MPC Cloud Database with Sense of Security. Introduction Cloud computing – IT as a service from third party service provider Security in cloud environment.

Slides:



Advertisements
Similar presentations
Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,
Advertisements

ITIS 6200/ Secure multiparty computation – Alice has x, Bob has y, we want to calculate f(x, y) without disclosing the values – We can only do.
On Fair Exchange, Fair Coins and Fair Sampling Shashank Agrawal, Manoj Prabhakaran University of Illinois at Urbana-Champaign.
Complexity 7-1 Complexity Andrei Bulatov Complexity of Problems.
Complexity 5-1 Complexity Andrei Bulatov Complexity of Problems.
Co-operative Private Equality Test(CPET) Ronghua Li and Chuan-Kun Wu (received June 21, 2005; revised and accepted July 4, 2005) International Journal.
Intro To Encryption Exercise 1. Monoalphabetic Ciphers Examples:  Caesar Cipher  At Bash  PigPen (Will be demonstrated)  …
Practical Techniques for Searches on Encrypted Data Yongdae Kim Written by Song, Wagner, Perrig.
Privacy Preserving Query Processing in Cloud Computing Wen Jie
Secure Database System. Introduction Database-as-a-Service is gaining popularity – Amazon Relational Database Service (RDS) – Microsoft SQL Azure DB Service.
Overview of Privacy Preserving Techniques.  This is a high-level summary of the state-of-the-art privacy preserving techniques and research areas  Focus.
Secure Cloud Database. Introduction Cloud computing – IT as a service from third party service provider Security in cloud environment – Adversary corrupts.
Secure Cloud Database using Multiparty Computation.
Differential Cryptanalysis - quite similar to linear cryptanalysis - exploits the relationship between the difference of two inputs and the difference.
Wai Kit Wong 1, Ben Kao 2, David W. Cheung 2, Rongbin Li 2, Siu Ming Yiu 2 1 Hang Seng Management College, Hong Kong 2 University of Hong Kong.
On the Practical Feasibility of Secure Distributed Computing A Case Study Gregory Neven, Frank Piessens, Bart De Decker Dept. of Computer Science, K.U.Leuven.
Wai Kit Wong, Ben Kao, David W. Cheung, Rongbin Li, Siu Ming Yiu.
Identity-Based Secure Distributed Data Storage Schemes.
Secure Cloud Database with Sense of Security. Introduction Cloud computing – IT as a service from third party service provider Security in cloud environment.
Relational-Based Encryption for Efficient Data Sharing on Encrypted Cloud Relational Databases.
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Collusion-Resistant Group Key Management Using Attribute-
Background on security
Secure and efficient data sharing on encrypted cloud relational databases.
Secure Cloud Database. Introduction Cloud computing – IT as a service from third party service provider Security in cloud environment – Adversary corrupts.
On the Communication Complexity of SFE with Long Output Daniel Wichs (Northeastern) joint work with Pavel Hubáček.
Secure Database System. Introduction Demand of secure database systems – Cloud computing Database-as-a-Service Current cloud database systems – Amazon.
Protection of outsourced data MARIA ANGEL MARQUEZ ANDRADE.
Based on Bruce Schneier Chapter 8: Key Management Dulal C Kar.
Alternative Wide Block Encryption For Discussion Only.
Secure Query Processing in an Untrusted (Cloud) Environment.
© copyright NTT Information Sharing Platform Laboratories Cryptographic Approach to “Privacy-Friendly” Tags Miyako Ohkubo, Koutarou Suzuki, and Shingo.
Secure Computation (Lecture 2) Arpita Patra. Vishwaroop of MPC.
Secure Query Processing in an Untrusted (Cloud) Environment.
Differential Privacy Some contents are borrowed from Adam Smith’s slides.
Security in Outsourced Association Rule Mining. Agenda  Introduction  Approximate randomized technique  Encryption  Summary and future work.
Presented By Amarjit Datta
Secure Computation (Lecture 9-10) Arpita Patra. Recap >> MPC with honest majority in i.t. settings > Protocol using (n,t)-sharing, proof of security---
Differential Privacy Xintao Wu Oct 31, Sanitization approaches Input perturbation –Add noise to data –Generalize data Summary statistics –Means,
Secure Data Outsourcing
Keyword search on encrypted data. Keyword search problem  Linux utility: grep  Information retrieval Basic operation Advanced operations – relevance.
Multi-Party Computation r n parties: P 1,…,P n  P i has input s i  Parties want to compute f(s 1,…,s n ) together  P i doesn’t want any information.
Intrusion Resilience via the Bounded-Storage Model Stefan Dziembowski Warsaw University and CNR Pisa.
Secure and Practical Outsourcing of Linear Programming in Cloud Computing.
1 Approximating functions, polynomial interpolation (Lagrange and Newton’s divided differences) formulas, error approximations.
BY S.S.SUDHEER VARMA (13NT1D5816)
Searchable Encryption in Cloud
Attacks on Public Key Encryption Algorithms
Security in Outsourcing of Association Rule Mining
Previous lecture – smart-cards
Database Management System
TCC 2016-B Composable Security in the Tamper-Proof Hardware Model under Minimal Complexity Carmit Hazay Bar-Ilan University, Israel Antigoni Ourania.
Secret Sharing (or, more accurately, “Secret Splitting”)
Digital Signature Schemes and the Random Oracle Model
Course Business I am traveling April 25-May 3rd
Cryptography Lecture 4.
Ioannis Ioannidis, Ananth Grama and Ioannis Ioannidis
Topic 7: Pseudorandom Functions and CPA-Security
Cryptography for Quantum Computers
Lecture 4 - Cryptography
Key Management Network Systems Security
Number Representation & Operators
Cryptography Lecture 5.
Where Complexity Finally Comes In Handy…
Investigating Provably Secure and Practical Software Protection
Where Complexity Finally Comes In Handy…
Ensuring Correctness over Untrusted Private Database
Where Complexity Finally Comes In Handy…
Secret Sharing CPS Computer Security Nisarg Raval Sep 24, 2014
Multiplicative data perturbation (2)
ITIS 6200/8200 Chap 5 Dr. Weichao Wang.
Presentation transcript:

MPC Cloud Database with Sense of Security

Introduction Cloud computing – IT as a service from third party service provider Security in cloud environment – Adversary corrupts the service provider? – Goal: protect sensitive data

Related Work Encryption Approach – NetDB2, IBM (Outsourced database) – Relational Cloud, CryptDB (MIT, CIDR 2011) – TrustedDB using secure hardware (VLDB 2011 demo, Radu Sion) Secure Multi-Party Computation Approach – ShareMind

NetDB2 Tuple 1xxxyyy Tuple 2aaabbb Tuple 1!a4a3g Tuple 2L%jm*K Value-level encryption SELECT * WHERE value = `xxx’SELECT * WHERE value = `!a4’ DB Encrypted DB Tuple 1P2 Tuple 2P1 + Partition information Partition: P1: < `m’; otherwise P2 SELECT * WHERE value < `xxx’SELECT * WHERE value in [P1, P2] Simple deterministic encryption

CryptDB Onion-encryption: multiple encryption done on 1 data 10 Original data encrypt E 1 (10) = A*65h OPES: numeric comparisons E 2 (A*65h) = BB647 Deterministic encryption Equality can be done Non-deterministic encryption No computation is feasible E 3 (BB647) = If the user wants more computation power, decrypt to the desired level (one way!)

