Presentation is loading. Please wait.

Presentation is loading. Please wait.

Searching Over Encrypted Data Charalampos Papamanthou ECE and UMIACS University of Maryland, College Park Research Supported By.

Published byGeoffrey Gordon Modified over 8 years ago

Similar presentations

Presentation on theme: "Searching Over Encrypted Data Charalampos Papamanthou ECE and UMIACS University of Maryland, College Park Research Supported By."— Presentation transcript:

1 Searching Over Encrypted Data Charalampos Papamanthou cpap@umd.edu ECE and UMIACS University of Maryland, College Park Research Supported By

2 Cloud computing today PROVIDERS  Google  Yahoo!  Amazon Clients  Industries  Federal government  Universities

3 Is there any privacy?  Cloud provider uses its own keys to encrypt the clients’ data  So, rest assured…?

4 Where we want to get at in the future  We want clients to be in control of their data  Encrypt at the client’s machine  Cloud only gets to see the ciphertext!  Google and Yahoo! already moving forward with such an approach  See end-to-end (https://github.com/google/end-to-end)

5 How about searching?  In theory possible, but impractical  Fully-homomorphic encryption  Oblivious RAM  Two-party computation  My group’s approach  Theory: Searchable encryption  Practice: Pmail (demo in the end)

6 Potential approaches y i = enc(f i ) search large bandwidth! All y i yiyi fifi y i = enc(f i ) file id y id yiyi fifi index large client space!

7 Searchable Encryption y i = enc(f i ) token t(w) ywyw yiyi fifi index  First paper by Song, Wagner and Perrig in 2000  Encrypt files + index appropriately  Search with encrypted tokens  Return only the relative files  Only for static indexes (or dynamic is not practical)

8 Caveat Searchable encryption leaks information –Search pattern –Access pattern

9 What is an index Microsoft Brown Berkeley Greece F2F10F11 F2F8F14 F1F2 F4F10F12 …(Microsoft, F2), (Microsoft, F10),…,(Brown,F8),…,(Greece,F4)….

10 What is a token Definition of token for word w hash function w K twtw Tokens are deterministic!

11 Basic scheme (NDSS 2014) (w, d) KEY = HASH (t w || count || 0 ) encoded hash table T initial index D (w, d)

12 Searching for keyword w Client: Sends t w Server: Looks up the entries mapping to t w –Learns nothing about keyword W twtw

13 Updating the index Important: Old tokens should not work for new files –Addressed in our NDSS 2014 paper

14 Research in my group Searchable encryption with support for updates (CCS 2012, NDSS 2014) Parallel algorithms for searchable encryption (FC 2013) [Ongoing research] –[Theory] New searchable encryption schemes that are more expressive (range and conjunctive search) leak less information (eliminating search pattern leakage) support more efficient updates (improving the polylogn bound) use weaker cryptographic assumptions (removing the random oracle) –[Practice] Devoping Pmail (plugin for Gmail) Pick the right SE scheme Web security issues (how to integrate securely with Gmail API) Usability issues (how can we design the interface so that more people can use it)

15 Pmail Demo

Download ppt "Searching Over Encrypted Data Charalampos Papamanthou ECE and UMIACS University of Maryland, College Park Research Supported By."

Similar presentations

P2P data retrieval DHT (Distributed Hash Tables) Partially based on Hellerstein’s presentation at VLDB2004.

P2P data retrieval DHT (Distributed Hash Tables) Partially based on Hellerstein’s presentation at VLDB2004.
Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, Hari Balakrishnan MIT and Berkeley presented by Daniel Figueiredo Chord: A Scalable Peer-to-peer.

Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, Hari Balakrishnan MIT and Berkeley presented by Daniel Figueiredo Chord: A Scalable Peer-to-peer.
Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,

Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,
Building an Encrypted and Searchable Audit Log Brent Waters Dirk Balfanz Glenn Durfee D.K. Smetters.

