[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content
Springer Nature Link
Log in

A Practical Evaluation of Searchable Encryption for Data Archives in the Cloud

  • Conference paper
  • First Online:
Cloud Computing and Services Science (CLOSER 2015)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 581))

Included in the following conference series:

  • 767 Accesses

Abstract

Traditional encryption schemes can effectively ensure the confidentiality of sensitive data stored on cloud infrastructures. Unfortunately, they also prevent most operations on the data such as search by design. As a solution, searchable encryption schemes have been proposed that provide keyword-search capability on encrypted content. In this paper, we evaluate the practical usability of searchable encryption schemes and analyze the tradeoff between performance, functionality and security. We present a prototypical implementation of such a scheme embedded in a document-oriented database, report on performance benchmarks under realistic conditions and analyze the threats to data confidentiality and corresponding countermeasures.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
GBP 19.95
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
GBP 35.99
Price includes VAT (United Kingdom)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
GBP 44.99
Price includes VAT (United Kingdom)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    This paper is an extended version of the article Secure Keyword Search over Data Archives in the Cloud presented at the 5th International Conference on Cloud Computing and Services Science in Lisbon, Portugal in 2015.

  2. 2.

    http://zlib.net/.

References

  1. Goh, E.-J., et al.: Secure indexes. IACR Cryptology ePrint Archive, 2003:216 (2003)

    Google Scholar 

  2. Bajaj, S., Sion, R.: TrustedDB: a trusted hardware based database with privacy and data confidentiality. In: Proceedings of SIGMOD 2011 International Conference on Management of Data, pp. 205–216. ACM (2011)

    Google Scholar 

  3. Arasu, A., Blanas, S., Eguro, K., Joglekar, M., Kaushik, R., Kossmann, D., Ramamurthy, R., Upadhyaya, P., Venkatesan, R.: Secure database-as-a-service with cipherbase. In: Proceedings of SIGMOD 2013 International Conference on Management of Data, pp. 1033–1036. ACM (2013)

    Google Scholar 

  4. Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: Proceedings of the 2000 IEEE Symposium on Security and Privacy, S&P 2000, pp. 44–55. IEEE (2000)

    Google Scholar 

  5. Yang, Z., Zhong, S., Wright, R.N.: Privacy-preserving queries on encrypted data. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 479–495. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  6. Popa, R.A., Redfield, C.M.S., Zeldovich, N., Balakrishnan, H.: CryptDB: protecting confidentiality with encrypted query processing. In: Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, SOSP 2011, pp. 85–100. ACM (2011)

    Google Scholar 

  7. Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of SIGMOD 2004 International Conference on Management of Data, pp. 563–574. ACM (2004)

    Google Scholar 

  8. Rivest, R.L., Adleman, L., Dertouzos, M.L.: On data banks and privacy homomorphisms. Found. Secure Comput. 32(4), 169–178 (1978)

    MathSciNet  Google Scholar 

  9. Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proceedings of the 41st Annual ACM Symposium on Theory of Computing, pp. 169–178. ACM (2009)

    Google Scholar 

  10. van Dijk, M., Gentry, C., Halevi, S., Vaikuntanathan, V.: Fully homomorphic encryption over the integers. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 24–43. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  11. Shmueli, E., Waisenberg, R., Elovici, Y., Gudes, E.: Designing secure indexes for encrypted databases. In: Proceedings of the 19th Annual IFIP WG 11.3 Working Conference on Data and Applications Security, DBSec 2005, pp. 54–68 (2005)

    Google Scholar 

  12. Hore, B., Mehrotra, S., Tsudik, G.: A privacy-preserving index for range queries. In: Proceedings of the 13th International Conference on Very Large Data Bases, VLDB 2004, pp. 720–731 (2004)

    Google Scholar 

  13. El Abbadi, A., Agrawal, D., Wang, S.: A comprehensive framework for secure query processing on relational data in the cloud. In: Jonker, W., Petković, M. (eds.) SDM 2011. LNCS, vol. 6933, pp. 52–69. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  14. Lauter, K., Kamara, S.: Cryptographic cloud storage. In: Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J.M., Sako, K., Sebé, F. (eds.) RLCPS, WECSR, and WLC 2010. LNCS, vol. 6054, pp. 136–149. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  15. Curtmola, R., Garay, J., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 79–88. ACM (2006)

