Cited By
View all- Sharma DKawatra R(2022)Security Techniques Implementation on Big Data Using Steganography and CryptographyICT Analysis and Applications10.1007/978-981-19-5224-1_30(279-302)Online publication date: 6-Nov-2022
Cryptographic Techniques for Data Processing
Pages 344 - 347
Abstract
This tutorial focuses on two principal lines of research aimed to provide secure data processing cloud-based data outsourcing — encryption and secret-sharing-based approaches that have been developed over the last two decades. The tutorial compares these techniques based on efficiency and information leakage. We discuss that existing cryptographic techniques are not sufficient alone to achieve the goal of efficient as well as secure data processing. To overcome the limitation of efficient and secure data processing, a new line of work that combines software and hardware mechanisms is required. We discuss an orthogonal approach designed around the concept of data partitioning, i.e., splitting the data processing into cryptographically secure and non-secure parts. Finally, we will discuss some open questions in designing secure cryptographic techniques that can process large-sized data efficiently.
References
[1]
[1] H. Hacigümüs et al., “Executing SQL over encrypted data in the database-service-provider model,” in SIGMOD, pp. 216–227, 2002.
[2]
[2] Available at: https://www.nytimes.com/2017/07/31/business/media/hbo-hack-game-of-thrones.html.
[3]
[3] Available at: https://www.nytimes.com/2017/09/07/business/equifax-cyberattack.html.
[4]
[4] Available at: https://en.wikipedia.org/wiki/Facebook%E2%80%93Cambridge_Analytica_data_scandal.
[5]
[5] R. Agrawal et al., “Order-preserving encryption for numeric data,” in SIGMOD, pp. 563–574, 2004.
[6]
[6] M. Bellare et al., “Deterministic and efficiently searchable encryption,” in CRYPTO, pp. 535–552, 2007.
[7]
[7] S. Goldwasser et al., “Probabilistic encryption,” J. Comput. Syst. Sci., vol. 28, no. 2, pp. 270–299, 1984.
[8]
[8] C. Gentry, A fully homomorphic encryption scheme. PhD thesis, Stanford University, 2009.
[9]
[9] D. X. Song et al., “Practical techniques for searches on encrypted data,” in IEEE SP, pp. 44–55, 2000.
[10]
[10] R. Curtmola et al., “Searchable symmetric encryption: Improved definitions and efficient constructions,” JCS, vol. 19, pp. 895–934, 2011.
[11]
[11] Y. Ishai et al., “Private large-scale databases with distributed searchable symmetric encryption,” in CT-RSA, pp. 90–107, 2016.
[12]
[12] A. Shamir, “How to share a secret,” Commun. ACM, vol. 22, 1979.
[13]
[13] J. Bater et al., “SMCQL: secure query processing for private data networks,” PVLDB, vol. 10, no. 6, pp. 673–684, 2017.
[14]
[14] D. Bogdanov et al., “Sharemind: A framework for fast privacy-preserving computations,” in ESORICS, vol. 5283, pp. 192–206, 2008.
[15]
[15] S. Dolev et al., “Accumulating automata and cascaded equations automata for communicationless information theoretically secure multi-party computation,” TCS, vol. 795, pp. 81 – 99, 2019.
[16]
[16] S. Dolev et al., “Privacy-preserving secret shared computations using MapReduce,” IEEE TDSC, 2019.
[17]
[17] R. A. Popa et al., “CryptDB: processing queries on an encrypted database,” Commun. ACM, vol. 55, no. 9, pp. 103–111, 2012.
[18]
[18] S. Tu et al., “Processing analytical queries over encrypted data,” PVLDB, vol. 6, no. 5, pp. 289–300, 2013.
[19]
[19] S. Bajaj et al., “TrustedDB: A trusted hardware-based database with privacy and data confidentiality,” IEEE TKDE, vol. 26, no. 3.
[20]
[20] S. Bajaj et al., “Correctdb: SQL engine with practical query authentication,” PVLDB, vol. 6, no. 7, pp. 529–540, 2013.
