Secure Mediation of Join Queries by Processing Ciphertexts


 Eleanore Hill
 2 years ago
 Views:
Transcription
1 Secure Mediation of Join Queries by Processing Ciphertexts Joachim Biskup, Christian Tsatedem and Lena Wiese Germany SECOBAP 07 Marmara Hotel, Istanbul April 20, /23
2 Overview Introduction and Problem Statement Encryption Scheme 1: DatabaseAsaService Encryption Scheme 2: Commutative Encryption Encryption Scheme 3: Homomorphic Encryption/Private Matching Comparison Conclusion 2/23
3 Introduction: Mediation Basic mediation system A client directs a global query to a mediator Mediator gathers data by sending partial queries to datasources Mediator constructs a global result out of the partial results and sends it back to the client. Client global query global result Mediator partial query 1 partial result 1 partial query n partial result n Source 1.. Source n 3/23
4 Introduction: Secure Mediation Secure mediation with the Multimedia Mediator (MMM) system Altenschmidt/Biskup/Flegel/Karabulut, 2003 Confederations of clients, mediators and datasources (flexible: contract based, shortterm,...) Aims: Anonymity of clients and confidentiality of data 4/23
5 Introduction: Secure Mediation MMM Protocol Preparatory phase: Client acquires credentials (public key & properties) and identity certificates (public key & identity) Request phase: 1. Client sends global query with appropriate credentials to mediator 2. Mediator forwards credentials with partial queries to datasources 3. Datasources execute access control based on client s properties 4. Datasources execute partial queries to get partial results Delivery phase: 1. Datasources encrypt partial results 2. Mediator computes encrypted global result and returns it to client 5/23
6 Introduction: Secure Mediation id k Certification Authority p k pub p: properties id: client s identity k : client s public key pub pub Client p k pub global query q encr. global result scheme SQL2 Algebra Mediator process encrypted R i p k pub partial query q 1 partial result R 1 scheme p k pub Source 1 partial query qn Source n partial result Rn scheme.. 6/23
7 Problem Statement: Delivery Phase How can the mediator compute a global result if it is not eligible to access the data in the partial results? Previous solution: mobile code (Biskup/Sprick/Wiese, 2005) Mediator constructs executable that computes the global result Client executes mobile code on decrypted partial results New solution: computation on encrypted data Delivery phase: 1. Datasources encrypt partial results with appropriate encryption scheme 2. Mediator computes encrypted global result from encrypted partial results 3. Client decrypts global result (according to encryption scheme) 7/23
8 Notation One client, one mediator, two datasources S 1 and S 2 Global query q: JOIN over two partial queries Partial queries q 1 over relation R 1 and q 2 over relation R 2 Single, common attribute ( join attribute ) A join Client q="select * from R1, R2 where R1.Ajoin=R2.Ajoin" Mediator q 1 ="select * from R1" Source 1 R1(...,Ajoin,...) q 2 ="select * from R2" Source 2 R2(...,Ajoin,...) 8/23
9 Overview Introduction and Problem Statement Encryption Scheme 1: DatabaseAsaService Encryption Scheme 2: Commutative Encryption Encryption Scheme 3: Homomorphic Encryption/Private Matching Comparison Conclusion 9/23
10 Encryption Scheme 1: DAS Model Database As a Service (Hacıgümüş et al., 2002) Data owner outsources data to service provider in encrypted format Partitioning of attribute domains ( bucketization ) One distinct index value for each partition of a domain One query executed on index values at service provider site (server query: superset of exact result) Second query executed on data owner site (client query: exact result) 10/23
11 Encryption Scheme 1: DAS Model Delivery Phase based on Database As a Service Datasources encrypt partial results Datasources define partitions ( buckets ) and index values of join attribute Client constructs server query for mediator Mediator executes server query on encrypted partial results ( encrypted superset of global result) Client decrypts mediator s result and executes client query ( global result) client query Client partitions & index values k pub server query superset of global result DAS Mediator partial result R DAS 1 Source 1 R1(...,Ajoin,...) Source 2 partial result R 2 R2(...,Ajoin,...) DAS 11/23
12 Overview Introduction and Problem Statement Encryption Scheme 1: DatabaseAsaService Encryption Scheme 2: Commutative Encryption Encryption Scheme 3: Homomorphic Encryption/Private Matching Comparison Conclusion 12/23
13 Encryption Scheme 2: Commutative Encryption Commutative encryption function f e (as in Agrawal et al., 2003) Polynomialtime computable function (with key e) such that: 1. [Commutativity] For all keys e 1 and e 2 : f e1 f e2 = f e2 f e1 2. [Bijectivity] Each f e is a bijection 3. [Invertibility] The inverse fe 1 is polynomialtime computable given e 4. [Secrecy] Distributions of x, f e (x), y, f e (y) and x, f e (x), y, z are indistinguishable Property 4 indispensable for security proofs Use hash values of original inputs to ensure randomness (random oracle model) 13/23