    Google Scholar 

  16. Kamara, S., Papamanthou, C., Roeder, T.: Dynamic searchable symmetric encryption. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 965–976. ACM (2012)

    Google Scholar 

  17. Ostrovsky, R., Di Crescenzo, G., Persiano, G., Boneh, D.: Public key encryption with keyword search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  18. Kiltz, E., et al.: Searchable encryption revisited: consistency properties, relation to anonymous IBE, and extensions. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 205–222. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  19. Byun, J.W., Rhee, H.S., Park, H.-A., Lee, D.-H.: Off-line keyword guessing attacks on recent keyword search schemes over encrypted data. In: Jonker, W., Petković, M. (eds.) SDM 2006. LNCS, vol. 4165, pp. 75–83. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  20. Bloom, B.H.: Space/time trade-offs in hash coding with allowable errors. Commun. ACM 13(7), 422–426 (1970)

    Article  MATH  Google Scholar 

  21. Krawczyk, H., Bellare, M., Canetti, R.: HMAC: Keyed-Hashing for Message Authentication. RFC 2104 (Informational). Updated by RFC 6151 (1997)

    Google Scholar 

  22. Floratou, A., Teletia, N., DeWitt, D.J., Patel, J.M., Zhang, D.: Can the elephants handle the NoSQL onslaught? Proc. VLDB Endow. 5, 1712–1723 (2012)

    Article  Google Scholar 

  23. ITSEC: Information technology security evaluation criteria (ITSEC): Preliminary harmonised criteria. Technical report, Commission of the European Communities (1991)

    Google Scholar 

  24. Avizienis, A., Laprie, J.-C., Randell, B., Landwehr, C.: Basic concepts and taxonomy of dependable and secure computing. IEEE Trans. Dependable Secure Comput. 1(1), 11–33 (2004)

    Article  Google Scholar 

  25. Islam, M., Kuzu, M., Kantarcioglu, M.: Access pattern disclosure on searchable encryption: ramification, attack and mitigation. In: Network and Distributed System Security Symposium (NDSS 2012) (2012)

    Google Scholar 

  26. Pinkas, B., Smart, N.P., Lindell, Y.: Implementing two-party computation efficiently with security against malicious adversaries. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) SCN 2008. LNCS, vol. 5229, pp. 2–20. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  27. Kordy, B., Mauw, S., Radomirovic, S., Schweitzer, P.: Attack-defense trees. J. Logic Comput. (2012)

    Google Scholar 

  28. Bagnato, A., Kordy, B., Meland, P.H., Schweitzer, P.: Attribute decoration of attack-defense trees. Int. J. Secure Softw. Eng. (IJSSE) 3(2), 1–35 (2012)

    Article  Google Scholar 

  29. Schneier, B.: Attack trees. Dr. Dobb’s J. 24(12), 21–29 (1999)

    Google Scholar 

  30. Liu, C., Zhu, L., Wang, M., Tan, Y.: Search pattern leakage in searchable encryption: Attacks and new constructions. Cryptology ePrint Archive, Report 2013/163 (2013)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Operating Systems and Middleware Group, Hasso Plattner Institut, Potsdam, Germany

    Christian Neuhaus, Frank Feinbube & Andreas Polze

  2. DBIS Group, Humboldt-Universität Zu Berlin, Berlin, Germany

    Daniel Janusz

Authors
  1. Christian Neuhaus
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Frank Feinbube
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Daniel Janusz
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Andreas Polze
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Christian Neuhaus .

Editor information

Editors and Affiliations

  1. Dublin City University, Dublin 9, Ireland

    Markus Helfert

  2. Universitat Autònoma de Barcelona, Bellaterra, Spain

    Víctor Méndez Muñoz

  3. Dell, ROUND ROCK, USA

    Donald Ferguson

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Neuhaus, C., Feinbube, F., Janusz, D., Polze, A. (2016). A Practical Evaluation of Searchable Encryption for Data Archives in the Cloud. In: Helfert, M., Méndez Muñoz, V., Ferguson, D. (eds) Cloud Computing and Services Science. CLOSER 2015. Communications in Computer and Information Science, vol 581. Springer, Cham. https://doi.org/10.1007/978-3-319-29582-4_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-29582-4_10

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-29581-7

  • Online ISBN: 978-3-319-29582-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation