Institutional Repository [SANDBOX]
Technical University of Crete
EN  |  EL

Search

Browse

My Space

Practical private range search in depth

Demertzis Ioannis, Papadopoulos Stavros, Papapetrou, Odysseas 1978-, Deligiannakis Antonios, Garofalakis Minos, Papamanthou Charalampos

Full record


URI: http://purl.tuc.gr/dl/dias/64F99B47-7A99-4C4C-A701-35F5509E24A6
Year 2018
Type of Item Peer-Reviewed Journal Publication
License
Details
Bibliographic Citation I. Demertzis, S. Papadopoulos, O. Papapetrou, A. Deligiannakis, M. Garofalakis and C. Papamanthou, "Practical private range search in depth," ACM Trans. Database Syst.. vol. 43, no. 1, Apr. 2018. doi: 10.1145/3167971 https://doi.org/10.1145/3167971
Appears in Collections

Summary

We consider a data owner that outsources its dataset to an untrusted server. The owner wishes to enable the server to answer range queries on a single attribute, without compromising the privacy of the data and the queries. There are several schemes on "practical" private range search (mainly in database venues) that attempt to strike a trade-off between efficiency and security. Nevertheless, these methods either lack provable security guarantees or permit unacceptable privacy leakages. In this article, we take an interdisciplinary approach, which combines the rigor of security formulations and proofs with efficient data management techniques. We construct a wide set of novel schemes with realistic security/performance trade-offs, adopting the notion of Searchable Symmetric Encryption (SSE), primarily proposed for keyword search. We reduce range search to multi-keyword search using range-covering techniques with tree-like indexes, and formalize the problem as Range Searchable Symmetric Encryption (RSSE). We demonstrate that, given any secure SSE scheme, the challenge boils down to (i) formulating leakages that arise from the index structure and (ii) minimizing false positives incurred by some schemes under heavy data skew. We also explain an important concept in the recent SSE bibliography, namely locality, and design generic and specialized ways to attribute locality to our RSSE schemes. Moreover, we are the first to devise secure schemes for answering range aggregate queries, such as range sums and range min/max. We analytically detail the superiority of our proposals over prior work and experimentally confirm their practicality.

Services

Statistics