14 Encryption Scheme 2: Commutative Encryption Delivery Phase based on twoparty protocol for join (Agrawal et al., 2003) 1. Tuples with same join attribute value are encrypted with client s key 2. Join attribute values are hashed: h(a) 3. S 1 has key e 1 and encrypts hashes: f e1 (h(a)) / S 2 has key e 2 : f e2 (h(a )) 4. Exchange and second encryption gives f e2 (f e1 (h(a))) and f e1 (f e2 (h(a ))) 5. Mediator checks if f e2 (f e1 (h(a))) = f e1 (f e2 (h(a ))) Client h(a) e1 e2 global result k pub? = h(a ) e2 e1 Mediator R 1 k pub R 2 k pub h(a ) e2 e1 h(a ) e2 h(a) e1 h(a) e1 e2 Source 1 R1(...,Ajoin,...) Source 2 R2(...,Ajoin,...) 14/23
15 Overview Introduction and Problem Statement Encryption Scheme 1: DatabaseAsaService Encryption Scheme 2: Commutative Encryption Encryption Scheme 3: Homomorphic Encryption/Private Matching Comparison Conclusion 15/23
16 Encryption Scheme 3: Homomorphic Encryption Additively homomorphic encryption function E (as in Freedman et al., 2004) Semantically secure public key encryption function such that: 1. Given two ciphertexts E(a) and E(b), there is a way to efficiently compute E(a + b). 2. Given a constant γ and a ciphertext E(a), there is a way to efficiently compute E(γ a). For a polynomial P (x) = n k=0 c k x k, given only encryptions E(c k ) of the coefficients and cleartext input value a (such that b = P (a)), one can efficiently compute E(b) = E(P (a)) = E( n k=0 c k a k ) For a constant value γ and payload data p ( means concatenation) one can efficiently compute E(γ P (a) + (a p)) = E(γ n k=0 c k a k + (a p)) Note: Evaluation on root value a yields E(a p), else random value 16/23
17 Encryption Scheme 3: Homomorphic Encryption Delivery Phase based on Private Matching protocol for intersection (Freedman et al., 2004) 1. Client s k pub is public key of homomorphic encryption scheme 2. Each datasource has polynomial with join attribute values as roots (P 1 and P 2 ) 3. Mediator exchanges encrypted coefficients 4. Each datasource evaluates encrypted polynomial on cleartext join attribute values plus tuples as payload data 5. Client decrypts data and finds either random values or matching tuples Client R 1 homom. R 2 homom. Mediator R 1 homom. R 2 homom. P2 k pub P1 k pub Source 1 R1(...,Ajoin,...) Source 2 R2(...,Ajoin,...) 17/23
18 Overview Introduction and Problem Statement Encryption Scheme 1: DatabaseAsaService Encryption Scheme 2: Commutative Encryption Encryption Scheme 3: Homomorphic Encryption/Private Matching Comparison Conclusion 18/23
19 Comparison Assumptions Cryptographic strength of encryption schemes as stated by security proofs in original articles Cryptographic models are respected (random oracle model, large domains,...) Datasources include only those data records in partial results for which access permissions could be established (based on client s credentials) 19/23
20 Comparison Client s extra knowledge DatabaseAsaService: client retrieves superset of global result (extra data records) and partitions and index tables Commutative Encryption: no extra knowledge (client just retrieves exact global result) Homomorphic Encryption/Private Matching: client knows number of different join attribute values with each datasource 20/23
21 Comparison Mediator s extra knowledge All three Delivery Phase protocols: confidentiality ensured (data records are encrypted such that only the client can decrypt them) DatabaseAsaService: mediator learns sizes of partial results and size of server query result (upper bound of size of global result); partition sizes and domain sizes maybe crucial (tradeoff confidentiality/efficiency) Commutative Encryption: mediator learns number of join attribute values with each datasource and size of intersection (lower bound of size of global result) Homomorphic Encryption/Private Matching: mediator learns number of join attribute values with each datasource 21/23
22 Overview Introduction and Problem Statement Encryption Scheme 1: DatabaseAsaService Encryption Scheme 2: Commutative Encryption Encryption Scheme 3: Homomorphic Encryption/Private Matching Comparison Conclusion 22/23
23 Conclusion Secure mediation with ciphertext processing Confidentiality of transmitted data Anonymity of client Reduced need for trust in the mediator (in comparison to mobile code) Reduced workload for client (in comparison to mobile code) 23/23
24 Appendix Encryption Scheme 1: DatabaseAsaService Encryption Scheme 2: Commutative Encryption Encryption Scheme 3: Homomorphic Encryption/Private Matching i/x
