SlideShare a Scribd company logo

Executing Boolean Queries on an Encrypted Bitmap Index

Mohamed Ahmed Abdelraheem
Mohamed Ahmed Abdelraheem

We propose a simple and efficient searchable symmetric encryption scheme based on a Bitmap index that evaluates Boolean queries. Our scheme provides a practical solution in settings where communications and computations are very constrained as it offers a suitable trade-off between privacy and performance.

1 of 24
Download to read offline
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Executing Boolean Queries on an Encrypted Bitmap Index Mohamed Ahmed Abdelraheem1, Christian Gehrmann1, Malin Lindstr¨om2 and Christian Nordahl2 1SICS Swedish ICT AB 2Blekinge Institute of Technology CCSW 2016, Vienna 28 Oct 2016 1 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Data Breaches Everywhere Figure 1: World’s Biggest Data Breaches 2 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Snowden Disclosures Figure 2: Snowden Disclosures 3 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Protect our privacy and still enjoy public cloud services? Figure 3: Ed Snowden’s ACLU SXSW Talk, March 2014 4 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Encrypted Search Fully Homomorphic Encryption (FHE). Secure Multiparty Computation (MPC). Oblivious RAM (ORAM). Searchable Symmetric Encryption (SSE). Deterministic Encryption (DET). Order Preserving Encryption (OPE). 5 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Symmetric Searchable Encryption Schemes I Threat Model SSE schemes achieve (non)-adaptive security against an honest-but-curious adversary. Efficieny comes at the price of leakage Access Pattern: size of the search result. Search Pattern: whether two searches are similar. Remark Still better than DET and OPE schemes allowing leakage before any queries which makes offline inference attacks possible. 6 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Symmetric Searchable Encryption Schemes II Song et al. [2000] proposed the first practical SSE scheme. Curtumola et al. [2006] and many other SSE schemes achieve optimal search time (sublinear) using the inverted index. Liesdonk et al. [2009] proposed the first dynamic SSE scheme using a Bitmap index. Cash et al. [2013] proposed the first sublinear scheme supporting Boolean queries w1 ∧ f (w2, · · · , wt). Remark Our work is inspired by Cash et al BXT and OXT protocols. 7 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Our Contribution First multi-keyword SSE scheme on an encrypted Bitmap Index: Trade-off between: communication, performance, security. Single-round communication. Reasonable security targeting constrained environments. Linear search but embarrassingly parallel. Suitable for very large and dense datasets. Remark Final query result is decided at the Client. This makes our work different than standard SSE schemes but yields efficiency and security benefits. 8 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Cash et al interactive-BXT and OXT Protocols Evaluate queries of the form w1 ∧ f (w2, ..., wt): w1 (s-term) has low freq, other wi (x-terms) has larger freq. Use an auxiliary set (XSet) beyond its main index (TSet). Security Leakage: Number of documents and number of keyword-docID pairs, N. No intersection between s-terms (OXT). Intersections between s-terms and nothing between x-terms (interactive-BXT). Cost: Sublinear search time (optimal). Communication and computation are high. Storage is on the order of keyword-doc ID pairs (optimal but not for BXT and OXT when used with dense datasets). 9 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Single Keyword on Encrypted Bitmap Plaintext Bitmap Index Each keyword wj is associated with a bit string holding an active bit at index i iff the ith document or record contains wj . Encrypted Bitmap Index (single keyword) Each keyword wj is encrypted using DET encryption and its associated Bitmap is one-time pad encrypted (Liesdonk et al). w1 ∧ w2 on the above Encrypted Bitmap Index Leaks the result set of w1 and the result set of w2. Our Goal Evaluate queries of the form w1 ∧ f (w2, ..., wt) using an encrypted Bitmap Index with no leakage beyond the actual result set. 10 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion BXT-Bitmap Encypted Database Setup Assume n documents and m keywords. Each keyword wj has Kj = PRF1(KI , wj ). pointer pj to its corresponding encrypted Bitmap Be created using a large key derived from Kj . two secret tags (stag, xtag) whose hash value is stored in two hash tables HTstag and HTxtag. stag = PRF2(KS , wj ) = (KS1, KS2) xtag = PRF2(KX , wj ) = (KX1, KX2) Hash table’s elements (lj , dj ) HTstag : lj = hash(KS1) and dj = enc(KS2, pj ||Kj ). HTxtag : lπ(j) = hash(KX1) and dπ(j) = enc(KX2, pj ). size of each is O(m). 