Collusion-Resistant Processing of SQL Range Predicates

Prior solutions for securely handling SQL range predicates in outsourced Cloud-resident databases have primarily focused on passive attacks in the Honest-but-Curious adversarial model, where the server is only permitted to observe the encrypted query processing. We consider here a significantly more...

Full description

Saved in:
Bibliographic Details
Published in:Data Science and Engineering Vol. 3; no. 4; pp. 323 - 340
Main Authors: Kesarwani, Manish, Kaul, Akshar, Singh, Gagandeep, Deshpande, Prasad M., Haritsa, Jayant R.
Format: Journal Article
Language:English
Published: Berlin/Heidelberg Springer Berlin Heidelberg 01.12.2018
Springer
Springer Nature B.V
SpringerOpen
Subjects:
Algorithm Analysis and Problem Complexity
Algorithms
Artificial Intelligence
Chemistry and Earth Sciences
Cloud
Computer Science
Data Mining and Knowledge Discovery
Data security
Database Management
DBMS software
Encryption
Methods
Physics
Queries
Query languages
Query processing
Range
Safety and security measures
Security
SQL
Statistics for Engineering
Systems and Data Security
Security
Range
Cloud
SQL
ISSN:2364-1185, 2364-1541
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Prior solutions for securely handling SQL range predicates in outsourced Cloud-resident databases have primarily focused on passive attacks in the Honest-but-Curious adversarial model, where the server is only permitted to observe the encrypted query processing. We consider here a significantly more powerful adversary, wherein the server can launch an active attack by clandestinely issuing specific range queries via collusion with a few compromised clients. The security requirement in this environment is that data values from a plaintext domain of size N should not be leaked to within an interval of size H . Unfortunately, all prior encryption schemes for range predicate evaluation are easily breached with only O ( log 2 ψ ) range queries, where ψ = N / H . To address this lacuna, we present SPLIT, a new encryption scheme where the adversary requires exponentially more — O ( ψ ) —range queries to breach the interval constraint and can therefore be easily detected by standard auditing mechanisms. The novel aspect of SPLIT is that each value appearing in a range-sensitive column is first segmented into two parts. These segmented parts are then independently encrypted using a layered composition of a secure block cipher with the order-preserving encryption and prefix-preserving encryption schemes, and the resulting ciphertexts are stored in separate tables. At query processing time, range predicates are rewritten into an equivalent set of table-specific sub-range predicates, and the disjoint union of their results forms the query answer. A detailed evaluation of SPLIT on benchmark database queries indicates that its execution times are well within a factor of two of the corresponding plaintext times, testifying its efficiency in resisting active adversaries.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:2364-1185
2364-1541
DOI:10.1007/s41019-018-0081-5