Efficient Private Conjunctive Query Protocol Over Encrypted Data

Conjunctive queries play a key role in retrieving data from a database. In a database, a query containing many conditions in its predicate, connected by an “and/&/∧” operator, is called a conjunctive query. Retrieving the outcome of a conjunctive query from thousands of records is a heavy computational task. Private data access to an outsourced database is required to keep the database secure from adversaries; thus, private conjunctive queries (PCQs) are indispensable. Cheon, Kim, and Kim (CKK) proposed a PCQ protocol using search-and-compute circuits in which they used somewhat homomorphic encryption (SwHE) for their protocol security. As their protocol is far from being able to be used practically, we propose a practical batch private conjunctive query (BPCQ) protocol by applying a batch technique for processing conjunctive queries over an outsourced database, in which both database and queries are encoded in binary format. As a main technique in our protocol, we develop a new data-packing method to pack many data into a single polynomial with the batch technique. We further enhance the performances of the binary-encoded BPCQ protocol by replacing the binary encoding with N-ary encoding. Finally, we compare the performance to assess the results obtained by the binary-encoded BPCQ protocol and the N-ary-encoded BPCQ protocol.

Order-Revealing Encryption Scheme with Comparison Token for Cloud Computing

Order-preserving encryption (OPE) is a basic paradigm for the outsourced database where the order of plaintexts is kept in ciphertexts. OPE enables efficient order comparison execution while providing privacy protection. Unfortunately, almost all the previous OPE schemes either require numerous rounds of interactions or reveal more information about the encrypted database (e.g., the most significant bit). Order-revealing encryption (ORE) as a generalization is an encryption scheme where the order of plaintexts can be evaluated by running a comparison algorithm. Therefore, it is desirable to design an efficient ORE scheme which addresses above efficiency and security issues. In this paper, we propose a noninteractive ORE scheme from prefix encoding and Bloom filter techniques. The proposed scheme is an encryption scheme where a cloud service provider cannot evaluate the order of plaintexts until a comparison token is provided. The security analysis illustrates that our scheme achieves ideal security with frequency hiding. Furthermore, we illustrate a secure range query scheme through designing an encrypted tree structure named PORE tree from the above ORE scheme. The PORE tree reveals the order between different nodes and leaves encrypted data items in the same node incomparable even after query execution. Finally, the experimental evaluation shows the high efficiency of the proposed ORE scheme and range query scheme.

VOTE: Verifiable Auditing for Outsourced Database with Token Enforced Cloud Storage

Database deploying is one of the remarkable utilities in cloud computing where the Information Proprietor (IP) assigns the database administration to the Cloud Service Provider (CSP) in order to lower the administration overhead and preservation expenditures of the database. Regardless of its overwhelming advantages, it experiences few security problems such as confidentiality of deployed database and auditability of search outcome. In recent past, survey has been carried out on the auditability of search outcome of deployed database that gives preciseness and intactness of search outcome. But in the prevailing schemes, since there is flow of data between IP and the clients repeatedly, huge communication cost is incurred at the Information Proprietor side. To address this challenge, we introduce Verifiable Auditing of Outsourced Database with Token Enforced Cloud Storage (VOTE) mechanism based on Merkle Hash Tree (MHT), Invertible Bloom Filter(IBF) and Counting Bloom Filter(CBF). The proposed scheme reduces the huge communication cost at the Information Proprietor side and achieves preciseness and intactness of the search outcome. Experimental analysis show that the proposed scheme has totally reduced the huge communication cost at the Information Proprietor side, and simultaneously achieves the preciseness and intactness of search outcome though the semi- trusted CSP deliberately sends a null set