4
References
• Handbook of Database Security Applications and Trends 2007
• www.google.com.vn• www.en.wikipedia.org
THANK YOU FOR LISTENING