[21]
[21] W. K. Wong et al., “Secure query processing with data interoperability in a cloud database environment,” in SIGMOD, pp. 1395–1406, 2014.
[22]
[22] M. Egorov and M. Wilkison, “ZeroDB white paper,” CoRR, vol. abs/1602.07168, 2016.
[23]
[23] J. Li et al., “L-encdb: A lightweight framework for privacy-preserving data queries in cloud computing,” KBS, vol. 79, pp. 18–26, 2015.
[24]
[24] S. D. Tetali et al., “MrCrypt: static analysis for secure cloud computations,” in OOPSLA, pp. 271–286, 2013.
[25]
[25] J. J. Stephen et al., “Practical confidentiality preserving big data analysis,” in HotCloud, 2014.
[26]
[26] A. Arasu et al., “Orthogonal security with cipherbase,” in CIDR, 2013.
[27]
[27] Amazon Aurora, available at:https://aws.amazon.com/rds/aurora/.
[28]
[28] MariaDB, available at:https://mariadb.com/.
[29]
[29] Stealth Pulsar, available at:http://www.stealthsoftwareinc.com/.
[30]
[30] P. Gupta et al., “Obscure: Information-theoretic oblivious and verifiable aggregation queries,” PVLDB, vol. 12, no. 9, pp. 1030–1043, 2019.
[31]
[31] D. W. Archer et al., “From keys to databases - real-world applications of secure multi-party computation,” IACR Cryptology ePrint, 2018.
[32]
[32] O. Goldreich, “Towards a theory of software protection and simulation by oblivious rams,” in STOC, pp. 182–194, 1987.
[33]
[33] E. Stefanov, M. van Dijk, E. Shi, C. Fletcher, L. Ren, X. Yu, and S. Devadas, “Path ORAM: An extremely simple oblivious ram protocol,” in CCS, pp. 299–310, 2013.
[34]
[34] M. Naveed et al., “Inference attacks on property-preserving encrypted databases,” in CCS, pp. 644–655, 2015.
[35]
[35] G. Kellaris et al., “Generic attacks on secure outsourced databases,” in CCS, pp. 1329–1340, 2016.
[36]
[36] R. Sion, “Secure data outsourcing,” in VLDB, pp. 1431–1432, 2007.
[37]
[37] A. Arasu et al., “Querying encrypted data,” in ICDE, 2013.
[38]
[38] A. Arasu et al., “Querying encrypted data,” in SIGMOD, 2014.
[39]
[39] D. Agrawal et al., “Secure and privacy-preserving database services in the cloud,” in ICDE, pp. 1268–1271, 2013.
[40]
[40] C. Sahin et al., “Data security and privacy for outsourced data in the cloud,” in ICDE, pp. 1731–1734, 2018.
[41]
[41] X. He et al., “Practical security and privacy for database systems,” in SIGMOD Conference, pp. 2839–2845, ACM, 2021.
[42]
[42] R. Canetti et al., “Adaptively secure multi-party computation,” in STOC, pp. 639–648, 1996.
[43]
[43] C. Wang et al., “Secure ranked keyword search over encrypted cloud data,” in ICDCS, pp. 253–262, 2010.
[44]
[44] S. Yu et al., “Attribute based data sharing with attribute revocation,” in ASIACCS, pp. 261–270, 2010.
[45]
[45] R. Li et al., “Fast range query processing with strong privacy protection for cloud computing,” PVLDB, vol. 7, no. 14, pp. 1953–1964, 2014.
[46]
[46] R. Li et al., “Adaptively secure conjunctive query processing over encrypted data for cloud computing,” in ICDE, pp. 697–708, 2017.
[47]
[47] A. Papadimitriou et al., “Big data analytics over encrypted datasets with seabed,” in OSDI, pp. 587–602, 2016.
[48]
[48] G. R. Blakley et al., “Safeguarding cryptographic keys,” in Proceedings of the national computer conference, vol. 48, 1979.