25 Encryption Scheme 1: DAS Model Delivery Phase based on Database As a Service (Hacıgümüş et al., 2002) 1. Each database S i partitions active domain of join attribute dom active (R i.a join ) and assigns each partition an index value in an index table IT able Ri.A join. R 1 :... R 1.A join index table for R 1 : IT able R1.A join [100, 150) 1 [150, 200] 2 R 2 :... R 2.A join index table for R 2 : IT able R2.A join [100, 200) 11 [200, 300] S i encrypts R i rowwise (with client s keys) and adds column for index R1 S.t S R1 S.A S join R2 S.t S R2 S.A S join R1 S : R2 S : ii/x
26 3. S i sends encrypted partial result and encrypted index table to the mediator: R S i, encrypt(it able Ri.A join ), where encrypt is encryption with client s keys 4. Mediator forwards index tables to client 5. Client decrypts index tables and constructs: a. Server query q S (selects tuples from overlapping partitions in partial results) R C := q S (R S 1, R S 2 ) = σ Cond S (R S 1 R S 2 ) where Cond S = (R S 1.A S join = 1 R S 2.A S join = 11 R S 1.A S join = 2 R S 2.A S join = 11 R S 1.A S join = 2 R S 2.A S join = 12) IT able R1.A join : [100, 150) 1 [150, 200] 2 IT able R2.A join : [100, 200) 11 [200, 300] 12 b. Client query q C (postprocesses mediator s result to find correct join tuples) q C (decrypt(r C )) = σ (R1.A join =R 2.A join )(decrypt(r C )) 6. Client sends server query q S to mediator iii/x
27 7. Mediator executes q S on encrypted partial results; returns R C to client R C : R1 S.t S R1 S.A S join R2 S.t S R2 S.A S join Client decrypts R C and executes client query q C global result R:... R 1.A join... R 2.A join iv/x
28 Appendix Encryption Scheme 1: DatabaseAsaService Encryption Scheme 2: Commutative Encryption Encryption Scheme 3: Homomorphic Encryption/Private Matching v/x
29 Encryption Scheme 2: Commutative Encryption Delivery Phase based on twoparty protocol for join (Agrawal et al., 2003) 1. Datasource S i generates key e i for commutative encryption function f S i encrypts hash values of join attribute values (ideal hash function h) R 1 : R 1.A 1 R 1.A join α 10 β 10 γ 15 encrypted hash values: f e1 (h(10)), f e1 (h(15)) R 2 : R 2.A 1 R 2.A join δ 12 ɛ 15 ζ S i builds tuple sets for same join attribute value: T up 1 (10) = { α, 10, β, 10 } T up 1 (15) = { γ, 15 } T up i (a) := {t R i t[a join ] = a} encrypted hash values: f e2 (h(12)), f e2 (h(15)) T up 2 (12) = { δ, 12 } T up 2 (15) = { ɛ, 15, ζ, 15 } S i encrypts them with client s keys to ciphertexts encrypt(t up i (a)) vi/x
30 3. S i sends set of messages M i := { f ei (h(a)), encrypt(t up i (a)) } to mediator M 1 := { f e1 (h(10)), encrypt(t up 1 (10)), f e1 (h(15)), encrypt(t up 1 (15)) } M 2 := { f e2 (h(12)), encrypt(t up 2 (12)), f e2 (h(15)), encrypt(t up 2 (15)) } 4. Mediator exchanges message sets (sends M 1 to S 2 and M 2 to S 1 ) 5. For each f e2 (h(a)), encrypt(t up 2 (a)) from S 2 : S 1 computes f e1 (f e2 (h(a))), encrypt(t up 2 (a)) and sends it to the mediator 6. For each f e1 (h(a)), encrypt(t up 1 (a)) from S 2 : S 2 computes f e2 (f e1 (h(a))), encrypt(t up 1 (a)) and sends it to the mediator 7. Mediator looks for messages with identical first component f e1 (f e2 (h(a))) = f e2 (f e1 (h(a))) (bijectivity and commutativity properties of f) and sends result messages encrypt(t up 1 (a)), encrypt(t up 2 (a)) to the client 8. Client decrypts result messages with his private keys and constructs result tuples R 1.A 1 R 1.A join R 2.A 1 R 2.A join T up 1 (15) = { γ, 15 } T up 2 (15) = { ɛ, 15, ζ, 15 } R: γ 15 ɛ 15 γ 15 ζ 15 vii/x
31 Appendix Encryption Scheme 1: DatabaseAsaService Encryption Scheme 2: Commutative Encryption Encryption Scheme 3: Homomorphic Encryption/Private Matching viii/x
32 Encryption Scheme 3: Homomorphic Encryption Delivery Phase based on Private Matching protocol for intersection (Freedman et al., 2004) 1. Assumption: Client has one public key for homomorphic encryption scheme E 2. S 1 forms a polynomial whose roots are the join attribute values a 1,..., a n : P 1 (x) := (a 1 x) (a 2 x)... (a n x) = n k=0 c k x k S 1 encrypts coefficients using client s key and sends all E(c k ) to mediator 3. S 2 forms a polynomial whose roots are the join attribute values a 1,..., a m: P 2 (x) := (a 1 x) (a 2 x)... (a m x) = m l=0 d l x l S 2 encrypts coefficients using client s key and sends all E(d l ) to mediator 4. Mediator exchanges coefficients (E(d l ) to S 1 and E(c k ) to S 2 ) ix/x
33 5. S 1 evaluates polynomial P 2 on its cleartext join attribute values a 1,..., a n : e k := E(r k P 2 (a k ) + (a k T up 1 (a k ))) (r k is a fresh random number and T up 1 (a k ) is set of tuples with join attribute value a k ) S 1 returns all e k values to mediator 6. S 2 evaluates polynomial P 1 on its cleartext join attribute values a 1,..., a m: S 2 returns all e l values to mediator e l := E(r l P 1 (a l) + (a l T up 2 (a l))) 7. Mediator forwards all e k and e l values to client 8. Client decrypts them to either a random value, a value (a k T up 1 (a k )) or a value (a l T up 2 (a l)) For values (a k T up 1 (a k )) and (a l T up 2 (a l)) where a k = a l, the tuples are joined in the global result x/x
Search on Encrypted Data
