Searching Over Encrypted Data Charalampos Papamanthou ECE and UMIACS University of Maryland, College Park Research Supported By.

Slides:

Advertisements

Similar presentations

P2P data retrieval DHT (Distributed Hash Tables) Partially based on Hellerstein’s presentation at VLDB2004.

Advertisements

Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, Hari Balakrishnan MIT and Berkeley presented by Daniel Figueiredo Chord: A Scalable Peer-to-peer.

Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,

Building an Encrypted and Searchable Audit Log Brent Waters Dirk Balfanz Glenn Durfee D.K. Smetters.

SplitX: High-Performance Private Analytics Ruichuan Chen (Bell Labs / Alcatel-Lucent) Istemi Ekin Akkus (MPI-SWS) Paul Francis (MPI-SWS)

CS555Topic 241 Cryptography CS 555 Topic 24: Secure Function Evaluation.

Structured Encryption and Controlled Disclosure Melissa Chase Seny Kamara Microsoft Research Asiacrypt '10 1.

Introduction to Practical Cryptography Lecture 9 Searchable Encryption.

Searchable Symmetric Encryption :Improved Definitions and Efficient Constructions Reza Curtmola Juan Garay Seny Kamara Rafail Ostrovsky.

INTRODUCTION PROBLEM FORMULATION FRAMEWORK AND PRIVACY REQUIREMENTS FOR MRSE PRIVACY-PRESERVING AND EFFICIENT MRSE PERFORMANCE ANALYSIS RELATED WORK CONCLUSION.

2 Your data is anywhere but not in your control Security breaches are recurrent – Weakest link: hardware, software, technicians, … You may trust the science.

CMSC 414 Computer and Network Security Lecture 10 Jonathan Katz.

CS7380: Privacy Aware Computing Oblivious RAM 1. Motivation  Starting from software protection Prevent from software piracy A valid method is using hardware.

Reza Curtmola Juan Garay Seny Kamara Rafail Ostrovsky

May 23, 2007 Archiving ACE: A Novel Software Platform to Ensure the Integrity of Digital Archives Sangchul Song and Joseph JaJa Institute for Advanced.

1 Secure Indexes Author ： Eu-Jin Goh Presented by Yi Cheng Lin.

Sam Becker. Introduction Why is it important? Security Why is it needed? Solution Schemes Questions.

Addition to Networking.  There is no unique and standard definition out there  Cloud Computing is a general term used to describe a new class of network.

Databases Creating databases to store information.

Practical Techniques for Searches on Encrypted Data Yongdae Kim Written by Song, Wagner, Perrig.

Storage & Retrieval Privacy

Privacy Preserving Query Processing in Cloud Computing Wen Jie

Cloud based storage. Cloud Storage Storage accessed by a web service API It is a block storage, it exposes its storage to clients as Raw storage that.

DATA DYNAMICS AND PUBLIC VERIFIABILITY CHECKING WITHOUT THIRD PARTY AUDITOR GUIDED BY PROJECT MEMBERS: Ms. V.JAYANTHI M.E Assistant Professor V.KARTHIKEYAN.

M i SMob i S Mob i Store - Mobile i nternet File Storage Platform Chetna Kaur.

Jeremy D. Bartley Kansas Geological Survey An Introduction to an Index of Geospatial Web Services.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Chapter 2 ARCHITECTURES.

Web Archiving and Access Mike Smorul Joseph JaJa ADAPT Group University of Maryland, College Park.

Design Patterns for Efficient Graph Algorithms in MapReduce Jimmy Lin and Michael Schatz (Slides by Tyler S. Randolph)

Cryptography for Cloud Storage Service Kaoru Kurosawa Ibaraki University, Japan CRYPTOLOGY 2012, 4-6 June, Langkawi, Malaysia.

How to Update Documents Verifiably in Searchable Symmetric Encryption Kaoru Kurosawa and Yasuhiro Ohtaki Ibaraki University, Japan.

Data Confidentiality on Clouds Sharad Mehrotra University of California, Irvine.

Public Key Encryption with keyword Search Author: Dan Boneh Rafail Ostroversity Giovanni Di Crescenzo Giuseppe Persiano Presenter: 陳昱圻.

Shanti Bramhacharya and Nick McCarty. This paper deals with the vulnerability of RFIDs A Radio Frequency Identifier or RFID is a small device used to.

Serverless Network File Systems Overview by Joseph Thompson.

1 Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data Peishun Wang, Huaxiong Wang, and Josef Pieprzyk: SDM LNCS, vol.

WIRED Week 3 Syllabus Update (next week) Readings Overview - Quick Review of Last Week’s IR Models (if time) - Evaluating IR Systems - Understanding Queries.

Network Address Translation External/ Internal/. OVERLOADING In Overloading, each computer on the private network is translated to the same IP address;

1 3 Computing System Fundamentals 3.4 Networked Computer Systems.

