Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Cloud Database using Multiparty Computation.

Published byDuane Norman Modified over 9 years ago

Similar presentations

Presentation on theme: "Secure Cloud Database using Multiparty Computation."— Presentation transcript:

1 Secure Cloud Database using Multiparty Computation

2 Introduction Security in cloud environment – The service providers are typically third party – Goal: protect sensitive data Related paper in secure DB – NetDB2, IBM (Outsourced database) – Relational Cloud, CryptDB (MIT, CIDR 2011) – TrustedDB using secure hardware (VLDB 2011 demo, Radu Sion)

3 NetDB2 Tuple 1xxxyyy Tuple 2aaabbb Tuple 1!a4a3g Tuple 2L%jm*K Value-level encryption SELECT * WHERE value = `xxx’SELECT * WHERE value = `!a4’ DB Encrypted DB Tuple 1P2 Tuple 2P1 + Partition information Partition: P1: < `m’; otherwise P2 SELECT * WHERE value < `xxx’SELECT * WHERE value in [P1, P2] Simple deterministic encryption

4 CryptDB Onion-encryption: multiple encryption done on 1 data 10 Original data encrypt E 1 (10) = A*65h OPES: numeric comparisons E 2 (A*65h) = BB647 Deterministic encryption Equality can be done Non-deterministic encryption No computation is feasible E 3 (BB647) = %j@9G If the user wants more computation power, decrypt to the desired level (one way!)

5 Summary Mainly on encryption technique – Provide limited computation capabilities Also note that security strength depends on the encryption function – For example, deterministic encryption may allow a frequency analysis attack `Male’, `Female’ => `%k9)2’, `Ah475’ `Ah475’ x 21; `%k9)2’ x 5 in DB group

6 Secure multiparty computation Background

7 Secret sharing (around 1980) 10 Secret 4 6 shares AliceBob 6+4 = 10 What is the secret value? Alice’s share would be 5? 20? -3? The secret is recovered only when the two parties exchange their shares

8 Secret sharing General case s Secret s1s1 s2s2 …snsn The secret can be divided into n parties, for any n s = g(s 1, s 2, …, s n ) Example: Sum of all shares (modular) Bitwise XOR of all shares Product, string concatenation, etc… Security requirement: Given k < n shares, it is hard to recover s

9 Secure multiparty computation Party 1 x1x1 Party 2 x2x2 Party n xnxn … Objective: Every party obtains f(x 1, x 2, …, x n ) but cannot observe any other information apart from its own data r = f(x 1, x 2, …, x n ) r r r

10 Secure multiparty computation Any function f that can be expressed as a circuit can be computed securely in SMC – Limitation of the generic solution Not efficient Many efficient protocols are developed to support certain operations

11 Building a secure database system To hide the data – Secret sharing To provide query processing functionality – Secure multiparty computation (SMC) Done?

12 Secure Cloud Database = Secret Sharing + SMC? DB A B C Service Provider 1 Service Provider 2 Service Provider 3 DB = A + B + C SMC Queries Result R R R

13 Difference Security requirement – SMC allows all party obtain the result vs SDB allows only the user obtain the result Computational model – SMC: a single function computation vs SDB: follow-up queries

14 An adaption of SMC + secret sharing Example: SHAREMIND – Outsourced privacy preserving data mining DB A B C Service Provider 1 Service Provider 2 Service Provider 3 DB = A + B + C

15 An adaption of SMC + secret sharing Example: SHAREMIND – Key: computational result is also shared among parties A B C Service Provider 1 Service Provider 2 Service Provider 3 Query Result A B C A + B + C = Result

16 SHAREMIND Toolkit Provide several basic operations to build mining application – Arithmetic (add, multiply, divide), bitwise operations (XOR), equality

17 SHAREMIND – Recursive processing SMC operations Workspaces in different parties Result in shares Intermediate results as part of data of future processing Example: SELECT * WHERE A > AVERAGE(B) Query execution: SMC1. Compute average(B) SMC2. Filter with result from SMC1

18 Research problem

19 Secure DB Model DB A B C Service Provider 1 Service Provider 2 Service Provider 3 DB = A + B + C Owner/User

20 Before we proceed…. Clarifying the security Negative result – Ideal security: Querying workflow: user issues query => service providers compute result and return to user Knowledge gained by service providers: NONE. Not even anything about query and result! – A solution achieving ideal security is not more efficient than a non-outsourcing solution (not using cloud)

21 Knowledge gained by service provider Output space of a simple selection query: varies from no tuple to the entire database – Even larger space if we consider joins Example knowledge gain – If the output size is small, the service provider knows it is not the case that the query selects entire table To hide the above information, each returned query result should be at least of size = entire table

22 Security in secure database Each service provider can observe – Query content The tables that are related to the query Number of conditions, types of conditions, attributes that are related But not other info about query – Query answer the set of shares of tuples in some query answer But not other content

23 Example query SELECT Name FROM Employer WHERE Salary > 6000 Transformed query may look like to one service provider SELECT ATTRIBUTE_7 FROM TABLE_A WHERE ATTRIBUTE_3 > X WITH SHARE_X = 1000 Answer Tom Kitty Answer T Ki Answer o t m ty The other two parties may get SHARE_X = 2000 and SHARE_X = 3000

24 Building a secure database Baseline solution – Use the existing SHAREMIND Toolkit Each value is divided into shares Selection using equality operation or greater than (detailed protocol not found ????)