11 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Encrypted database label Value hash(KS1) E(KS2, p1||K1) hash(KS2) E(KS2, p2||K2) · · · · · · hash(KSi ) E(KS2, pi ||Ki ) · · · · · · hash(KSm) E(KS2, pm||Km) Table 1: s-term hash table. label Value · · · · · · · · · · · · · · · · · · hash(KX1) E(KX2, p1) · · · · · · · · · · · · Table 2: x-term hash table, π(1) = i. id 1 2 · · · · · · · · · · · · · · · · · · n p1 0 1 · · · · · · · · · · · · · · · · · · 1 p2 1 0 · · · · · · · · · · · · · · · · · · 1 ... ... ... · · · · · · · · · · · · · · · · · · ... pm 1 1 · · · · · · · · · · · · · · · · · · 0 Table 3: Encrypted Bitmap Index (B ) 12 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Conjunctive Search Process w1 ∧ w2 ∧ · · · ∧ wt (I) Client (w1 ∧ · · · ∧ wt, KS , KX ): stag → PRF2(KS , w1) = (KS1, KS2). xtagj → PRF2(KX , wj ) = (KXj1 , KXj2 ), j ≥ 2. Send stag and all xtagj to Server. Server (Be, HStag, HXtag, stag, xtagj ): Use stag and HStag to retrieve result set RS of w1 from Be. Use xtagi and HXtag to find pointerxtagj to access Be. For each idi ∈ RS: send the bit Be[pointerxtagj , idi ] to Client. Client (Be[pointerxtagj , idi ], idi ∈ RS): For each (idi , xtagj ), find vj = Dec(Be[pointerxtagj , idi ]). Retrieve document idi if all vj are active bits. 13 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Conjunctive Search Process w1 ∧ w2 ∧ · · · ∧ wt (II) Single-round communication Different than standard SSE schemes where Server determines final result set. But secure and suitable for constrained settings. More than one-round communication Allowing the Server to determine final result comes at the cost of more info leakage and communication rounds with the Client. 14 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Security Analysis I Our solution does not reveal: direct intersections between x-terms. intersection between an s-term and any subset of the x-terms within same query. But reveals only intersection between the s-terms. Avoid s-terms Intersection? During setup the client permutes the document identifiers for each keyword using a pseudorandom permutation with a unique secret key specifically generated for each keyword. Unavoidable Access Pattern Leakage During retrieval process the index server will be able to know the intersection between s-terms unless access pattern is hidden or the index server and retrieval server have no communication. 15 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Security Analysis II Our scheme leaks: Number of documents n. Number of unique keywords m. Size of the s-term w1. Search pattern. Intersection between s-terms. and has no other leakage beyond what can be deduced from the specified leakage. Security level At least the same level of security achieved by Cash et al’s interactive BXT protocol. 16 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Performance Compared to Cash et al Protocols Protocol Communication Size No of Rounds Computations Search Ours (t − 1) · s 1 n xor, n/b hash O(n) I. BXT (t − 1) · s · |f | (t − 1) · s s Decryptions s OXT (t − 1) · s · |G| 1 (t − 1) · s Exp. s Table 4: s ≡ number of document identifiers corresponding to the s-term. t ≡ number of terms. b ≡ output size of hash func used during key gen. |f | ≡ the output size of f (xtrapi , ind) in bits. |G| ≡ the size of the group elements in bits where the group G satisfies the decision Diffie-Hellman (DDH) assumption). 17 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Storage Compared to Cash et al Protocols (Census) n 100,000 150,000 200,000 250,000 299,285 N 3,792,048 5,686,907 7,582,582 9,478,817 11,347,304 HTstag/HTxtag 0.16 0.19 0.20 0.21 0.22 Bitmaps 36 62 90 119 149 Est. TSet (BXT) 122 183 244 305 365 Table 5: Storage results in MB for the Census data set, for subsets from 100,000 to 299,285 rows and 41 columns, and the estimated storage of the TSet. Note that n denotes the number of documents while N denotes the size (total number of keyword occurrences) of the Census dataset. Remark Minimal size of each TSet entry under the BXT protocol is 257 bits and more than that for OXT. 18 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Storage Compared to Cash et al Protocols (Enron) n 100,000 200,000 300,000 400,000 N 14,352,245 26,509,765 43,529,924 57,516,347 HTstag/HTxtag 7 10 17 25 Bitmaps 1582 4414 11446 22124 Est. TSet (BXT) 461 851 1398 1848 Table 6: Storage results in MB for the Enron data set, for subsets from 100,000 to 400,000 documents, and the estimated storage of the TSet. 19 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Single Vs Conjunctive 100 150 200 250 300 0 50 100 150 Number of documents, x1000 Time(ms) w1 w1 ∧ w2 Figure 4: Single Keyword vs Conjunctive Keyword (Census) 20 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Conjunctive Search depends on the s-term 10 100 1000 10000 100000 0 50 100 150 Frequency of keyword Time(ms) L ∧ V V ∧ H V Figure 5: End-to-end execution time for the Census data set, 299,285 documents. H denotes a term with high frequency, L denotes a term with low frequency and V denotes the term that varies in frequency. 21 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Number of x-terms does not affect search time 2 3 4 5 0 50 100 150 Number of x-terms Time(ms) Figure 6: End-to-end execution time for the non-interactive conjunctive search on the complete Census data set with a growing number of x-terms. The s-term has low frequency and the frequency of the x-terms varies between 4,177 and 100,955. 22 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Conclusion Proposed a secure multi-keyword SSE scheme. Practical in limited communication and computation settings. Suitable for very dense datasets. Encrypted Bitmap is also efficient in processing Boolean queries similar to plaintext Bitmap index. Combining an inverted index with a Bitmap index in one length-hiding index would yield better time-storage trade-off. 23 / 24
Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Thank you for your attention 24 / 24

