Abstract
In ACM CCS 2015, Naveed et al. proposed attacks using plaintext auxiliary data for databases encrypted by ordered preserving encryption or more general property preserving encryptions. Their attacks are based on the Hungarian algorithm for solving the linear sum assignment problem (LSAP). In this work, we define a new assignment optimization problem with an additional condition of order structure and propose a search algorithm for finding its exact solution. We apply the new algorithm to attack an encrypted database in the same situation as Naveed et al. and found that our proposed method improves the success probability of the attacks compared with the attacks of Naveed et al.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of the SIGMOD, pp. 563–574 (2004)
Boldyreva, A., Chenette, N., Lee, Y., O’Neill, A.: Order-preserving symmetric encryption. In: Proceedings of the EUROCRYPT, pp. 224–241 (2009)
Boldyreva, A., Chenette, N., O’Neill, A.: Order-preserving encryption revisited: improved security analysis and alternative solutions. In Proceedings of the CRYPTO, pp. 578–595 (2011)
Karras, P., Malhotra, S., Bhatt, R., Nikitin, A., Antyukhov, D., Idreos, S.: Adaptive indexing over encrypted numeric data. In Proceedings of the SIGMOD, pp. 171–183 (2016)
Boneh, D., Lewi, K., Raykova, M., Sahai, A., Zhandry, M., Zimmerman, J.: Semantically secure order-revealing encryption: multi-input functional encryption without obfuscation. In: Proceedings of the EUROCRYPT, pp. 563–594 (2015)
Chenette, N., Lewi, K., Weis, S.A., Wu, D.J.: Practical Order-Revealing Encryption with Limited Leakage. In: Proceedings of the FSE, pp. 474–493 (2016)
Lewi, K., Wu, D.J.: Order-Revealing Encryption: New Constructions, Applications, and Lower Bounds. In: Proceedings of ACM CCS 2016, pp. 1167–1178 (2016)
Popa, R.A., Redeld, C., Zeldovich, N., Balakrishnan, H.: CryptDB: protecting confidentiality with encrypted query processing. In: Proceedings of the SOSP 2011, pp. 85–100 (2011)
Naveed, M., Kamara, S., Wright, C.V.: Inference attacks on property-preserving encrypted databases. In: Proceedings of the ACM CCS 2015, 644–655 (2015)
Horst, C., Kikuchi, R., Xagawa, K.: Cryptanalysis of comparable encryption in SIGMOD 2016. In: Proceedings of SIGMOD 2017, pp. 1069–1084 (2017)
Betül Durak, F., DuBuisson, T.M., Cash, D.: What else is revealed by order-revealing encryption? In: Proceedings of the ACM CCS, pp. 1155–1166 (2016)
Kuhn, H.W.: The Hungarian method for the assignment problem. Naval Res. Logistics Q. 2, 83–87 (1955)
Munkres, J.: Algorithms for the assignment and transportation problems. J. Soc. Ind. Appl. Math. 5(1), 32–38 (1957)
UCI Machine Learning Repository: Adult Data Set. https://archive.ics.uci.edu/ml/datasets/adult
Privacy Rights Clearinghouse. Chronology of data breaches. http://www.privacyrights.org/data-breach
Navarro, G.: A guided tour to approximate string matching. ACM Comput. Surv. 33(1), 31–88 (2001)
Grubbs, P., Sekniqi, K., Bindschaedler, V., Naveed, M., Ristenpart, T.: Leakage-abuse attacks against order-revealing encryption. IEEE Symp. Secur. Priv. 2017, 665–672 (2017)
Kerschbaum, F.: Frequency-hiding order-preserving encryption. ACM Conf. Comput. Commun. Secur. 2015, 656–667 (2015)
Google, Encrypted BigQueqy. https://github.com/google/encrypted-bigquery-client
Sap AG, SEEED. https://www.sics.se/sites/default/files/pub/andreasschaad.pdf
Microsoft, Always Encrypted SQL Server. https://docs.microsoft.com/en-us/sql/relational-databases/security/encryption/always-encrypted-database-engine?view=sql-server-2017
Acknowledgments
This research was partially supported by JST CREST Grant Number JPMJCR1302, Japan.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Onozawa, S., Kunihiro, N., Yoshino, M., Naganuma, K. (2018). Inference Attacks on Encrypted Databases Based on Order Preserving Assignment Problem. In: Inomata, A., Yasuda, K. (eds) Advances in Information and Computer Security. IWSEC 2018. Lecture Notes in Computer Science(), vol 11049. Springer, Cham. https://doi.org/10.1007/978-3-319-97916-8_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-97916-8_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-97915-1
Online ISBN: 978-3-319-97916-8
eBook Packages: Computer ScienceComputer Science (R0)