25 One efficiency problem SMC is distributed computing – Number of rounds should be as small as possible! – Handshaking is expensive Naïve compiling of query – May result in series of SMC protocols – Example SELECT A+B+C+D 3 sum operations separately? 3X latency Sum in 1 round!

26 Better solution? 1. Query execution plan optimization – We have different possible ways to translate the query into SMC primitives, how to optimize in terms of number of rounds of communication? Even better is to have a cost model to consider everything 2. Shortcut operator – Example: (X+Y) mod 5, original two individual SMC operators, but we can use a single SMC operator to replace this combination 3. Index – How to implement index efficiently and securely?

27 Solutions? No solid ideas now……

Download ppt "Secure Cloud Database using Multiparty Computation."

Similar presentations

Revisiting the efficiency of malicious two party computation David Woodruff MIT.

Revisiting the efficiency of malicious two party computation David Woodruff MIT.
Querying Encrypted Data using Fully Homomorphic Encryption Murali Mani, UMFlint Talk given at CIDR, Jan 7, 2013 1.

Querying Encrypted Data using Fully Homomorphic Encryption Murali Mani, UMFlint Talk given at CIDR, Jan 7,
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,

Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,
ITIS 6200/8200. 2 Secure multiparty computation – Alice has x, Bob has y, we want to calculate f(x, y) without disclosing the values – We can only do.

ITIS 6200/ Secure multiparty computation – Alice has x, Bob has y, we want to calculate f(x, y) without disclosing the values – We can only do.
CS555Topic 241 Cryptography CS 555 Topic 24: Secure Function Evaluation.

CS555Topic 241 Cryptography CS 555 Topic 24: Secure Function Evaluation.
Computer Science CSC 405 Introduction to Computer Security Topic 6.2 Multi-Level Databases.

Computer Science CSC 405 Introduction to Computer Security Topic 6.2 Multi-Level Databases.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Statistical database security Special purpose: used only for statistical computations. General purpose: used with normal queries (and updates) as well.

Statistical database security Special purpose: used only for statistical computations. General purpose: used with normal queries (and updates) as well.
CMPT 354, Simon Fraser University, Fall 2008, Martin Ester 52 Database Systems I Relational Algebra.

CMPT 354, Simon Fraser University, Fall 2008, Martin Ester 52 Database Systems I Relational Algebra.
Manish Bhide, Manoj K Agarwal IBM India Research Lab India {abmanish, Amir Bar-Or, Sriram Padmanabhan IBM Software Group, USA

Manish Bhide, Manoj K Agarwal IBM India Research Lab India {abmanish, Amir Bar-Or, Sriram Padmanabhan IBM Software Group, USA
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Spring 2003 ECE569 Lecture 04-2.1 ECE 569 Database System Engineering Spring 2003 Yanyong Zhang www.ece.rutgers.edu/~yyzhangwww.ece.rutgers.edu/~yyzhang.

Spring 2003 ECE569 Lecture ECE 569 Database System Engineering Spring 2003 Yanyong Zhang
Establishment of Conference Keys in Heterogeneous Networks Wade Trappe, Yuke Wang, K. J. Ray Liu 2002. ICC 2002. IEEE International Conference.

Establishment of Conference Keys in Heterogeneous Networks Wade Trappe, Yuke Wang, K. J. Ray Liu ICC IEEE International Conference.
Intro To Encryption Exercise 1. Monoalphabetic Ciphers Examples:  Caesar Cipher  At Bash  PigPen (Will be demonstrated)  …

Intro To Encryption Exercise 1. Monoalphabetic Ciphers Examples:  Caesar Cipher  At Bash  PigPen (Will be demonstrated)  …
Privacy Preserving Data Mining Yehuda Lindell & Benny Pinkas.

Privacy Preserving Data Mining Yehuda Lindell & Benny Pinkas.
PRIVACY CRITERIA. Roadmap Privacy in Data mining Mobile privacy (k-e) – anonymity (c-k) – safety Privacy skyline.

PRIVACY CRITERIA. Roadmap Privacy in Data mining Mobile privacy (k-e) – anonymity (c-k) – safety Privacy skyline.
Data Encryption Standard (DES). Symmetric Cryptography  C = E(P,K)  P = D(C,K)  Requirements  Given C, the only way to obtain P should be with  the.

Data Encryption Standard (DES). Symmetric Cryptography  C = E(P,K)  P = D(C,K)  Requirements  Given C, the only way to obtain P should be with  the.
Practical Techniques for Searches on Encrypted Data Yongdae Kim Written by Song, Wagner, Perrig.

Practical Techniques for Searches on Encrypted Data Yongdae Kim Written by Song, Wagner, Perrig.
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.

Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.

Similar presentations

Ads by Google