Recommended

Template Protection with Homomorphic Encryption
Template Protection with Homomorphic EncryptionTemplate Protection with Homomorphic Encryption
Template Protection with Homomorphic Encryption
Tolun Tosun
 
Homomorphic encryption and Private Machine Learning Classification
Homomorphic encryption and Private Machine Learning ClassificationHomomorphic encryption and Private Machine Learning Classification
Homomorphic encryption and Private Machine Learning Classification
Mohammed Ashour
 
Introduction - Lattice-based Cryptography
Introduction - Lattice-based CryptographyIntroduction - Lattice-based Cryptography
Introduction - Lattice-based Cryptography
Alexandre Augusto Giron
 
Lattice Based Cryptography - GGH Cryptosystem
Lattice Based Cryptography - GGH CryptosystemLattice Based Cryptography - GGH Cryptosystem
Lattice Based Cryptography - GGH CryptosystemVarun Janga
 
Lattice Cryptography
Lattice CryptographyLattice Cryptography
Lattice Cryptography
Priyanka Aash
 
An Image Encryption using Chaotic Based Cryptosystem
An Image Encryption using Chaotic Based CryptosystemAn Image Encryption using Chaotic Based Cryptosystem
An Image Encryption using Chaotic Based Cryptosystem
xlyle
 
SHA-3, Keccak & Sponge function
SHA-3, Keccak & Sponge functionSHA-3, Keccak & Sponge function
SHA-3, Keccak & Sponge function
Gennaro Caccavale
 
Keccak
KeccakKeccak
Keccak
Rajeev Verma
 

Recommended

Template Protection with Homomorphic Encryption
Template Protection with Homomorphic EncryptionTemplate Protection with Homomorphic Encryption
Template Protection with Homomorphic Encryption
Tolun Tosun
 
Homomorphic encryption and Private Machine Learning Classification
Homomorphic encryption and Private Machine Learning ClassificationHomomorphic encryption and Private Machine Learning Classification
Homomorphic encryption and Private Machine Learning Classification
Mohammed Ashour
 
Introduction - Lattice-based Cryptography
Introduction - Lattice-based CryptographyIntroduction - Lattice-based Cryptography
Introduction - Lattice-based Cryptography
Alexandre Augusto Giron
 