ShareMind Key: Secret sharing + recursive processing A B C Service Provider 1 Service Provider 2 Service Provider 3 Query Result D E F D + E + F = Result DB DB = A + B + C

Comparisons of the two approaches Encryption-based methods – Provide limited computation capabilities – Security strength depends on the encryption function For example, deterministic encryption may allow a frequency analysis attack – `Male’, `Female’ => `%k9)2’, `Ah475’ – `Ah475’ x 21; `%k9)2’ x 5 in DB group MPC-based methods (Our choice) – More generic operators – Security: no knowledge gained by service providers

A downside of MPC-based approach DB ABC SP2SP1SP3 Owner DBA BC SP1SP2 Owner Model 1: What if all service providers collude? Model 2: Owner has to join in MPC operations, (storage and computation) cost not less than hosting DB on its own

Research problem Owner keeps a small share A (small storage) Goal: – Without A, SP1 and SP2 cannot recover DB or any information about DB! (similar security strength as MPC) – Owner has minimal involvement in MPC (low cost) DB A BC SP1SP2 Owner Model 3

Secure multiparty computation Background

Secret sharing (around 1980) 10 Secret 4 6 shares AliceBob 6+4 = 10 What is the secret value? Alice’s share would be 5? 20? -3? The secret is recovered only when the two parties exchange their shares

Secret sharing General case s Secret s1s1 s2s2 …snsn The secret can be divided into n parties, for any n s = g(s 1, s 2, …, s n ) Example: Sum of all shares (modular) Bitwise XOR of all shares Product, string concatenation, etc… Security requirement: Given k < n shares, it is hard to recover s

Secure multiparty computation Party 1 x1x1 Party 2 x2x2 Party n xnxn … Objective: Every party obtains f(x 1, x 2, …, x n ) but cannot observe any other information apart from its own data r = f(x 1, x 2, …, x n ) r r r

New approach

Before we proceed…. Clarifying the security Negative result – Ideal security: Querying workflow: user issues query => service providers compute result and return to user Knowledge gained by service providers: NONE. Not even anything about query and result! – A solution achieving ideal security is not more efficient than a non-outsourcing solution (not using cloud)

Knowledge gained by service provider Output space of a simple selection query: varies from no tuple to the entire database – Even larger space if we consider joins Example knowledge gain – If the output size is small, the service provider knows it is not the case that the query selects entire table To hide the above information, each returned query result should be at least of size = entire table

Security in secure database Each service provider can observe – Query content The tables that are related to the query Number of conditions, types of conditions, attributes that are related But not other info about query – Query answer the set of shares of tuples in some query answer But not other content

Example query SELECT Name FROM Employer WHERE Salary > 6000 Transformed query may look like to one service provider SELECT ATTRIBUTE_7 FROM TABLE_A WHERE ATTRIBUTE_3 > X WITH SHARE_X = 1000 Answer Tom Kitty Answer T Ki Answer o t m ty The other two parties may get SHARE_X = 2000 and SHARE_X = 3000

Scheme A Shares compression – The shares of the DB is generated randomly – Who decides the random shares? Lets use a secure pseudo random generator IDX IDShare f(ID) = ID + 5 IDShare IDShare Share AShare BShare C Randomly generated

Storage cost Almost constant – The owner just needs to remember The function f (role like a key in encryption) The set of IDs (assume the IDs are continuous, just remember the lowest value and the highest value) Storage part is easy, how about computation? IDShare …… f(ID) = ID + 5

Review of comparison (example) protocol – simplified version Goal: x>y? Step 1: work out x-y Step 2: get the sign bit and the result x1 y1 x2 y2 x3 y3 r r + x1 – y1 r + x1 + x2 – y1 – y2 r + x - y r

Efficiency bottleneck Query: X > 6000 – Number of MPCs = number of tuples – Cost at owner = linear scan on data IDShare IDShare IDShare Share AShare BShare C IDX One comparison MPC for this tuple!

How the owner can contribute its own shares efficiently? Again, compression x1 y1 x2 y2 x3 y3 r r + x1 – y1 x1 y1 x2 y2 x3 y3 r r + x1 – y1 r IDShare Share A f(ID) = ID + 5 IDr f2(ID) = ID + 3f3(ID) = 3 ID IDr g(ID) = ID + 3 g(ID) = -ID + 8 Cost become constant!