加密多写表上的安全查询

A. Perillo, G. Persiano, Alberto Trombetta
{"title":"加密多写表上的安全查询","authors":"A. Perillo, G. Persiano, Alberto Trombetta","doi":"10.1109/EuroSP.2017.20","DOIUrl":null,"url":null,"abstract":"Performing searches on encrypted data is a verycurrent and active area. Several efficient solutions have beenprovided for the single-writer scenario in which all sensitivedata originates with one party (the Data Owner) that encryptsit and uploads it to a public repository. Subsequently, theData Owner (or authorized clients, the Query Sources) perform queries on the encrypted data through a QueryProcessor which has direct access to the public repository. Motivated by the recent trend in pervasive data, we departfrom this model and consider a multi-writer scenario inwhich data originates with several and mutually untrustedparties. In this new scenario the Data Owner providespublic parameters so that each piece of the generated datastream can be put into an encrypted stream, moreover, the Data Owner keeps some related secret informationneeded to generate tokens so that different subscribers canaccess different subsets of the encrypted stream in clear. Weconsider the case in which each piece of the data streamconsists of a fixed number of cells, organized in columns, and the data owner can authorize subscribers to accessindividual data based on the content of the columns. Currentpublic-key functional encryption schemes provide a directand impractical implementation of this scenario. We thus propose a new public-key primitive, Amortized Or-thogonality Encryption or AOE, derived from Inner-ProductEncryption, that can be used to encrypt each piece ofdata stream so that ciphertexts have size proportional tothe un-encrypted data, moreover, encryption and decryptiontake time proportional to the number of columns. Previousschemes would give quadratic complexity. We provide aconstruction of AOE and prove its selective security understandard assumptions in a bilinear setting with prime ordergroup. Using AOE, we implement all the basic operations inour multi-writer scenario in one round of communication. Wedemonstrate the feasibility and effectiveness of our proposalby providing an implementation of our scenario in C++.","PeriodicalId":233564,"journal":{"name":"2017 IEEE European Symposium on Security and Privacy (EuroS&P)","volume":"38 3","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Secure Queries on Encrypted Multi-writer Tables\",\"authors\":\"A. Perillo, G. Persiano, Alberto Trombetta\",\"doi\":\"10.1109/EuroSP.2017.20\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Performing searches on encrypted data is a verycurrent and active area. Several efficient solutions have beenprovided for the single-writer scenario in which all sensitivedata originates with one party (the Data Owner) that encryptsit and uploads it to a public repository. Subsequently, theData Owner (or authorized clients, the Query Sources) perform queries on the encrypted data through a QueryProcessor which has direct access to the public repository. Motivated by the recent trend in pervasive data, we departfrom this model and consider a multi-writer scenario inwhich data originates with several and mutually untrustedparties. In this new scenario the Data Owner providespublic parameters so that each piece of the generated datastream can be put into an encrypted stream, moreover, the Data Owner keeps some related secret informationneeded to generate tokens so that different subscribers canaccess different subsets of the encrypted stream in clear. Weconsider the case in which each piece of the data streamconsists of a fixed number of cells, organized in columns, and the data owner can authorize subscribers to accessindividual data based on the content of the columns. Currentpublic-key functional encryption schemes provide a directand impractical implementation of this scenario. We thus propose a new public-key primitive, Amortized Or-thogonality Encryption or AOE, derived from Inner-ProductEncryption, that can be used to encrypt each piece ofdata stream so that ciphertexts have size proportional tothe un-encrypted data, moreover, encryption and decryptiontake time proportional to the number of columns. Previousschemes would give quadratic complexity. We provide aconstruction of AOE and prove its selective security understandard assumptions in a bilinear setting with prime ordergroup. Using AOE, we implement all the basic operations inour multi-writer scenario in one round of communication. Wedemonstrate the feasibility and effectiveness of our proposalby providing an implementation of our scenario in C++.\",\"PeriodicalId\":233564,\"journal\":{\"name\":\"2017 IEEE European Symposium on Security and Privacy (EuroS&P)\",\"volume\":\"38 3\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-04-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 IEEE European Symposium on Security and Privacy (EuroS&P)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/EuroSP.2017.20\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE European Symposium on Security and Privacy (EuroS&P)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/EuroSP.2017.20","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

摘要

对加密数据执行搜索是一个非常流行和活跃的领域。对于单写入器场景,已经提供了几个有效的解决方案,其中所有敏感数据都起源于一方(数据所有者),该方加密并将其上传到公共存储库。随后,数据所有者(或授权客户端,即查询源)通过QueryProcessor对加密数据执行查询,QueryProcessor可以直接访问公共存储库。受最近普遍数据趋势的影响,我们脱离了这个模型,考虑了一个多作者的场景,其中数据来源于几个相互不信任的方。在这个新场景中,数据所有者提供了公共参数,以便生成的数据流的每个片段都可以放入加密流中,此外,数据所有者保留了生成令牌所需的一些相关秘密信息,以便不同的订阅者可以清楚地访问加密流的不同子集。我们考虑这样一种情况:数据流的每个部分由固定数量的单元格组成,按列组织,数据所有者可以根据列的内容授权订阅者访问单个数据。当前的公钥功能加密方案提供了这种场景的直接且不切实际的实现。因此,我们提出了一种新的公钥原语,Amortized or -thogonality Encryption (AOE),它源自于内部生产加密,可用于加密每个数据流,使密文的大小与未加密的数据成正比,而且,加密和解密所需的时间与列数成正比。以前的方案会给出二次复杂度。在双线性素数序群环境下,给出了AOE的构造,并证明了它的选择性安全欠标准假设。使用AOE,我们在一轮通信中实现了多写入器场景中的所有基本操作。我们通过在c++中提供我们的场景的实现来证明我们的提议的可行性和有效性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Secure Queries on Encrypted Multi-writer Tables
Performing searches on encrypted data is a verycurrent and active area. Several efficient solutions have beenprovided for the single-writer scenario in which all sensitivedata originates with one party (the Data Owner) that encryptsit and uploads it to a public repository. Subsequently, theData Owner (or authorized clients, the Query Sources) perform queries on the encrypted data through a QueryProcessor which has direct access to the public repository. Motivated by the recent trend in pervasive data, we departfrom this model and consider a multi-writer scenario inwhich data originates with several and mutually untrustedparties. In this new scenario the Data Owner providespublic parameters so that each piece of the generated datastream can be put into an encrypted stream, moreover, the Data Owner keeps some related secret informationneeded to generate tokens so that different subscribers canaccess different subsets of the encrypted stream in clear. Weconsider the case in which each piece of the data streamconsists of a fixed number of cells, organized in columns, and the data owner can authorize subscribers to accessindividual data based on the content of the columns. Currentpublic-key functional encryption schemes provide a directand impractical implementation of this scenario. We thus propose a new public-key primitive, Amortized Or-thogonality Encryption or AOE, derived from Inner-ProductEncryption, that can be used to encrypt each piece ofdata stream so that ciphertexts have size proportional tothe un-encrypted data, moreover, encryption and decryptiontake time proportional to the number of columns. Previousschemes would give quadratic complexity. We provide aconstruction of AOE and prove its selective security understandard assumptions in a bilinear setting with prime ordergroup. Using AOE, we implement all the basic operations inour multi-writer scenario in one round of communication. Wedemonstrate the feasibility and effectiveness of our proposalby providing an implementation of our scenario in C++.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信