Handbook of Applied Cryptography
Handbook of Applied Cryptography
Executing SQL over encrypted data in the database-service-provider model
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
Authentic Third-party Data Publication
Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security: Data and Application Security, Development and Directions
Providing Database as a Service
ICDE '02 Proceedings of the 18th International Conference on Data Engineering
Modeling and assessing inference exposure in encrypted databases
ACM Transactions on Information and System Security (TISSEC)
E.cient Aggregation of encrypted data in Wireless Sensor Networks
MOBIQUITOUS '05 Proceedings of the The Second Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services
Incorporating a Secure Coprocessor in the Database-as-a-Service Model
IWIA '05 Proceedings of the Innovative Architecture on Future Generation High-Performance Processors and Systems
A privacy-preserving index for range queries
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Answering aggregation queries in a secure system model
VLDB '07 Proceedings of the 33rd international conference on Very large data bases
New Multiparty Signature Schemes for Network Routing Applications
ACM Transactions on Information and System Security (TISSEC)
Privacy-Preserving Computation and Verification of Aggregate Queries on Outsourced Databases
PETS '09 Proceedings of the 9th International Symposium on Privacy Enhancing Technologies
Provably-secure schemes for basic query support in outsourced databases
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Deterministic and efficiently searchable encryption
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
A secure multi-dimensional partition based index in DAS
APWeb'08 Proceedings of the 10th Asia-Pacific web conference on Progress in WWW research and development
Authenticated Index Structures for Aggregation Queries
ACM Transactions on Information and System Security (TISSEC)
TrustedDB: a trusted hardware based database with privacy and data confidentiality
Proceedings of the 2011 ACM SIGMOD International Conference on Management of data
Data Outsourcing Simplified: Generating Data Connectors from Confidentiality and Access Policies
CCGRID '12 Proceedings of the 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012)
Security limitations of using secret sharing for data outsourcing
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Secure and Fast Aggregation of Financial Data in Cloud-Based Expense Tracking Applications
Journal of Network and Systems Management
Compromising privacy in precise query protocols
Proceedings of the 16th International Conference on Extending Database Technology
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
CorrectDB: SQL engine with practical query authentication
Proceedings of the VLDB Endowment
Inference attack against encrypted range queries on outsourced databases
Proceedings of the 4th ACM conference on Data and application security and privacy
| Hi-index | 0.00 |
In the Database-As-a-Service (DAS) model, clients store their database contents at servers belonging to potentially untrusted service providers. To maintain data confidentiality, clients need to outsource their data to servers in encrypted form. At the same time, clients must still be able to execute queries over encrypted data. One prominent and fairly effective technique for executing SQL-style range queries over encrypted data involves partitioning (or bucketization) of encrypted attributes. However, executing aggregation-type queries over encrypted data is a notoriously difficult problem. One well-known cryptographic tool often utilized to support encrypted aggregation is homomorphic encryption; it enables arithmetic operations over encrypted data. One technique based on a specific homomorphic encryption function was recently proposed in the context of the DAS model. Unfortunately, as shown in this paper, this technique is insecure against ciphertext-only attacks. We propose a simple alternative for handling encrypted aggregation queries and describe its implementation. We also consider a different flavor of the DAS model which involves mixed databases, where some attributes are encrypted and some are left in the clear. We show how range queries can be executed in this model.