Book ChapterDOI

# Efficient Searching Over Encrypted Database: Methodology and Algorithms

10 Jan 2019-pp 327-338

TL;DR: This paper describes a modification to the Secure K-Nearest Neighbours (SkNN) technique to construct an encrypted database system and suggests an approach which combines RSA with the SkNN scheme.

AbstractDatabase encryption is a process in which the data stored in the database are converted from plaintext (PT) to ciphertext (CT). The original data can be retrieved from the ciphertext with the help of a predefined key and a decryption scheme. This way, only the appropriate authority that has the key can access the data. Thus, encrypted databases help ensure data confidentiality and avoid data leaks. In this paper, we will describe a modification to the Secure K-Nearest Neighbours (SkNN) [3] technique to construct an encrypted database system. We briefly discuss some of the existing encryption models and the principles involved in their construction and look at some of the issues that plague these models. The motivation behind this paper is to devise a method that allows for strong database encryption, while at the same time facilitating efficient search over the encrypted data. In order to achieve this, we suggest an approach which combines RSA with the SkNN scheme.

##### Citations
More filters
Book ChapterDOI
29 Aug 2019
TL;DR: Two mainly concerned algorithms are RSA Algorithm and Modification in RSA Encryption Algorithm (MREA) and one of the modifications in RSA encryption algorithm is named as Homomorphic Enc encryption Algorithm.
Abstract: The primary operation performed by cloud computing is to provide dynamic storage capacity and security to its users. The main benefit from using the cloud computing is the reduction in the economic expenditure and ease in the accessibility of data. This whole mechanism involves various security algorithms; still there are some security issues which needs to be solved. In this paper, various security algorithms have been discussed in order to analyze the performance of the algorithms and to find out that which encryption algorithm is better for the data protection in the cloud computing platform. The mainly concerned algorithms in this paper are RSA Algorithm and Modification in RSA Encryption Algorithm (MREA). One of the modifications in RSA encryption algorithm is named as Homomorphic Encryption Algorithm.

1 citations

##### References
More filters
Journal ArticleDOI
TL;DR: An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key.
Abstract: An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key. This has two important consequences: (1) Couriers or other secure means are not needed to transmit keys, since a message can be enciphered using an encryption key publicly revealed by the intented recipient. Only he can decipher the message, since only he knows the corresponding decryption key. (2) A message can be “signed” using a privately held decryption key. Anyone can verify this signature using the corresponding publicly revealed encryption key. Signatures cannot be forged, and a signer cannot later deny the validity of his signature. This has obvious applications in “electronic mail” and “electronic funds transfer” systems. A message is encrypted by representing it as a number M, raising M to a publicly specified power e, and then taking the remainder when the result is divided by the publicly specified product, n, of two large secret primer numbers p and q. Decryption is similar; only a different, secret, power d is used, where e * d ≡ 1(mod (p - 1) * (q - 1)). The security of the system rests in part on the difficulty of factoring the published divisor, n.

14,611 citations

Proceedings ArticleDOI
14 May 2000
TL;DR: This work describes the cryptographic schemes for the problem of searching on encrypted data and provides proofs of security for the resulting crypto systems, and presents simple, fast, and practical algorithms that are practical to use today.
Abstract: It is desirable to store data on data storage servers such as mail servers and file servers in encrypted form to reduce security and privacy risks. But this usually implies that one has to sacrifice functionality for security. For example, if a client wishes to retrieve only documents containing certain words, it was not previously known how to let the data storage server perform the search and answer the query, without loss of data confidentiality. We describe our cryptographic schemes for the problem of searching on encrypted data and provide proofs of security for the resulting crypto systems. Our techniques have a number of crucial advantages. They are provably secure: they provide provable secrecy for encryption, in the sense that the untrusted server cannot learn anything about the plaintext when only given the ciphertext; they provide query isolation for searches, meaning that the untrusted server cannot learn anything more about the plaintext than the search result; they provide controlled searching, so that the untrusted server cannot search for an arbitrary word without the user's authorization; they also support hidden queries, so that the user may ask the untrusted server to search for a secret word without revealing the word to the server. The algorithms presented are simple, fast (for a document of length n, the encryption and search algorithms only need O(n) stream cipher and block cipher operations), and introduce almost no space and communication overhead, and hence are practical to use today.

3,008 citations

Proceedings ArticleDOI
30 Oct 2006
TL;DR: In this paper, the authors proposed a searchable symmetric encryption (SSE) scheme for the multi-user setting, where queries to the server can be chosen adaptively during the execution of the search.
Abstract: Searchable symmetric encryption (SSE) allows a party to outsource the storage of its data to another party (a server) in a private manner, while maintaining the ability to selectively search over it. This problem has been the focus of active research in recent years. In this paper we show two solutions to SSE that simultaneously enjoy the following properties: Both solutions are more efficient than all previous constant-round schemes. In particular, the work performed by the server per returned document is constant as opposed to linear in the size of the data. Both solutions enjoy stronger security guarantees than previous constant-round schemes. In fact, we point out subtle but serious problems with previous notions of security for SSE, and show how to design constructions which avoid these pitfalls. Further, our second solution also achieves what we call adaptive SSE security, where queries to the server can be chosen adaptively (by the adversary) during the execution of the search; this notion is both important in practice and has not been previously considered.Surprisingly, despite being more secure and more efficient, our SSE schemes are remarkably simple. We consider the simplicity of both solutions as an important step towards the deployment of SSE technologies.As an additional contribution, we also consider multi-user SSE. All prior work on SSE studied the setting where only the owner of the data is capable of submitting search queries. We consider the natural extension where an arbitrary group of parties other than the owner can submit search queries. We formally define SSE in the multi-user setting, and present an efficient construction that achieves better performance than simply using access control mechanisms.

1,591 citations

Proceedings ArticleDOI
23 Oct 2011
TL;DR: The evaluation shows that CryptDB has low overhead, reducing throughput by 14.5% for phpBB, a web forum application, and by 26% for queries from TPC-C, compared to unmodified MySQL.
Abstract: Due to the increasing popularity of cloud computing, more and more data owners are motivated to outsource their data to cloud servers for great convenience and reduced cost in data management. However, sensitive data should be encrypted before outsourcing for privacy requirements, which obsoletes data utilization like keyword-based document retrieval. In this paper, we present a secure multi-keyword ranked search scheme over encrypted cloud data, which simultaneously supports dynamic update operations like deletion and insertion of documents. Specifically, the vector space model and the widely-used TF $\;\times\;$ IDF model are combined in the index construction and query generation. We construct a special tree-based index structure and propose a “Greedy Depth-first Search” algorithm to provide efficient multi-keyword ranked search. The secure kNN algorithm is utilized to encrypt the index and query vectors, and meanwhile ensure accurate relevance score calculation between encrypted index and query vectors. In order to resist statistical attacks, phantom terms are added to the index vector for blinding search results. Due to the use of our special tree-based index structure, the proposed scheme can achieve sub-linear search time and deal with the deletion and insertion of documents flexibly. Extensive experiments are conducted to demonstrate the efficiency of the proposed scheme.