弱随机化的强度:易于部署，有效搜索的加密与最小的泄漏

2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) Pub Date : 2019-06-01 DOI:10.1109/DSN.2019.00059

D. Pouliot, Scott Griffy, C. V. Wright

{"title":"弱随机化的强度:易于部署，有效搜索的加密与最小的泄漏","authors":"D. Pouliot, Scott Griffy, C. V. Wright","doi":"10.1109/DSN.2019.00059","DOIUrl":null,"url":null,"abstract":"Efficiently searchable and easily deployable encryption schemes enable an untrusted, legacy service such as a relational database engine to perform searches over encrypted data. The ease with which such schemes can be deployed on top of existing services makes them especially appealing in operational environments where encryption is needed but it is not feasible to replace large infrastructure components like databases or document management systems. Unfortunately all previously known approaches for efficiently searchable and easily deployable encryption are vulnerable to inference attacks where an adversary can use knowledge of the distribution of the data to recover the plaintext with high probability. We present a new efficiently searchable, easily deployable database encryption scheme that is provably secure against inference attacks even when used with real, low-entropy data. We implemented our constructions in Haskell and tested databases up to 10 million records showing our construction properly balances security, deployability and performance.","PeriodicalId":271955,"journal":{"name":"2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"89 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"The Strength of Weak Randomization: Easily Deployable, Efficiently Searchable Encryption with Minimal Leakage\",\"authors\":\"D. Pouliot, Scott Griffy, C. V. Wright\",\"doi\":\"10.1109/DSN.2019.00059\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Efficiently searchable and easily deployable encryption schemes enable an untrusted, legacy service such as a relational database engine to perform searches over encrypted data. The ease with which such schemes can be deployed on top of existing services makes them especially appealing in operational environments where encryption is needed but it is not feasible to replace large infrastructure components like databases or document management systems. Unfortunately all previously known approaches for efficiently searchable and easily deployable encryption are vulnerable to inference attacks where an adversary can use knowledge of the distribution of the data to recover the plaintext with high probability. We present a new efficiently searchable, easily deployable database encryption scheme that is provably secure against inference attacks even when used with real, low-entropy data. We implemented our constructions in Haskell and tested databases up to 10 million records showing our construction properly balances security, deployability and performance.\",\"PeriodicalId\":271955,\"journal\":{\"name\":\"2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)\",\"volume\":\"89 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/DSN.2019.00059\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSN.2019.00059","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

高效可搜索且易于部署的加密方案使不受信任的遗留服务(如关系数据库引擎)能够对加密数据执行搜索。这种方案可以轻松地部署在现有服务之上，这使得它们在需要加密的操作环境中特别具有吸引力，但替代数据库或文档管理系统等大型基础设施组件是不可行的。不幸的是，所有以前已知的有效搜索和易于部署的加密方法都容易受到推理攻击，攻击者可以利用数据分布的知识以高概率恢复明文。我们提出了一种新的高效可搜索，易于部署的数据库加密方案，即使在使用真实的低熵数据时，也可以证明它是安全的。我们在Haskell中实现了我们的结构，并测试了多达1000万条记录的数据库，表明我们的结构正确地平衡了安全性、可部署性和性能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

The Strength of Weak Randomization: Easily Deployable, Efficiently Searchable Encryption with Minimal Leakage

Efficiently searchable and easily deployable encryption schemes enable an untrusted, legacy service such as a relational database engine to perform searches over encrypted data. The ease with which such schemes can be deployed on top of existing services makes them especially appealing in operational environments where encryption is needed but it is not feasible to replace large infrastructure components like databases or document management systems. Unfortunately all previously known approaches for efficiently searchable and easily deployable encryption are vulnerable to inference attacks where an adversary can use knowledge of the distribution of the data to recover the plaintext with high probability. We present a new efficiently searchable, easily deployable database encryption scheme that is provably secure against inference attacks even when used with real, low-entropy data. We implemented our constructions in Haskell and tested databases up to 10 million records showing our construction properly balances security, deployability and performance.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

自引率

0.00%

发文量