Search on Encrypted Data Hakan Hacıgümüş 1, Bijit Hore 2, Bala Iyer 3, and Sharad Mehrotra 4 1 IBM Almaden Research Center hakanh@acm.org 2 Donald Bren School of Computer Science University of California,
More informationVerifiable Delegation of Computation over Large Datasets
Verifiable Delegation of Computation over Large Datasets Siavosh Benabbas University of Toronto Rosario Gennaro IBM Research Yevgeniy Vahlis AT&T Cloud Computing Data D Code F Y F(D) Cloud could be malicious
More informationSecure Computation Martin Beck
Institute of Systems Architecture, Chair of Privacy and Data Security Secure Computation Martin Beck Dresden, 05.02.2015 Index Homomorphic Encryption The Cloud problem (overview & example) System properties
More informationCSC474/574  Information Systems Security: Homework1 Solutions Sketch
CSC474/574  Information Systems Security: Homework1 Solutions Sketch February 20, 2005 1. Consider slide 12 in the handout for topic 2.2. Prove that the decryption process of a oneround Feistel cipher
More informationNew Efficient Searchable Encryption Schemes from Bilinear Pairings
International Journal of Network Security, Vol.10, No.1, PP.25 31, Jan. 2010 25 New Efficient Searchable Encryption Schemes from Bilinear Pairings Chunxiang Gu and Yuefei Zhu (Corresponding author: Chunxiang
More informationAnalysis of PrivacyPreserving Element Reduction of Multiset
Analysis of PrivacyPreserving Element Reduction of Multiset Jae Hong Seo 1, HyoJin Yoon 2, Seongan Lim 3, Jung Hee Cheon 4 and Dowon Hong 5 1,4 Department of Mathematical Sciences and ISaCRIM, Seoul
More informationPaillier Threshold Encryption Toolbox
Paillier Threshold Encryption Toolbox October 23, 2010 1 Introduction Following a desire for secure (encrypted) multiparty computation, the University of Texas at Dallas Data Security and Privacy Lab created
More informationPrivate Inference Control For Aggregate Database Queries
Private Inference Control For Aggregate Database Queries Geetha Jagannathan geetha@cs.rutgers.edu Rebecca N. Wright Rebecca.Wright@rutgers.edu Department of Computer Science Rutgers, State University of
More informationPrivacyPreserving Set Operations
PrivacyPreserving Set Operations Lea Kissner and Dawn Song Carnegie Mellon University Abstract In many important applications, a collection of mutually distrustful parties must perform private computation
More informationCS 758: Cryptography / Network Security
CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html
More informationTackling The Challenges of Big Data. Tackling The Challenges of Big Data Big Data Systems. Security is a Negative Goal. Nickolai Zeldovich
Introduction is a Negative Goal No way for adversary to violate security policy Difficult to achieve: many avenues of attack 1 Example: Confidential Database Application server Database server Approach:
More informationExperimental Analysis of PrivacyPreserving Statistics Computation
Experimental Analysis of PrivacyPreserving Statistics Computation Hiranmayee Subramaniam 1, Rebecca N. Wright 2, and Zhiqiang Yang 2 1 Stevens Institute of Technology graduate, hiran@polypaths.com. 2
More informationSecurity Analysis of DRBG Using HMAC in NIST SP 80090
Security Analysis of DRBG Using MAC in NIST SP 80090 Shoichi irose Graduate School of Engineering, University of Fukui hrs shch@ufukui.ac.jp Abstract. MAC DRBG is a deterministic random bit generator
More informationLecture 10: CPA Encryption, MACs, Hash Functions. 2 Recap of last lecture  PRGs for one time pads
CS 7880 Graduate Cryptography October 15, 2015 Lecture 10: CPA Encryption, MACs, Hash Functions Lecturer: Daniel Wichs Scribe: Matthew Dippel 1 Topic Covered Chosen plaintext attack model of security MACs
More informationEfficient Similarity Search over Encrypted Data
UT DALLAS Erik Jonsson School of Engineering & Computer Science Efficient Similarity Search over Encrypted Data Mehmet Kuzu, Saiful Islam, Murat Kantarcioglu Introduction Client Untrusted Server Similarity
More informationIdentitybased encryption and Generic group model (work in progress) Peeter Laud Arvutiteaduse teooriaseminar Tallinn, 05.01.2012
Identitybased encryption and Generic group model (work in progress) Peeter Laud Arvutiteaduse teooriaseminar Tallinn, 05.01.2012 Identitybased encryption Publickey encryption, where public key = name
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More informationAuthentication and Encryption: How to order them? Motivation
Authentication and Encryption: How to order them? Debdeep Muhopadhyay IIT Kharagpur Motivation Wide spread use of internet requires establishment of a secure channel. Typical implementations operate in
More informationProgrammable OrderPreserving Secure Index for Encrypted Database Query
2012 IEEE Fifth International Conference on Cloud Computing Programmable OrderPreserving Secure Index for Encrypted Database Query Dongxi Liu Shenlu Wang CSIRO ICT Centre, Marsfield, NSW 2122, Australia
More information1 Digital Signatures. 1.1 The RSA Function: The eth Power Map on Z n. Crypto: Primitives and Protocols Lecture 6.
