Software protection and simulation on oblivious RAMs
Journal of the ACM (JACM)
Executing SQL over encrypted data in the database-service-provider model
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
Practical Techniques for Searches on Encrypted Data
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Balancing confidentiality and efficiency in untrusted relational DBMSs
Proceedings of the 10th ACM conference on Computer and communications security
Order preserving encryption for numeric data
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Modeling and assessing inference exposure in encrypted databases
ACM Transactions on Information and System Security (TISSEC)
Searchable symmetric encryption: improved definitions and efficient constructions
Proceedings of the 13th ACM conference on Computer and communications security
Multi-Dimensional Range Query over Encrypted Data
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
A privacy-preserving index for range queries
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Building castles out of mud: practical access pattern privacy and correctness on untrusted storage
Proceedings of the 15th ACM conference on Computer and communications security
Order-Preserving Symmetric Encryption
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Conjunctive, subset, and range queries on encrypted data
TCC'07 Proceedings of the 4th conference on Theory of cryptography
Efficient and Private Access to Outsourced Data
ICDCS '11 Proceedings of the 2011 31st International Conference on Distributed Computing Systems
Order-preserving encryption revisited: improved security analysis and alternative solutions
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
A light-weight solution to preservation of access pattern privacy in un-trusted clouds
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
CryptDB: protecting confidentiality with encrypted query processing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Aggregation queries in the database-as-a-service model
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Security issues in querying encrypted data
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
Privacy-preserving queries on encrypted data
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Compromising privacy in precise query protocols
Proceedings of the 16th International Conference on Extending Database Technology
Processing analytical queries over encrypted data
Proceedings of the VLDB Endowment
ObliviStore: High Performance Oblivious Cloud Storage
SP '13 Proceedings of the 2013 IEEE Symposium on Security and Privacy
Hi-index | 0.00 |
To mitigate security concerns of outsourced databases, quite a few protocols have been proposed that outsource data in encrypted format and allow encrypted query execution on the server side. Among the more practical protocols, the "bucketization" approach facilitates query execution at the cost of reduced efficiency by allowing some false positives in the query results. Precise Query Protocols (PQPs), on the other hand, enable the server to execute queries without incurring any false positives. Even though these protocols do not reveal the underlying data, they reveal query access pattern to an adversary. In this paper, we introduce a general attack on PQPs based on access pattern disclosure in the context of secure range queries. Our empirical analysis on several real world datasets shows that the proposed attack is able to disclose significant amount of sensitive data with high accuracy provided that the attacker has reasonable amount of background knowledge. We further demonstrate that a slight variation of such an attack can also be used on imprecise protocols (e.g., bucketization) to disclose significant amount of sensitive information.