Structured Encryption and Controlled Disclosure Melissa Chase Seny Kamara Microsoft Research Asiacrypt '10 1.

Slides:



Advertisements
Similar presentations
Web Mining.
Advertisements

Oblivious Branching Program Evaluation
Chapter 5: Introduction to Information Retrieval
Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,
Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.
Web Mining Research: A Survey Authors: Raymond Kosala & Hendrik Blockeel Presenter: Ryan Patterson April 23rd 2014 CS332 Data Mining pg 01.
Modeling Insider Attacks on Group Key Exchange Protocols Jonathan Katz Ji Sun Shin University of Maryland.
Introduction to Practical Cryptography Lecture 9 Searchable Encryption.
1 Searchable Symmetric Encryption: Improved Definitions and Efficient Constructions Reza Curtmola Juan Garay Seny Kamara Rafail Ostrovsky Johns Hopkins.
Searchable Symmetric Encryption :Improved Definitions and Efficient Constructions Reza Curtmola Juan Garay Seny Kamara Rafail Ostrovsky.
INTRODUCTION PROBLEM FORMULATION FRAMEWORK AND PRIVACY REQUIREMENTS FOR MRSE PRIVACY-PRESERVING AND EFFICIENT MRSE PERFORMANCE ANALYSIS RELATED WORK CONCLUSION.
2 Your data is anywhere but not in your control Security breaches are recurrent – Weakest link: hardware, software, technicians, … You may trust the science.
DATA MINING LECTURE 12 Link Analysis Ranking Random walks.
 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.
Search Engines and Information Retrieval
6/16/20151 Recent Results in Automatic Web Resource Discovery Soumen Chakrabartiv Presentation by Cui Tao.
LinkSelector: A Web Mining Approach to Hyperlink Selection for Web Portals Xiao Fang University of Arizona 10/18/2002.
Efficient Conjunctive Keyword-Searchable Encryption,2007 Author: Eun-Kyung Ryu and Tsuyoshi Takagi Presenter: 顏志龍.
Information Retrieval in Practice
Reza Curtmola Juan Garay Seny Kamara Rafail Ostrovsky
 Manmatha MetaSearch R. Manmatha, Center for Intelligent Information Retrieval, Computer Science Department, University of Massachusetts, Amherst.
Network Motifs Zach Saul CS 289 Network Motifs: Simple Building Blocks of Complex Networks R. Milo et al.
Link Structure and Web Mining Shuying Wang
Information Retrieval
Public Key Encryption that Allows PIR Queries Dan Boneh 、 Eyal Kushilevitz 、 Rafail Ostrovsky and William E. Skeith Crypto 2007.
1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.
CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS
CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.
Practical Techniques for Searches on Encrypted Data Yongdae Kim Written by Song, Wagner, Perrig.
Search Engines and Information Retrieval Chapter 1.
Overview of Privacy Preserving Techniques.  This is a high-level summary of the state-of-the-art privacy preserving techniques and research areas  Focus.
Web Search. Structure of the Web n The Web is a complex network (graph) of nodes & links that has the appearance of a self-organizing structure  The.
Thanks to Bill Arms, Marti Hearst Documents. Last time Size of information –Continues to grow IR an old field, goes back to the ‘40s IR iterative process.
ENCLOUT Bring API to People. API Ecosystem Gap  Business Analysts  Good with spreadsheets  Limiting scripting or SQL skills  API Developers  Knowledge.
 CIKM  Implementation of Smoothing techniques on the GPU  Re running experiments using the wt2g collection  The Future.
Search Engine Optimization 101 What is SEM? SEO? How can I use SEO on my blogs and/or my personal web space?
Search Engines. Search Strategies Define the search topic(s) and break it down into its component parts What terms, words or phrases do you use to describe.
Public Key Encryption with keyword Search Author: Dan Boneh Rafail Ostroversity Giovanni Di Crescenzo Giuseppe Persiano Presenter: 陳昱圻.
SQL INJECTIONS Presented By: Eloy Viteri. What is SQL Injection An SQL injection attack is executed when a web page allows users to enter text into a.
Ranking Link-based Ranking (2° generation) Reading 21.
UC/Garbled Searchable Symmetric Encryption Kaoru Kurosawa Ibaraki University, Japan.
Public Key Encryption with Keyword Search
1/16/20161 Introduction to Graphs Advanced Programming Concepts/Data Structures Ananda Gunawardena.
Presented By Amarjit Datta
1 CS 430: Information Discovery Lecture 5 Ranking.
Searching Over Encrypted Data Charalampos Papamanthou ECE and UMIACS University of Maryland, College Park Research Supported By.
Keyword search on encrypted data. Keyword search problem  Linux utility: grep  Information retrieval Basic operation Advanced operations – relevance.
CS555Spring 2012/Topic 151 Cryptography CS 555 Topic 15: HMAC, Combining Encryption & Authentication.
Chapter 8: Web Analytics, Web Mining, and Social Analytics
SSE-2 Step1: keygen(1 k ):s {0,1} k,output K=s Step2:Buildindex(K,D): 建立 table T, p=word bit+max bit R 假設 w 1 出現在 D 1,D 3 T[π s (w 1 ||1)]=D 1 T[π s (w.
1 CS 430 / INFO 430: Information Retrieval Lecture 20 Web Search 2.
CMSC 414 Computer (and Network) Security Lecture 3 Jonathan Katz.
Information Retrieval in Practice
Practical Private Range Search Revisited
Searchable Encryption in Cloud
Professor Tzong-Chen Wu
Efficient Multi-User Indexing for Secure Keyword Search
DATA MINING Introductory and Advanced Topics Part III – Web Mining
Jim Barton Librarian Glenside Public Library District
Cloud Computing Kelley Raines.
Fast Searchable Encryption with Tunable Locality
Privacy Preserving Ranked Multi-Keyword
based on slides by Debra Cook
Instructor Name Instructor Title Library Name
BRK3277 Making the best of the cloud: How Exchange Online is different from Exchange on-premises Tony
Verifiable Oblivious Storage
Lecture 22 SVD, Eigenvector, and Web Search
Visualizing Document Collections
cs5984: Information Visualization Chris North
Path Oram An Extremely Simple Oblivious RAM Protocol
Presentation transcript:

Structured Encryption and Controlled Disclosure Melissa Chase Seny Kamara Microsoft Research Asiacrypt '10 1

Cloud Storage Asiacrypt '10 2

o o Main concern: will my data be safe? o o it will be encrypted o o it will be authenticated o o it will be backed up o o access will be controlled o o … o o Security only vs. o o outsiders o o other tenants o o Q : can we provide security against the cloud operator? Security for Cloud Storage 3 Asiacrypt '10

o o How do we preserve confidentiality of data? o o Encryption! o o What happens when I need to retrieve my data? o o e.g., search over s or pictures Confidentiality in Cloud Storage 4 Asiacrypt '10

Searchable Symmetric Encryption [Song-Wagner-Perrig01] 5 Asiacrypt '10

o o General-purpose o o Two-party computation [Yao82] o o Oblivious RAMs [Goldreich-Ostrovsky96] o o Fully-homomorphic encryption [Gentry09] o o interactive or search is O(|data|) o o Searchable encryption o o [SWP01,Goh03,Chang-Mitzen.05,Boneh-diCrescenzo-Ostrovsky- Persiano04,…] : 1 round & O(#docs) server computation o o [Curtmola-Garay-K-Ostrovsky06] : 1 round & O(# of docs w/ word) server computation o o Functional encryption [Boneh-Sahai-Waters10] Related Work 6 Asiacrypt '10

o o Private keyword search over encrypted text data o o Q : can we privately query other types of encrypted data? o o maps o o image collections o o social networks o o web page archives Limits of Searchable Encryption 7 Asiacrypt '10

o o Communications o o headers, phone logs o o Networks o o Social networks o o Web crawlers o o Maps Graph Data 8 Asiacrypt '10

Structured Encryption 9 Asiacrypt '10 t

o o Structured Encryption o o Formal security definition o o simulation-based o o Constructions o o Graph encryption with adjacency queries o o Graph encryption with neighbor queries o o Web graph encryption with focused subgraph queries o o Controlled disclosure o o Application to cloud-based data brokering Our Results 10 Asiacrypt '10