1 Digital Signatures A digital signature is a fundamental cryptographic primitive, technologically equivalent to a handwritten signature. In many applications, digital signatures are used as building blocks
More informationCryptography for the Cloud
Cryptography for the Cloud ENS  CNRS  INRIA CyberSécurité  SPECIF CNAM, Paris, France  November 7th, 2014 The Cloud Introduction 2 Access from Anywhere Introduction 3 Available for Everything One
More informationFuzzy IdentityBased Encryption
Fuzzy IdentityBased Encryption Janek Jochheim June 20th 2013 Overview Overview Motivation (Fuzzy) IdentityBased Encryption Formal definition Security Idea Ingredients Construction Security Extensions
More informationSecurity Analysis for Order Preserving Encryption Schemes
Security Analysis for Order Preserving Encryption Schemes Liangliang Xiao University of Texas at Dallas Email: xll052000@utdallas.edu Osbert Bastani Harvard University Email: obastani@fas.harvard.edu ILing
More informationA Secure Model for Medical Data Sharing
International Journal of Database Theory and Application 45 A Secure Model for Medical Data Sharing Wong Kok Seng 1,1,Myung Ho Kim 1, Rosli Besar 2, Fazly Salleh 2 1 Department of Computer, Soongsil University,
More informationVICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui
VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui School of Engineering and Computer Science Te Kura Mātai Pūkaha, Pūrorohiko PO Box 600 Wellington New Zealand Tel: +64 4 463
More informationMACs Message authentication and integrity. Table of contents
MACs Message authentication and integrity Foundations of Cryptography Computer Science Department Wellesley College Table of contents Introduction MACs Constructing Secure MACs Secure communication and
More informationPrivacy, Security and Cloud
Privacy, Security and Cloud Giuseppe Di Luna July 2, 2012 Giuseppe Di Luna 2012 1 July 2, 2012 Giuseppe Di Luna 2012 2 July 2, 2012 Giuseppe Di Luna 2012 3 Security Concerns: Data leakage Data handling
More informationEfficient and Robust Secure Aggregation of Encrypted Data in Wireless Sensor Networks
Efficient and Robust Secure Aggregation of Encrypted Data in Wireless Sensor Networks J. M. BAHI, C. GUYEUX, and A. MAKHOUL Computer Science Laboratory LIFC University of FrancheComté Journée thématique
More informationChapter 3. Network Domain Security
Communication System Security, Chapter 3, Draft, L.D. Chen and G. Gong, 2008 1 Chapter 3. Network Domain Security A network can be considered as the physical resource for a communication system. This chapter
More informationVerifiable Outsourced Computations Outsourcing Computations to Untrusted Servers
Outsourcing Computations to Untrusted Servers Security of Symmetric Ciphers in Network Protocols ICMS, May 26, 2015, Edinburgh Problem Motivation Problem Motivation Problem Motivation Problem Motivation
More informationKey Management. CSC 490 Special Topics Computer and Network Security. Dr. Xiao Qin. Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn.
CSC 490 Special Topics Computer and Network Security Key Management Dr. Xiao Qin Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn.edu Slide 091 Overview Key exchange Session vs. interchange
More informationCLOUD COMPUTING SECURITY IN UNRELIABLE CLOUDS USING RELIABLE REENCRYPTION
CLOUD COMPUTING SECURITY IN UNRELIABLE CLOUDS USING RELIABLE REENCRYPTION Chandrala DN 1, Kulkarni Varsha 2 1 Chandrala DN, M.tech IV sem,department of CS&E, SVCE, Bangalore 2 Kulkarni Varsha, Asst. Prof.
More informationAssociate Prof. Dr. Victor Onomza Waziri
BIG DATA ANALYTICS AND DATA SECURITY IN THE CLOUD VIA FULLY HOMOMORPHIC ENCRYPTION Associate Prof. Dr. Victor Onomza Waziri Department of Cyber Security Science, School of ICT, Federal University of Technology,
More informationPrivacy Preserving String Pattern Matching on Outsourced Data
Privacy Preserving String Pattern Matching on Outsourced Data Thesis submitted in partial fulfillment of the requirements for the degree of MS By Research in CSE by Bargav Jayaraman 201207509 bargav.jayaraman@research.iiit.ac.in
More informationDynamic Searchable Encryption in Very Large Databases: Data Structures and Implementation
Dynamic Searchable Encryption in Very Large Databases: Data Structures and Implementation David Cash, Joseph Jaeger, Stanislaw Jarecki, Charanjit Jutla, Hugo Krawczyk, Marcel Roşu and Michael Steiner Rutgers
More informationSecurity Aspects of. Database Outsourcing. Vahid Khodabakhshi Hadi Halvachi. Dec, 2012
Security Aspects of Database Outsourcing Dec, 2012 Vahid Khodabakhshi Hadi Halvachi Security Aspects of Database Outsourcing Security Aspects of Database Outsourcing 2 Outline Introduction to Database
More informationSecure and privacypreserving DRM scheme using homomorphic encryption in cloud computing
December 2013, 20(6): 88 95 www.sciencedirect.com/science/journal/10058885 The Journal of China Universities of Posts and Telecommunications http://jcupt.xsw.bupt.cn Secure and privacypreserving DRM scheme
More informationKnowledgeBased Systems
Knowledgeased Systems 35 (22) 332 348 ontents lists available at SciVerse ScienceDirect Knowledgeased Systems journal homepage: www.elsevier.com/locate/knosys Executing SQL queries over encrypted character
More informationCryptography and Network Security: Summary
Cryptography and Network Security: Summary Timo Karvi 12.2013 Timo Karvi () Cryptography and Network Security: Summary 12.2013 1 / 17 Summary of the Requirements for the exam The advices are valid for
