9,195 research outputs found
Order-Preserving Symmetric Encryption
We initiate the cryptographic study of order-preserving symmetric encryption (OPE), a primitive suggested in the database community by Agrawal et al.~(SIGMOD \u2704) for allowing efficient range queries on encrypted data. Interestingly, we first show that a straightforward relaxation of standard security notions for encryption such as indistinguishability against chosen-plaintext attack (IND-CPA) is unachievable by a practical OPE scheme. Instead, we propose a security notion in the spirit of pseudorandom functions (PRFs) and related primitives asking that an OPE scheme look ``as-random-as-possible subject to the order-preserving constraint.
We then design an efficient OPE scheme and prove its security under our notion based on pseudorandomness of an underlying blockcipher. Our construction is based on a natural relation we uncover between a random order-preserving function and the hypergeometric probability distribution.
In particular, it makes black-box use of an efficient sampling algorithm for the latter
Intrusion-tolerant Order-preserving Encryption
Traditional encryption schemes such as AES and RSA aim to achieve the highest level of security, often indistinguishable security under the adaptive chosen-ciphertext attack. Ciphertexts generated by such encryption schemes do not leak useful information. As a result, such ciphertexts do not support efficient searchability nor range queries.
Order-preserving encryption is a relatively new encryption paradigm that allows for efficient queries on ciphertexts. In order-preserving encryption, the data-encrypting key is a long-term symmetric key that needs to stay online for insertion, query and deletion operations, making it an attractive target for attacks.
In this thesis, an intrusion-tolerant order-preserving encryption system was developed to support range queries on encrypted data. Within this system, the long-term symmetric key is shared among multiple (say n) servers and is never reconstructed in full, at any single point. An adversary who has compromised less than a threshold number (say t :
Confidentiality-Preserving Publish/Subscribe: A Survey
Publish/subscribe (pub/sub) is an attractive communication paradigm for
large-scale distributed applications running across multiple administrative
domains. Pub/sub allows event-based information dissemination based on
constraints on the nature of the data rather than on pre-established
communication channels. It is a natural fit for deployment in untrusted
environments such as public clouds linking applications across multiple sites.
However, pub/sub in untrusted environments lead to major confidentiality
concerns stemming from the content-centric nature of the communications. This
survey classifies and analyzes different approaches to confidentiality
preservation for pub/sub, from applications of trust and access control models
to novel encryption techniques. It provides an overview of the current
challenges posed by confidentiality concerns and points to future research
directions in this promising field
Privacy-Preserving Genetic Relatedness Test
An increasing number of individuals are turning to Direct-To-Consumer (DTC)
genetic testing to learn about their predisposition to diseases, traits, and/or
ancestry. DTC companies like 23andme and Ancestry.com have started to offer
popular and affordable ancestry and genealogy tests, with services allowing
users to find unknown relatives and long-distant cousins. Naturally, access and
possible dissemination of genetic data prompts serious privacy concerns, thus
motivating the need to design efficient primitives supporting private genetic
tests. In this paper, we present an effective protocol for privacy-preserving
genetic relatedness test (PPGRT), enabling a cloud server to run relatedness
tests on input an encrypted genetic database and a test facility's encrypted
genetic sample. We reduce the test to a data matching problem and perform it,
privately, using searchable encryption. Finally, a performance evaluation of
hamming distance based PP-GRT attests to the practicality of our proposals.Comment: A preliminary version of this paper appears in the Proceedings of the
3rd International Workshop on Genome Privacy and Security (GenoPri'16
Secret charing vs. encryption-based techniques for privacy preserving data mining
Privacy preserving querying and data publishing has been studied in the context of statistical databases and statistical disclosure control. Recently, large-scale data collection and integration efforts increased privacy concerns which motivated data mining researchers to investigate privacy implications of data mining and how data mining can be performed without violating privacy. In this paper, we first provide an overview of privacy preserving data mining focusing on distributed data sources, then we compare two technologies used in privacy preserving data mining. The first technology is encryption based, and it is used in earlier approaches. The second technology is secret-sharing which is recently being considered as a more efficient approach
- …