SHELDB: Client Storage Aware Homomorphic Encrypted Database Processing Framework With Low Communication Overhead

IF 5.5 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Transactions on Services Computing Pub Date : 2025-02-05 DOI:10.1109/TSC.2025.3539189

Tanusree Parbat;Ayantika Chatterjee

{"title":"SHELDB: Client Storage Aware Homomorphic Encrypted Database Processing Framework With Low Communication Overhead","authors":"Tanusree Parbat;Ayantika Chatterjee","doi":"10.1109/TSC.2025.3539189","DOIUrl":null,"url":null,"abstract":"Database as a service (DBaaS) in cloud raises severe concern in terms of data security. Storing data in encrypted form may confirm data confidentiality. But, database processing cannot be supported in this encrypted form. Theoretically, homomorphic encryption is a solution to support direct encrypted data processing. In this work, we highlight one of the major challenges of FHE- encrypted query processing that demands huge data transfer requirements from cloud to client for final decryption at the end of SQL query execution. We show in light of Chosen Plaintext Attack (CPA) that in spite of performing conditional filtering through SQL queries over encrypted databases, the size of the resultant dataset cannot be less than the original size of the database. In this work, we make an effort to propose a new encrypted query processing framework termed as <i>SHELDB</i> which supports client storage compatibility and low communication overhead using block-wise final result transmission from cloud to client by extending the concept of TOP operator implementation in standard SQL. However, it is to be noted that realization of such optimization is not straightforward because of circuit-based implementation requirements with FHE gates. Our experimental demonstration shows that the proposed framework is capable of executing all TPC-C standard SQL queries with the aid of 8-core parallel processing within <inline-formula><tex-math>$\\sim 12.65$</tex-math></inline-formula> minutes for an encrypted database of <inline-formula><tex-math>$768 \\times 9$</tex-math></inline-formula> size with 16-bits elements each. Though the computation time is linear with the number of rows, we have explored map-reduce type parallel processing techniques to reduce the timing requirements for databases with larger rows. Consequently, our new query processing framework reduces the communication overhead from m to <inline-formula><tex-math>$\\delta k$</tex-math></inline-formula> rows (<inline-formula><tex-math>$1 \\leq \\delta \\leq block$</tex-math></inline-formula>) where the encrypted database contains m rows, <inline-formula><tex-math>$\\delta$</tex-math></inline-formula> is the number of blocks to be transmitted each time with <inline-formula><tex-math>$k$</tex-math></inline-formula> = (<inline-formula><tex-math>$m/block$</tex-math></inline-formula>) rows. In spite of <inline-formula><tex-math>$k$</tex-math></inline-formula> being a controllable parameter according to client storage and <inline-formula><tex-math>$\\delta$</tex-math></inline-formula> is dependent on the query parameters, final security analysis explains why the proposed technique is general database attack-resistant.","PeriodicalId":13255,"journal":{"name":"IEEE Transactions on Services Computing","volume":"18 2","pages":"1026-1038"},"PeriodicalIF":5.5000,"publicationDate":"2025-02-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Services Computing","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10874207/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Database as a service (DBaaS) in cloud raises severe concern in terms of data security. Storing data in encrypted form may confirm data confidentiality. But, database processing cannot be supported in this encrypted form. Theoretically, homomorphic encryption is a solution to support direct encrypted data processing. In this work, we highlight one of the major challenges of FHE- encrypted query processing that demands huge data transfer requirements from cloud to client for final decryption at the end of SQL query execution. We show in light of Chosen Plaintext Attack (CPA) that in spite of performing conditional filtering through SQL queries over encrypted databases, the size of the resultant dataset cannot be less than the original size of the database. In this work, we make an effort to propose a new encrypted query processing framework termed as SHELDB which supports client storage compatibility and low communication overhead using block-wise final result transmission from cloud to client by extending the concept of TOP operator implementation in standard SQL. However, it is to be noted that realization of such optimization is not straightforward because of circuit-based implementation requirements with FHE gates. Our experimental demonstration shows that the proposed framework is capable of executing all TPC-C standard SQL queries with the aid of 8-core parallel processing within

$\sim 12.65$

minutes for an encrypted database of

$768 \times 9$

size with 16-bits elements each. Though the computation time is linear with the number of rows, we have explored map-reduce type parallel processing techniques to reduce the timing requirements for databases with larger rows. Consequently, our new query processing framework reduces the communication overhead from m to

$\delta k$

rows (

$1 \leq \delta \leq block$

) where the encrypted database contains m rows,

$\delta$

is the number of blocks to be transmitted each time with

$k$

= (

$m/block$

) rows. In spite of

$k$

being a controllable parameter according to client storage and

$\delta$

is dependent on the query parameters, final security analysis explains why the proposed technique is general database attack-resistant.

查看原文本刊更多论文

SHELDB：低通信开销的客户端存储感知同态加密数据库处理框架

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Services Computing COMPUTER SCIENCE, INFORMATION SYSTEMS-COMPUTER SCIENCE, SOFTWARE ENGINEERING

CiteScore

11.50

自引率

6.20%

发文量

278

审稿时长

>12 weeks

期刊介绍： IEEE Transactions on Services Computing encompasses the computing and software aspects of the science and technology of services innovation research and development. It places emphasis on algorithmic, mathematical, statistical, and computational methods central to services computing. Topics covered include Service Oriented Architecture, Web Services, Business Process Integration, Solution Performance Management, and Services Operations and Management. The transactions address mathematical foundations, security, privacy, agreement, contract, discovery, negotiation, collaboration, and quality of service for web services. It also covers areas like composite web service creation, business and scientific applications, standards, utility models, business process modeling, integration, collaboration, and more in the realm of Services Computing.