Attila A. Yavuz Oregon State University

Data Integrity Proofs in Cloud Storage Author: Sravan Kumar R and Ashutosh Saxena. Source: The Third International Conference on Communication Systems.

UC/Garbled Searchable Symmetric Encryption Kaoru Kurosawa Ibaraki University, Japan.

Presented By Amarjit Datta

LOGO Cloud Storage Oriented Cipher-text Search Protocol.

Secure Data Outsourcing

Keyword search on encrypted data. Keyword search problem  Linux utility: grep  Information retrieval Basic operation Advanced operations – relevance.

All Your Queries Are Belong to Us: The Power of File-Injection Attacks on Searchable Encryption Yupeng Zhang, Jonathan Katz, Charalampos Papamanthou University.

HOW SECURE IS CLOUD COMPUTING? Michael Becker. Summary  This article is about the security flaws and our growing dependence on cloud computing such as.

All Your Queries are Belong to Us: The Power of File-Injection Attacks on Searchable Encryption Yupeng Zhang, Jonathan Katz, Charalampos Papamanthou University.

Practical Private Range Search Revisited

Searchable Encryption in Cloud

Data Management on Opportunistic Grids

Efficient Multi-User Indexing for Secure Keyword Search

Web Application.

Oblivious Parallel RAM: Improved Efficiency and Generic Constructions

Cryptographic hash functions

Hybrid Cloud Architecture for Software-as-a-Service Provider to Achieve Higher Privacy and Decrease Securiity Concerns about Cloud Computing P. Reinhold.

Fast Searchable Encryption with Tunable Locality

Amazon Web Services Training in Hyderabad. About Us Best Amazon Web Services (AWS) Training in Hyderabad. KMRsoft offers AWS classroom, online, corporate.

Privacy Preserving Ranked Multi-Keyword

based on slides by Debra Cook

563.10: Bloom Cookies Web Search Personalization without User Tracking

Verifiable Oblivious Storage

Cloud Security 李芮，蒋希坤，崔男 2018年4月.

University of Maryland

An Introduction to Cloud Computing

EECS 498 Introduction to Distributed Systems Fall 2017

Building an Encrypted and Searchable Audit Log

An Improved Novel Key Management Protocol for RFID Systems

Path Oram An Extremely Simple Oblivious RAM Protocol

Presentation transcript:

Searching Over Encrypted Data Charalampos Papamanthou ECE and UMIACS University of Maryland, College Park Research Supported By

Cloud computing today PROVIDERS  Google  Yahoo!  Amazon Clients  Industries  Federal government  Universities

Is there any privacy?  Cloud provider uses its own keys to encrypt the clients’ data  So, rest assured…?

Where we want to get at in the future  We want clients to be in control of their data  Encrypt at the client’s machine  Cloud only gets to see the ciphertext!  Google and Yahoo! already moving forward with such an approach  See end-to-end (

How about searching?  In theory possible, but impractical  Fully-homomorphic encryption  Oblivious RAM  Two-party computation  My group’s approach  Theory: Searchable encryption  Practice: Pmail (demo in the end)

Potential approaches y i = enc(f i ) search large bandwidth! All y i yiyi fifi y i = enc(f i ) file id y id yiyi fifi index large client space!

Searchable Encryption y i = enc(f i ) token t(w) ywyw yiyi fifi index  First paper by Song, Wagner and Perrig in 2000  Encrypt files + index appropriately  Search with encrypted tokens  Return only the relative files  Only for static indexes (or dynamic is not practical)

Caveat Searchable encryption leaks information –Search pattern –Access pattern

What is an index Microsoft Brown Berkeley Greece F2F10F11 F2F8F14 F1F2 F4F10F12 …(Microsoft, F2), (Microsoft, F10),…,(Brown,F8),…,(Greece,F4)….

What is a token Definition of token for word w hash function w K twtw Tokens are deterministic!

Basic scheme (NDSS 2014) (w, d) KEY = HASH (t w || count || 0 ) encoded hash table T initial index D (w, d)

Searching for keyword w Client: Sends t w Server: Looks up the entries mapping to t w –Learns nothing about keyword W twtw

Updating the index Important: Old tokens should not work for new files –Addressed in our NDSS 2014 paper

Research in my group Searchable encryption with support for updates (CCS 2012, NDSS 2014) Parallel algorithms for searchable encryption (FC 2013) [Ongoing research] –[Theory] New searchable encryption schemes that are more expressive (range and conjunctive search) leak less information (eliminating search pattern leakage) support more efficient updates (improving the polylogn bound) use weaker cryptographic assumptions (removing the random oracle) –[Practice] Devoping Pmail (plugin for Gmail) Pick the right SE scheme Web security issues (how to integrate securely with Gmail API) Usability issues (how can we design the interface so that more people can use it)

Pmail Demo