More informationCryptography: Authentication, Blind Signatures, and Digital Cash
Cryptography: Authentication, Blind Signatures, and Digital Cash Rebecca Bellovin 1 Introduction One of the most exciting ideas in cryptography in the past few decades, with the widest array of applications,
More informationIdentitybased Encryption with PostChallenge Auxiliary Inputs for Secure Cloud Applications and Sensor Networks
Identitybased Encryption with PostChallenge Auxiliary Inputs for Secure Cloud Applications and Sensor Networks Tsz Hon Yuen  Huawei, Singapore Ye Zhang  Pennsylvania State University, USA Siu Ming
More informationInformation Security
Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 vedatcoskun@isikun.edu.tr www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked
More information1 Message Authentication
Theoretical Foundations of Cryptography Lecture Georgia Tech, Spring 200 Message Authentication Message Authentication Instructor: Chris Peikert Scribe: Daniel Dadush We start with some simple questions
More informationIntroduction. Digital Signature
Introduction Electronic transactions and activities taken place over Internet need to be protected against all kinds of interference, accidental or malicious. The general task of the information technology
More informationCriteria for web application security check. Version 2015.1
Criteria for web application security check Version 2015.1 i Content Introduction... iii ISC P 001 ISC P 001.1 ISC P 001.2 ISC P 001.3 ISC P 001.4 ISC P 001.5 ISC P 001.6 ISC P 001.7 ISC
More informationComputing on Encrypted Data
Computing on Encrypted Data Secure Internet of Things Seminar David Wu January, 2015 Smart Homes New Applications in the Internet of Things aggregation + analytics usage statistics and reports report energy
More informationCryptoVerif Tutorial
CryptoVerif Tutorial Bruno Blanchet INRIA ParisRocquencourt bruno.blanchet@inria.fr November 2014 Bruno Blanchet (INRIA) CryptoVerif Tutorial November 2014 1 / 14 Exercise 1: preliminary definition SUFCMA
More informationVictor Shoup Avi Rubin. fshoup,rubing@bellcore.com. Abstract
Session Key Distribution Using Smart Cards Victor Shoup Avi Rubin Bellcore, 445 South St., Morristown, NJ 07960 fshoup,rubing@bellcore.com Abstract In this paper, we investigate a method by which smart
More informationHYBRID ENCRYPTION FOR CLOUD DATABASE SECURITY
HYBRID ENCRYPTION FOR CLOUD DATABASE SECURITY Amanjot Kaur 1, Manisha Bhardwaj 2 1 MTech Student, Computer Science Department, LPU, Jalandhar, Punjab, India, er.aman_jot@yahoo.co.in 2 Assistant Professor,
More informationChapter 23. Database Security. Security Issues. Database Security
Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues Systemrelated issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database
More informationImproved Online/Offline Signature Schemes
Improved Online/Offline Signature Schemes Adi Shamir and Yael Tauman Applied Math. Dept. The Weizmann Institute of Science Rehovot 76100, Israel {shamir,tauman}@wisdom.weizmann.ac.il Abstract. The notion
More informationMessage Authentication Code
Message Authentication Code Ali El Kaafarani Mathematical Institute Oxford University 1 of 44 Outline 1 CBCMAC 2 Authenticated Encryption 3 Padding Oracle Attacks 4 Information Theoretic MACs 2 of 44
More informationCS377: Database Systems Data Security and Privacy. Li Xiong Department of Mathematics and Computer Science Emory University
CS377: Database Systems Data Security and Privacy Li Xiong Department of Mathematics and Computer Science Emory University 1 Principles of Data Security CIA Confidentiality Triad Prevent the disclosure
More informationPrivacy and Security in Cloud Computing
Réunion CAPPRIS 21 mars 2013 Monir Azraoui, Kaoutar Elkhiyaoui, Refik Molva, Melek Ӧnen Slide 1 Cloud computing Idea: Outsourcing Ø Huge distributed data centers Ø Offer storage and computation Benefit:
More information1 Construction of CCAsecure encryption
CSCI 5440: Cryptography Lecture 5 The Chinese University of Hong Kong 10 October 2012 1 Construction of secure encryption We now show how the MAC can be applied to obtain a secure encryption scheme.
More informationEXAM questions for the course TTM4135  Information Security May 2013. Part 1
EXAM questions for the course TTM4135  Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question
More informationResearch And Development For GeoSpatial Data Security. CSRE, IIT Bombay
Research And Development For GeoSpatial Data Security P. Venkatachalam and B. Krishna Mohan CSRE, IIT Bombay July 2011 Introduction Advancements in sensor technology, satellite remote sensing and field
More informationPARTICIPATORY sensing and data surveillance are gradually
1 A Comprehensive Comparison of Multiparty Secure Additions with Differential Privacy Slawomir Goryczka and Li Xiong Abstract This paper considers the problem of secure data aggregation (mainly summation)
More informationAdvanced Authentication
White Paper Advanced Authentication Introduction In this paper: Introduction 1 User Authentication 2 Device Authentication 3 Message Authentication 4 Advanced Authentication 5 Advanced Authentication is
More informationLecture 9  Message Authentication Codes
Lecture 9  Message Authentication Codes Boaz Barak March 1, 2010 Reading: BonehShoup chapter 6, Sections 9.1 9.3. Data integrity Until now we ve only been interested in protecting secrecy of data. However,
More informationSEARCHABLE SYMMETRIC ENCRYPTION METHOD FOR ENCRYPTED DATA IN CLOUD
