Structurally-Encrypted Databases Combined With Filters: Enhanced Security and Rich Queries

Building encrypted databases has been a long-standing challenge in the field of database security. In recent years, Structured Encryption (STE) has emerged as a promising approach to constructing encrypted databases, striking a balance between security and efficiency. Although existing STE-based encrypted database systems achieve high efficiency in query processing, all these schemes struggle to support rich queries with minimal information leakage. In this paper, we present a new STE-based encrypted database system, named Filter-integrated Encrypted Database (FinEDB), which supports exact-match and range queries, conjunctive queries and join operations, while maintaining limited information leakage. We first design a novel secure inverted index to avoid storage overhead blow-up when extending to support rich query capabilities. Then, we integrate Binary Fuse filters into our proposed inverted index to enable efficient query processing. By leveraging the homomorphic property of Binary Fuse filters, our approach leaks less information than existing STE-based solutions. Besides, we provide rigorous proof for our proposed scheme under the simulation paradigm. To evaluate the performance, we implement the prototype of FinEDB and compare it with the baseline STE-based scheme. Experiment results demonstrate that FinEDB is practical and can support rich queries on real-world databases.