h i g h l i g h t s • A searchable encryption is presented against both data and access pattern leakage. • A homomorphic exclusive-or (XOR) function is defined to enable the evaluation key to be calculated instead of storing. • An effective and feasible approach performs with a query of less than 60 milliseconds among 100,000 entries.
Enterprise cloud tenants would store their outsourced cloud data in encrypted form for data privacy and security. However, flexible data access functions such as data searching is usually sacrificed as a result. Thus, enterprise tenants demand secure data retrieval and computation solution from the cloud provider, which will allow them to utilize cloud services without the risks of leaking private data to outsiders and even service providers.In this paper, we propose an exclusive-or (XOR) homomorphism encryption scheme to support secure keyword searching on encrypted data. First, this scheme specifies a new data protection method by encrypting the data and randomizing it by performing XOR operation with a random bit-string. Second, this scheme can effectively protect data-in-transit against passive attack such as ciphertext analysis due to the randomization. Third, this scheme is lightweight and only requires a symmetric encryption scheme and bitwise operations, which requires processing time in the order of milliseconds.
Private database query (PDQ) is a protocol between a client and a database server, designed for processing queries to encrypted databases. Specifically, PDQ enables a client to submit a search query and to learn a resulting set satisfying its search condition, without revealing sensitive information about a query statement. The whole query can be protected from the server, but for efficiency reasons known PDQ solutions generally consider to hide the constants only in a query statement. In this paper, we provide two fully homomorphic encryption (FHE)-based PDQ protocols that hide type of queries as well as the constants of a query statement. Particularly, our constructions focus on conjunctive, disjunctive, and threshold conjunctive queries. To this end, we first build a single compact logical expression to cover both conjunctive and disjunctive queries. On top of the logical expression, we design a PDQ protocol that enables to evaluate conjunctive and disjunctive queries without revealing any information on a given query. The second PDQ protocol comes from our observation that if a threshold conjunctive query has a particular threshold value, it results in either a conjunctive query or a disjunctive query. Because the PDQ protocol writes the three types of queries into a single polynomial expression, the resulting protocol can evaluate the three types of query statements without revealing any information on queries. To demonstrate their efficiency, we provide proof-of-concept implementation results of our proposed PDQ protocols. According to our rudimentary experiments, it takes 37.57 seconds to perform a query on 316 elements consisting of 16 attributes of 64 bits using Brakerski-Gentry-Vaikuntanathan's leveled FHE with SIMD techniques for 149-bit security, yielding an amortized rate of just 0.119 seconds per element. INDEX TERMS Private queries, encrypted database, homomorphic encryption.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.