JJT0292015 SEARCHABLE SYMMETRIC ENCRYPTION METHOD FOR ENCRYPTED DATA IN CLOUD P.Vidyasagar, R.Karthikeyan, Dr.C.Nalini M.Tech Student, Dept of CSE,Bharath University, Email.Id: vsagarp@rediffmail.com
More informationIdentityBased Encryption from the Weil Pairing
Appears in SIAM J. of Computing, Vol. 32, No. 3, pp. 586615, 2003. An extended abstract of this paper appears in the Proceedings of Crypto 2001, volume 2139 of Lecture Notes in Computer Science, pages
More informationSecure Query Processing with Data Interoperability in a Cloud Database Environment
ecure Query Processing with Data Interoperability in a Cloud Database Environment Wai Kit Wong * Ben Kao David Wai Lok Cheung Rongbin Li iu Ming Yiu wongwk@hsmc.edu.hk, {kao, dcheung, rbli, smyiu}@cs.hku.hk
More informationZQL. a cryptographic compiler for processing private data. George Danezis. Joint work with Cédric Fournet, Markulf Kohlweiss, Zhengqin Luo
ZQL Work in progress a cryptographic compiler for processing private data George Danezis Joint work with Cédric Fournet, Markulf Kohlweiss, Zhengqin Luo Microsoft Research and Joint INRIAMSR Centre Data
More informationNetwork Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide
Network Security [2] Public Key Encryption Also used in message authentication & key distribution Based on mathematical algorithms, not only on operations over bit patterns (as conventional) => much overhead
More informationCompter Networks Chapter 9: Network Security
Goals of this chapter Compter Networks Chapter 9: Network Security Give a brief glimpse of security in communication networks Basic goals and mechanisms Holger Karl Slide set: Günter Schäfer, TU Ilmenau
More informationSWFP: Secure Web Feed Protocol
SWFP: Secure Web Feed Protocol Frédérick Giasson fred [at] fgiasson.com Abstract SWFP ensures the secure broadcasting of web feeds content over a local network or the Internet. The protocol is built to
More informationNew Constructions and Practical Applications for Private Stream Searching (Extended Abstract)
New Constructions and Practical Applications for Private Stream Searching (Extended Abstract)???? John Bethencourt CMU Dawn Song CMU Brent Waters SRI 1 Searching for Information Too much online info to
More informationBreaking An IdentityBased Encryption Scheme based on DHIES
Breaking An IdentityBased Encryption Scheme based on DHIES Martin R. Albrecht 1 Kenneth G. Paterson 2 1 SALSA Project  INRIA, UPMC, Univ Paris 06 2 Information Security Group, Royal Holloway, University
More informationCS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure Email
CS 393 Network Security Nasir Memon Polytechnic University Module 11 Secure Email Course Logistics HW 5 due Thursday Graded exams returned and discussed. Read Chapter 5 of text 4/2/02 Module 11  Secure
More informationEncryption for Cloud Services Security: Problem or Panacea? @Zulfikar_Ramzan / CTO / www.elastica.net
Encryption for Cloud Services Security: Problem or Panacea? @Zulfikar_Ramzan / CTO / www.elastica.net Tectonic Shift in the Market SaaS OnPremise Many pieces to Buy, Assemble & Operate No visibility /
More informationChapter 23. Database Security. Security Issues. Database Security
Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues Systemrelated issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database
More informationSecurity Digital Certificate Manager
System i Security Digital Certificate Manager Version 5 Release 4 System i Security Digital Certificate Manager Version 5 Release 4 Note Before using this information and the product it supports, be sure
More informationMicrosoft SQL Server Security and Auditing Clay Risenhoover ISACA North Texas April 14, 2016 http://tinyurl.com/isacaclay
Microsoft SQL Server Security and Auditing Clay Risenhoover ISACA North Texas April 14, 2016 http://tinyurl.com/isacaclay 2016, Risenhoover Consulting, Inc. All Rights Reserved 1 Goals Understand new and
More informationSecurity Digital Certificate Manager
IBM i Security Digital Certificate Manager 7.1 IBM i Security Digital Certificate Manager 7.1 Note Before using this information and the product it supports, be sure to read the information in Notices,
More informationAn Efficient and Secure Data Sharing Framework using Homomorphic Encryption in the Cloud
An Efficient and Secure Data Sharing Framework using Homomorphic Encryption in the Cloud Sanjay Madria Professor and Site Director for NSF I/UCRC Center on NetCentric Software and Systems Missouri University
More informationKeywords: cloud computing, multiple keywords, service provider, search request, ranked search
Volume 5, Issue 1, January 2015 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com A Survey on
More information14 Databases. Source: Foundations of Computer Science Cengage Learning. Objectives After studying this chapter, the student should be able to:
14 Databases 14.1 Source: Foundations of Computer Science Cengage Learning Objectives After studying this chapter, the student should be able to: Define a database and a database management system (DBMS)
More informationNetop Remote Control Security Server
A d m i n i s t r a t i o n Netop Remote Control Security Server Product Whitepaper ABSTRACT Security is an important factor when choosing a remote support solution for any enterprise. Gone are the days
More informationAdvanced Cryptography
Family Name:... First Name:... Section:... Advanced Cryptography Final Exam July 18 th, 2006 Start at 9:15, End at 12:00 This document consists of 12 pages. Instructions Electronic devices are not allowed.