[49]
[49] R. M. Corless et al., “A graduate introduction to numerical methods,” AMC, vol. 10, p. 12, 2013.
[50]
[50] D. M. Goldschlag et al., “Onion routing,” Commun. ACM, vol. 42, no. 2, pp. 39–41, 1999.
[51]
[51] F. Emekçi et al., “Privacy preserving query processing using third parties,” in ICDE, p. 27, 2006.
[52]
[52] F. Emekçi et al., “Dividing secrets to secure data outsourcing,” Inf. Sci., vol. 263, pp. 198–210, 2014.
[53]
[53] T. Xiang et al., “Processing secure, verifiable and efficient SQL over outsourced database,” Inf. Sci., vol. 348, pp. 163–178, 2016.
[54]
[54] B. Thompson et al., “Privacy-preserving computation and verification of aggregate queries on outsourced databases,” in PETS, 2009.
[55]
[55] N. Volgushev et al., “Conclave: secure multi-party computation on big data,” in EuroSys, pp. 3:1–3:18, 2019.
[56]
[56] E. Boyle, N. Gilboa, and Y. Ishai, “Function secret sharing,” in EUROCRYPT, pp. 337–367, 2015.
[57]
[57] F. Wang et al., “Splinter: Practical private queries on public data,” in NSDI, pp. 299–313, 2017.
[58]
[58] S. Y. Ko et al., “The hybrex model for confidentiality and privacy in cloud computing,” in HotCloud, 2011.
[59]
[59] K. Zhang et al., “Sedic: privacy-aware data intensive computing on hybrid clouds,” in CCS, pp. 515–526, 2011.
[60]
[60] Z. Zhou et al., “Prometheus: Privacy-aware data retrieval on hybrid cloud,” in INFOCOM, pp. 2643–2651, 2013.
[61]
[61] C. Zhang et al., “Tagged-MapReduce: A general framework for secure computing with mixed-sensitivity data on hybrid clouds,” 2014.
[62]
[62] K. Y. Oktay et al., “SEMROD: secure and efficient MapReduce over hybrid clouds,” in SIGMOD, pp. 153–166, 2015.
[63]
[63] K. Y. Oktay et al., “Secure and efficient query processing over hybrid clouds,” in ICDE, pp. 733–744, 2017.
[64]
[64] S. Mehrotra et al., “Partitioned data security on outsourced sensitive and non-sensitive data,” in ICDE, pp. 650–661, 2019.
Index Terms
- Cryptographic Techniques for Data Processing
Index terms have been assigned to the content through auto-classification.
Recommendations
Cryptographic tamper evidence
CCS '03: Proceedings of the 10th ACM conference on Computer and communications securityWe propose a new notion of cryptographic tamper evidence. A tamper-evident signature scheme provides an additional procedure Div which detects tampering: given two signatures, Div can determine whether one of them was generated by the forger. ...
Escrow-free encryption supporting cryptographic workflow
Since Boneh and Franklin published their seminal paper on identity based encryption (IBE) using the Weil pairing, there has been a great deal of interest in cryptographic primitives based on elliptic-curve pairings. One particularly interesting ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
January 2022
357 pages
ISBN:9781450385824
DOI:10.1145/3493700
Copyright © 2022 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 08 January 2022
Check for updates
Qualifiers
- Tutorial
- Research
- Refereed limited
Conference
CODS-COMAD 2022
Sponsor:
CODS-COMAD 2022: 5th Joint International Conference on Data Science & Management of Data (9th ACM IKDD CODS and 27th COMAD)
January 8 - 10, 2022
Bangalore, India
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 114Total Downloads
- Downloads (Last 12 months)15
- Downloads (Last 6 weeks)2
Reflects downloads up to 11 Dec 2024
Other Metrics
Citations
Cited By
View all- Sharma DKawatra R(2022)Security Techniques Implementation on Big Data Using Steganography and CryptographyICT Analysis and Applications10.1007/978-981-19-5224-1_30(279-302)Online publication date: 6-Nov-2022
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign inFull Access
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML Format