11 Asiacrypt '10 Structured Encryption

o o Social network = Graph + Profiles Structured Data 12 Asiacrypt '10

Structured Encryption 13 Asiacrypt '10 t

o o Security against adaptive chosen query attacks o o generalizes CKA2-security from [CGKO06] o o Simulation-based definition o o ``given the ciphertext and the tokens no adversary can learn any information about the data and the queries, even if the queries are made adaptively” o o Too strong o o e.g., SSE constructions leak some information o o access pattern: pointers to documents that contain keyword o o search pattern: whether two tokens were for the same keyword CQA2-Security 14 Asiacrypt '10

o o Security is parameterized by 2 stateful leakage functions o o Simulation-based definition o o ``given the ciphertext and the tokens no adversary can learn any information about the data and the queries other than what can be deduced from the L 1 and L 2 leakages…” o o “…even if queries are made adaptively” CQA2-Security 15 Asiacrypt '10

Leakage Functions 16 Asiacrypt '10

CQA2-Security 17 Asiacrypt '10 Real WorldIdeal World q t ?$&$#&$#&$s!l) t L1L1 q L2L2,q

Adaptiveness 18 Asiacrypt '10

19 Asiacrypt '10 Constructions

o o Graph encryption with adjacency queries o o from matrix encryption with lookup queries o o Graph encryption with neighbor queries o o from text encryption with keyword search (i.e., SSE) o o Web graph encryption with focused subgraph queries o o from text encryption with keyword search o o from graph encryption with neighbor queries Constructions 20 Asiacrypt '10

Neighbor Queries on Graphs 21 Asiacrypt '10 t

Neighbor Queries on Graphs 22 Asiacrypt '10

Neighbor Queries on Graphs 23 Asiacrypt ' … …

o o Web graphs o o Text data -- pages o o Graph data --- hyperlinks o o Simple queries on web graphs o o All pages linked from P o o All pages that link to P o o Complex queries on web graphs o o ``mix” both text and graph structure o o search engine algorithms based on link-analysis o o Kleinberg’s HITS [Kleinberg99] o o SALSA [LM01] o o … FSQ on Web Graphs 24 Asiacrypt '10

o o HITS algorithm o o Step 1: compute focused subgraph o o Step 2: run iterative algorithm on focused subgraph Focused Subgraph Queries 25 Asiacrypt '10 Singapore

o o Encrypt o o pages with SE-KW o o graph with SE-NQ o o does not work! o o Chaining technique o o combine SE schemes (e.g., SE-KW with SE-NQ) o o preserves token size of first SE scheme o o Requires associative SE o o message space: private data items and semi-private information o o answer: pointers to data items + associated semi-private information o o [Curtmola-Garay-K-Ostrovsky06]: associative SSE but not CQA2 FSQ on Encrypted Graphs 26 Asiacrypt '10

FSQ on Web Graphs 27 Asiacrypt '10 t

FSQ on Web Graphs 28 Asiacrypt '10

FSQ on Web Graphs 29 Asiacrypt ' , 31, 3

30 Asiacrypt '10 Controlled Disclosure

o o Structured encryption o o Private queries on encrypted data o o Q : what about computing on encrypted data? o o Two-party computation o o Fully-homomorphic encryption o o 2PC & FHE don’t scale to massive datasets (e.g., Petabytes) o o Do we give up security? Limitations of Structured Encryption 31 Asiacrypt '10

o o Compromise o o reveal only what is necessary for the computation o o Local algorithms o o Don’t need to ``see” all their input o o e.g., simulated annealing, hill climbing, genetic algorithms, graph algorithms, link-analysis algorithms, … Controlled Disclosure 32 Asiacrypt '10 Family Colleagues

Controlled Disclosure 33 Asiacrypt '10 t q f

o o Microsoft Azure Marketplace o o Infochimps Cloud-based Data Brokerage 34 Asiacrypt '10

35 Asiacrypt '10 Secure Data Brokerage o o Producer o o accurate count of data usage o o Collusions b/w o o Cloud o o Consumer

36 Asiacrypt '10 Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.