More informationPublic Key Encryption that Allows PIR Queries
Public Key Encryption that Allows PIR Queries Dan Boneh Eyal Kushilevitz Rafail Ostrovsky William E Skeith III Appeared at CRYPTO 2007: 5067 Abstract Consider the following problem: Alice wishes to maintain
More information2.3. Finding polynomial functions. An Introduction:
2.3. Finding polynomial functions. An Introduction: As is usually the case when learning a new concept in mathematics, the new concept is the reverse of the previous one. Remember how you first learned
More informationArnab Roy Fujitsu Laboratories of America and CSA Big Data WG
Arnab Roy Fujitsu Laboratories of America and CSA Big Data WG 1 Security Analytics Crypto and Privacy Technologies Infrastructure Security 60+ members Framework and Taxonomy Chair  Sree Rajan, Fujitsu
More informationFundamentals of Database Systems, 4 th Edition By Ramez Elmasri and Shamkant Navathe. Table of Contents. A. Short Table of Contents
Fundamentals of Database Systems, 4 th Edition By Ramez Elmasri and Shamkant Navathe Table of Contents A. Short Table of Contents (This Includes part and chapter titles only) PART 1: INTRODUCTION AND CONCEPTUAL
More informationDavid M. Kroenke and David J. Auer Database Processing 11 th Edition Fundamentals, Design, and Implementation. Chapter Objectives
David M. Kroenke and David J. Auer Database Processing 11 th Edition Fundamentals, Design, and Implementation Chapter One: Introduction 11 Chapter Objectives To understand the nature and characteristics
More informationOutline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures
Outline Computer Science 418 Digital Signatures Mike Jacobson Department of Computer Science University of Calgary Week 12 1 Digital Signatures 2 Signatures via Public Key Cryptosystems 3 Provable 4 Mike
More informationApproaches for privacyfriendly Smart Metering: Architecture using homomorphic encryption and homomorphic MACs
Approaches for privacyfriendly Smart Metering: Architecture using homomorphic encryption and homomorphic MACs Seminar Trustworthy and EnergyEfficient Smart Grids Overview on Approach Introduced in: [B.
More informationSimulationBased Security with Inexhaustible Interactive Turing Machines
SimulationBased Security with Inexhaustible Interactive Turing Machines Ralf Küsters Institut für Informatik ChristianAlbrechtsUniversität zu Kiel 24098 Kiel, Germany kuesters@ti.informatik.unikiel.de
More informationNEW CRYPTOGRAPHIC CHALLENGES IN CLOUD COMPUTING ERA
THE PUBLISHING HOUSE PROCEEDINGS OF THE ROMANIAN ACADEMY, Series A, OF THE ROMANIAN ACADEMY Volume 14, Number 1/2013, pp. 72 77 NEW CRYPTOGRAPHIC CHALLENGES IN CLOUD COMPUTING ERA Laurenţiu BURDUŞEL Politehnica
More informationTechnical Report Nr. 735
Technical Report Nr. 735 Systems Group, Department of Computer Science, ETH Zurich Query Processing on Encrypted Data in the Cloud by Stefan Hildenbrand, Donald Kossmann, Tahmineh Sanamrad, Carsten Binnig,
More informationA Study on Secure Electronic Medical DB System in Hospital Environment
A Study on Secure Electronic Medical DB System in Hospital Environment Yvette E. Gelogo 1 and Sungwon Park 2 * 1 Catholic University of Daegu, Daegu, Korea 2 Department of Nursing, Hannam University, 133
More informationChosenCiphertext Security from IdentityBased Encryption
ChosenCiphertext Security from IdentityBased Encryption Dan Boneh Ran Canetti Shai Halevi Jonathan Katz Abstract We propose simple and efficient CCAsecure publickey encryption schemes (i.e., schemes
More informationMESSAGE AUTHENTICATION IN AN IDENTITYBASED ENCRYPTION SCHEME: 1KEYENCRYPTTHENMAC
MESSAGE AUTHENTICATION IN AN IDENTITYBASED ENCRYPTION SCHEME: 1KEYENCRYPTTHENMAC by Brittanney Jaclyn Amento A Thesis Submitted to the Faculty of The Charles E. Schmidt College of Science in Partial
More informationEfficient Unlinkable Secret Handshakes for Anonymous Communications
보안공학연구논문지 (Journal of Security Engineering), 제 7권 제 6호 2010년 12월 Efficient Unlinkable Secret Handshakes for Anonymous Communications EunKyung Ryu 1), KeeYoung Yoo 2), KeumSook Ha 3) Abstract The technique
More informationUniversal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure PublicKey Encryption
Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure PublicKey Encryption Ronald Cramer Victor Shoup December 12, 2001 Abstract We present several new and fairly practical publickey
More informationAn Ontologybased elearning System for Network Security
An Ontologybased elearning System for Network Security Yoshihito Takahashi, Tomomi Abiko, Eriko Negishi Sendai National College of Technology a0432@ccedu.sendaict.ac.jp Goichi Itabashi Graduate School
More informationStorage Systems Autumn 2009
Storage Systems Autumn 2009 Chapter 5: Securely Auditing André Brinkmann Sources Different Publications Slides from Randal Burns, Johns Hopkins University, USA Awkward for large data What s wrong with
More informationTimeBased Proxy Reencryption Scheme for Secure Data Sharing in a Cloud Environment
TimeBased Proxy Reencryption Scheme for Secure Data Sharing in a Cloud Environment Qin Liu a,b, Guojun Wang a,, Jie Wu b a School of Information Science and Engineering Central South Uversity Changsha,
More informationA Searchable Encryption Scheme for Outsourcing Cloud Storage
A Searchable Encryption Scheme for Outsourcing Cloud Storage JyunYao Huang Department of Computer Science and Engineering National Chung Hsing University Taichung 402, Taiwan allen501pc@gmail.com IEn
More information4 Domain Relational Calculus
4 Domain Relational Calculus We now present two relational calculi that we will compare to RA. First, what is the difference between an algebra and a calculus? The usual story is that the algebra RA is
More information