Mohammad Ahmadian COP-6087 University of Central Florida

 Goal: protect confidentiality and Integrity of data Application DB Server SQL Threat 1: passive attacks on DB server Threat 2: active/passive attacks on all servers User 1 User 2 User 3 Proxy 1. Process SQL queries on encrypted data 2. Capture and enforce cryptographically access control in SQL: chain keys from user passwords to data item (Keygen) user password

Application DB Server  curious DB administrators  hackers  curious cloud/employees  physical attacks SQL User 1 User 2 User 3 Threat Model  Consider attacks on any part of the servers,  Consider passive attack like modification of information in database by malicious cloud insider

DB Server SQL Trusted All queries are encrypted Proxy application queries unencrypted  Client & server side both are trusted  The session between client and db server is compromised Under attack The benefit of attackers are very low Trusted

DB Server SQL Trusted Perform SQL query processing on encrypted data Proxy application queries unencrypted  Client side enjoys issuing query without concerning about underlying security mechanisms in proxy  DB server is unchanged  It is impossible to attacker to change data without revealing to user Under attack 1. Support standard SQL queries on encrypted data 2. Process queries completely at the DB server 3. No change to existing DBMS

1. RND-Advanced Encryption Standard ◦ Obs.: set of SQL operators is limited ◦ Different encryption schemes provide different functionality 2. OPE-Order Preserving Encryption ◦ Enable to comparison, order by, join, sort, MAX, MIN. 3. MAC –Message authentication code ◦ Provides integrity for data element Solution: Cryptographic techniques

? Example col1/rankcol2/name table1 (cinfo) SELECT * FROM cinfo WHERE income= 100 x5a8c34 x934bc1 x5a8c34 x84a21c x5a8c34 ≥ x638e5 4 x922eb4 x1eab8 1 SELECT * FROM cinfo WHERE income= x5a8c34 ≥ Proxy ? x5a8c34 x638e5 4 x922eb4 x638e5 4 X4be2 1 9 x95c623 x2ea887 x17cea7 x638e54 col3/salary Application

e.g., =, !=, GROUP BY, IN, COUNT, DISTINCT Highest SchemeOperationDetail RNDNone AES HOM+, * AES in CTR DETequality e.g., Paillier OPEorder Boldyreva et al. ’09 e.g., >, <, ORDER BY, SORT, MAX, MIN first practical implementation Security

The Advanced Encryption Standard (AES) is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in Rijndael is a family of ciphers with different key and block sizes. For AES, NIST selected three members of the Rijndael family, each with a block size of 128 bits, but three different key lengths: 128, 192 and 256 bits.

 AES is one of secure block cipher for digital information. I adapt it with key size 128 bit for this project for encrypting text columns. One of negative point of AES is it’s speed, actually it’s key generation is not so fast.

Order Preserving encryption(OPE) is an encryption scheme whose deterministically preserves numerical order of plaintext in the ciphertext. For quick start, consider a random order-preserving function from M to N, so that |M|<|N|. Without loss of generality, we can consider M the set {1,2,...,M} and N likewise {1,2,...,N}. Now, pick M elements of N randomly and put them in order. Our function f:M → N is simply this ordered set. To encrypt i in M, just output the ith element of this list. Consider f is an order-preserving function which maps elements in domain to ordered list of elements of the range. Obviously, the elements of range can be divided in two categories of marked and unmarked. If an element is selected by f then it is member of marked otherwise it is member of unmarked category. Thus elements of the range are partitioned into the marked and unmarked subsets, as being balls in a bin. If we draw balls without replacement, the number x of marked balls we've drawn after y samples can be described by the Hyper Geometric Distribution (HGD)

 I spend 3 weeks to install open source cryptdb  It failed because it is depended to lots of packages and libraries and there isn’t any documentation.  I spend 3 weeks to writing my own mysql-proxy  It is almost 1200 lines of code in c++ and easy to install. It needs to add some features to handle all type of datbases

 John Singleton  Salih Safa Reference: 1- CryptDB: Confidentiality for Database Applications with Encrypted Query Processing Raluca Ada Popa, Catherine Redfield, Nickolai Zeldovich, and Hari Balakrishnan MIT CSAIL 2-Order-Preserving Symmetric Encryption Alexandra Boldyreva, Nathan Chenette, Younho Lee and Adam O'Neill Georgia Institute of Technology, Atlanta, GA, USA