Searchable Encryption in Apache Cassandra

  • Tim WaageEmail author
  • Ramaninder Singh Jhajj
  • Lena Wiese
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9482)


In today’s cloud computing applications it is common practice for clients to outsource their data to cloud storage providers. That data may contain sensitive information, which the client wishes to protect against this untrustworthy environment. Confidentiality can be preserved by the use of encryption. Unfortunately that makes it difficult to perform efficient searches.

There are a couple of different schemes proposed in order to overcome this issue, but only very few of them have been implemented and tested with database servers yet. While traditional databases usually rely on the SQL model, a lot of alternative approaches, commonly referred to as NoSQL (short for “Not only SQL”) databases, occurred in the last years to meet the new requirements of the so called “Web 2.0”, especially in terms of availability and partition tolerance. In this paper we implement three different approaches for searching over encrypted data in the popular NoSQL database Apache Cassandra (offered by many cloud storage providers) and run tests in a distributed environment. Furthermore we quantify their performances and explore options for optimization.


Searchable encryption Benchmarking Apache Cassandra 



This work was partially funded by the DFG under grant number WI 4086/2-1.


  1. 1.
    Brewer, E.: A certain freedom: thoughts on the CAP theorem. In: Proceedings of the 29th ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing, p. 335. ACM (2010)Google Scholar
  2. 2.
    Bösch, C., Hartel, P., Jonker, W., Peter, A.: A survey of provably secure searchable encryption. ACM Comput. Surv. (CSUR) 47(2), 18 (2014)CrossRefGoogle Scholar
  3. 3.
    Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: Proceedings of the 2000 IEEE Symposium on Security and Privacy, S&P 2000, pp. 44–55. IEEE (2000)Google Scholar
  4. 4.
    Curtmola, R., Garay, J., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 79–88. ACM (2006)Google Scholar
  5. 5.
    Hahn, F., Kerschbaum, F.: Searchable encryption with secure and efficient updates. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 310–320. ACM (2014)Google Scholar
  6. 6.
    Lakshman, A., Malik, P.: Cassandra: a decentralized structured storage system. ACM SIGOPS Operating Syst. Rev. 44(2), 35–40 (2010)CrossRefGoogle Scholar
  7. 7.
    Brewer, E.A.: Towards robust distributed systems. In: PODC, vol. 7 (2000)Google Scholar
  8. 8.
    Popa, R.A., Redfield, C., Zeldovich, N., Balakrishnan, H.: CryptDB: processing queries on an encrypted database. Commun. of the ACM 55(9), 103–111 (2012)CrossRefGoogle Scholar
  9. 9.
    Cash, D., Jarecki, S., Jutla, C., Krawczyk, H., Roşu, M.-C., Steiner, M.: Highly-scalable searchable symmetric encryption with support for boolean queries. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 353–373. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  10. 10.
    Chase, M., Kamara, S.: Structured encryption and controlled disclosure. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 577–594. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  11. 11.
    Kamara, S., Papamanthou, C., Roeder, T.: Dynamic searchable symmetric encryption. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 965–976. ACM (2012)Google Scholar
  12. 12.
    Cash, D., Jaeger, J., Jarecki, S., Jutla, C., Krawczyk, H., Rosu, M.C., Steiner, M.: Dynamic searchable encryption in very large databases: data structures and implementation. In: Proceedings of the Network and Distributed System Security Symposium (NDSS), vol. 14 (2014)Google Scholar
  13. 13.
    Cao, N., Wang, C., Li, M., Ren, K., Lou, W.: Privacy-preserving multi-keyword ranked search over encrypted cloud data. IEEE Trans. Parallel Distrib. Syst. 25(1), 222–233 (2014)CrossRefGoogle Scholar
  14. 14.
    Wang, B., Yu, S., Lou, W., Hou, Y.T.: Privacy-preserving multi-keyword fuzzy search over encrypted data in the cloud. In: 2014 Proceedings of the IEEE INFOCOM, pp. 2112–2120. IEEE (2014)Google Scholar
  15. 15.
    Boldyreva, A., Chenette, N., O’Neill, A.: Order-preserving encryption revisited: improved security analysis and alternative solutions. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 578–595. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  16. 16.
    Kerschbaum, F., Schröpfer, A.: Optimal average-complexity ideal-security order-preserving encryption. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 275–286. ACM (2014)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Tim Waage
    • 1
    Email author
  • Ramaninder Singh Jhajj
    • 1
  • Lena Wiese
    • 1
  1. 1.Institute of Computer ScienceUniversity of GöttingenGöttingenGermany

Personalised recommendations