Building an Encrypted and Searchable Audit Log Brent Waters Dirk Balfanz Glenn Durfee D.K. Smetters.
SplitX: High-Performance Private Analytics Ruichuan Chen (Bell Labs / Alcatel-Lucent) Istemi Ekin Akkus (MPI-SWS) Paul Francis (MPI-SWS)

SplitX: High-Performance Private Analytics Ruichuan Chen (Bell Labs / Alcatel-Lucent) Istemi Ekin Akkus (MPI-SWS) Paul Francis (MPI-SWS)
CS555Topic 241 Cryptography CS 555 Topic 24: Secure Function Evaluation.

CS555Topic 241 Cryptography CS 555 Topic 24: Secure Function Evaluation.
Structured Encryption and Controlled Disclosure Melissa Chase Seny Kamara Microsoft Research Asiacrypt '10 1.

Structured Encryption and Controlled Disclosure Melissa Chase Seny Kamara Microsoft Research Asiacrypt '10 1.
Introduction to Practical Cryptography Lecture 9 Searchable Encryption.

Introduction to Practical Cryptography Lecture 9 Searchable Encryption.
Searchable Symmetric Encryption :Improved Definitions and Efficient Constructions Reza Curtmola Juan Garay Seny Kamara Rafail Ostrovsky.

Searchable Symmetric Encryption :Improved Definitions and Efficient Constructions Reza Curtmola Juan Garay Seny Kamara Rafail Ostrovsky.
INTRODUCTION PROBLEM FORMULATION FRAMEWORK AND PRIVACY REQUIREMENTS FOR MRSE PRIVACY-PRESERVING AND EFFICIENT MRSE PERFORMANCE ANALYSIS RELATED WORK CONCLUSION.

INTRODUCTION PROBLEM FORMULATION FRAMEWORK AND PRIVACY REQUIREMENTS FOR MRSE PRIVACY-PRESERVING AND EFFICIENT MRSE PERFORMANCE ANALYSIS RELATED WORK CONCLUSION.
2 Your data is anywhere but not in your control Security breaches are recurrent – Weakest link: hardware, software, technicians, … You may trust the science.

2 Your data is anywhere but not in your control Security breaches are recurrent – Weakest link: hardware, software, technicians, … You may trust the science.
CMSC 414 Computer and Network Security Lecture 10 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 10 Jonathan Katz.
CS7380: Privacy Aware Computing Oblivious RAM 1. Motivation  Starting from software protection Prevent from software piracy A valid method is using hardware.

CS7380: Privacy Aware Computing Oblivious RAM 1. Motivation  Starting from software protection Prevent from software piracy A valid method is using hardware.
Reza Curtmola Juan Garay Seny Kamara Rafail Ostrovsky

Reza Curtmola Juan Garay Seny Kamara Rafail Ostrovsky
May 23, 2007 Archiving 2007 1 ACE: A Novel Software Platform to Ensure the Integrity of Digital Archives Sangchul Song and Joseph JaJa Institute for Advanced.

May 23, 2007 Archiving ACE: A Novel Software Platform to Ensure the Integrity of Digital Archives Sangchul Song and Joseph JaJa Institute for Advanced.
1 Secure Indexes Author : Eu-Jin Goh Presented by Yi Cheng Lin.

1 Secure Indexes Author : Eu-Jin Goh Presented by Yi Cheng Lin.
Sam Becker. Introduction Why is it important? Security Why is it needed? Solution Schemes Questions.

Sam Becker. Introduction Why is it important? Security Why is it needed? Solution Schemes Questions.
Addition to Networking.  There is no unique and standard definition out there  Cloud Computing is a general term used to describe a new class of network.

Addition to Networking.  There is no unique and standard definition out there  Cloud Computing is a general term used to describe a new class of network.
Databases Creating databases to store information.

Databases Creating databases to store information.
Practical Techniques for Searches on Encrypted Data Yongdae Kim Written by Song, Wagner, Perrig.

Practical Techniques for Searches on Encrypted Data Yongdae Kim Written by Song, Wagner, Perrig.

Similar presentations

Ads by Google