Abstract:Private database query (PDQ) is a protocol between a client and a database server, designed for processing queries to encrypted databases. Specifically, PDQ enables a client to submit a search query and to learn a resulting set satisfying its search condition, without revealing sensitive information about a query statement. The whole query can be protected from the server, but for efficiency reasons known PDQ solutions generally consider to hide the constants only in a query statement. In this paper, we provid… Show more
“…These experiments show that the merging using the PENDA algorithm is faster than other techniques using FHE, FE or ORAM. A simple equality comparison on ciphertext encrypted with FHE [9] takes an order of seconds.…”
Data is spread across different organizations and must be combined to get valuable analytics or train machine learning models. Sensitive features such as identification numbers, as columns, are common in these data, and organizations can only link if they share these columns. However, data protection regulations prevent these organizations from revealing the values in these columns to others. This paper proposes a technique, PENDA (Privacy ENhanced Data Aggregator), to encrypt columns of a database table or spreadsheet so that a central aggregation server can join them without decrypting using XOR-based homomorphism. We implement our PENDA system and demonstrate how organizations taking part in the process can encrypt and merge data. The experimental results show that the system can handle very large data files and scale to multiple organizations.
“…These experiments show that the merging using the PENDA algorithm is faster than other techniques using FHE, FE or ORAM. A simple equality comparison on ciphertext encrypted with FHE [9] takes an order of seconds.…”
Data is spread across different organizations and must be combined to get valuable analytics or train machine learning models. Sensitive features such as identification numbers, as columns, are common in these data, and organizations can only link if they share these columns. However, data protection regulations prevent these organizations from revealing the values in these columns to others. This paper proposes a technique, PENDA (Privacy ENhanced Data Aggregator), to encrypt columns of a database table or spreadsheet so that a central aggregation server can join them without decrypting using XOR-based homomorphism. We implement our PENDA system and demonstrate how organizations taking part in the process can encrypt and merge data. The experimental results show that the system can handle very large data files and scale to multiple organizations.
“…Strong encryption methods, like AES-256, make sure that even if data is stolen, it can't be read by people who aren't supposed to [27]. To keep encryption keys safe and stop people from decrypting them without permission [28], secure key management should be used. The NIST says that a hardware security module (HSM) is the best way to store and handle encryption keys because it is safer than software-based key management [29].…”
This article talks about the important link between cybersecurity and disaster recovery planning, showing how important it is to include strong security measures in disaster recovery plans. It looks at the risks and weaknesses that come up during disaster recovery, like being more open to online threats, having security controls broken, and the chance that vulnerabilities will appear again during the recovery process. Some of the most important things that the piece talks about to lower cyber risks are strong backup and recovery plans, data encryption, access controls, and authentication measures. It also stresses how important it is to have a clear plan for how to handle an event, regular training and education programs for cybersecurity, and ongoing improvement through testing and using new technologies. Case studies and examples from real life are used to show what happens when safety measures aren't up to par and how important it is to plan for all possible disasters.
“…Here, information leakage is caused by revealing many of the record IDs of the data owner to the user before the intersection operation. After this, Kim et al [35] introduced another private database query protocol in which 0.119 seconds were required to process each record. They generated random databases that consisted of 16 keyword attributes with entries with maximum sizes of 48 or 64 bits.…”
Conjunctive queries play a key role in retrieving data from a database. In a database, a query containing many conditions in its predicate, connected by an “and/&/∧” operator, is called a conjunctive query. Retrieving the outcome of a conjunctive query from thousands of records is a heavy computational task. Private data access to an outsourced database is required to keep the database secure from adversaries; thus, private conjunctive queries (PCQs) are indispensable. Cheon, Kim, and Kim (CKK) proposed a PCQ protocol using search-and-compute circuits in which they used somewhat homomorphic encryption (SwHE) for their protocol security. As their protocol is far from being able to be used practically, we propose a practical batch private conjunctive query (BPCQ) protocol by applying a batch technique for processing conjunctive queries over an outsourced database, in which both database and queries are encoded in binary format. As a main technique in our protocol, we develop a new data-packing method to pack many data into a single polynomial with the batch technique. We further enhance the performances of the binary-encoded BPCQ protocol by replacing the binary encoding with N-ary encoding. Finally, we compare the performance to assess the results obtained by the binary-encoded BPCQ protocol and the N-ary-encoded BPCQ protocol.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.