Lattice Based Cryptography - GGH Cryptosystem
Lattice Based Cryptography - GGH CryptosystemLattice Based Cryptography - GGH Cryptosystem
Lattice Based Cryptography - GGH CryptosystemVarun Janga
 
Lattice Cryptography
Lattice CryptographyLattice Cryptography
Lattice Cryptography
Priyanka Aash
 
An Image Encryption using Chaotic Based Cryptosystem
An Image Encryption using Chaotic Based CryptosystemAn Image Encryption using Chaotic Based Cryptosystem
An Image Encryption using Chaotic Based Cryptosystem
xlyle
 
SHA-3, Keccak & Sponge function
SHA-3, Keccak & Sponge functionSHA-3, Keccak & Sponge function
SHA-3, Keccak & Sponge function
Gennaro Caccavale
 
Keccak
KeccakKeccak
Keccak
Rajeev Verma
 
Sha3
Sha3Sha3
Sha3Jyun-Yao Huang
 
A survey on Fully Homomorphic Encryption
A survey on Fully Homomorphic EncryptionA survey on Fully Homomorphic Encryption
A survey on Fully Homomorphic Encryption
iosrjce
 
Homomorphic Encryption
Homomorphic EncryptionHomomorphic Encryption
Homomorphic Encryption
Vipin Tejwani
 
Processing Reachability Queries with Realistic Constraints on Massive Network...
Processing Reachability Queries with Realistic Constraints on Massive Network...Processing Reachability Queries with Realistic Constraints on Massive Network...
Processing Reachability Queries with Realistic Constraints on Massive Network...
BigMine
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
Harry Potter
 
Hash function
Hash functionHash function
Hash function
Harry Potter
 
Narrow bicliquesppt
Narrow bicliquespptNarrow bicliquesppt
Narrow bicliquespptRifad Mohamed
 
A Short Review of the NTRU Cryptosystem
A Short Review of the NTRU CryptosystemA Short Review of the NTRU Cryptosystem
A Short Review of the NTRU Cryptosystem
OnBoard Security, Inc. - a Qualcomm Company
 
Lattice-based Signatures
Lattice-based SignaturesLattice-based Signatures
Lattice-based Signatures
OnBoard Security, Inc. - a Qualcomm Company
 
Narrow bicliques cryptanalysisoffullidea
Narrow bicliques cryptanalysisoffullideaNarrow bicliques cryptanalysisoffullidea
Narrow bicliques cryptanalysisoffullideaRifad Mohamed
 
Aes cryptography algorithm based on intelligent blum blum-shub prn gs publica...
Aes cryptography algorithm based on intelligent blum blum-shub prn gs publica...Aes cryptography algorithm based on intelligent blum blum-shub prn gs publica...
Aes cryptography algorithm based on intelligent blum blum-shub prn gs publica...
zaidinvisible
 
A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...
A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...
A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...
Patel Dasharathbhai
 
01204427-Hash_Crypto (1).ppt
01204427-Hash_Crypto (1).ppt01204427-Hash_Crypto (1).ppt
01204427-Hash_Crypto (1).ppt
GnanalakshmiV
 
Tribeflow on bitcoin data
Tribeflow on bitcoin dataTribeflow on bitcoin data
Tribeflow on bitcoin data
Abdullah Khan Zehady
 
Distributed key generation protocol with hierarchical threshold access structure
Distributed key generation protocol with hierarchical threshold access structureDistributed key generation protocol with hierarchical threshold access structure
Distributed key generation protocol with hierarchical threshold access structure
National Chengchi University
 
Post quantum cryptography - thesis
Post quantum cryptography - thesisPost quantum cryptography - thesis
Post quantum cryptography - thesis
Samy Shehata
 
Simple regenerating codes: Network Coding for Cloud Storage
Simple regenerating codes: Network Coding for Cloud StorageSimple regenerating codes: Network Coding for Cloud Storage
Simple regenerating codes: Network Coding for Cloud StorageKevin Tong
 
Partial Homomorphic Encryption
Partial Homomorphic EncryptionPartial Homomorphic Encryption
Partial Homomorphic Encryption
securityxploded
 
REU Group 2 - Paper
REU Group 2 - PaperREU Group 2 - Paper
REU Group 2 - PaperScott Payne
 
Perplexity of Index Models over Evolving Linked Data
Perplexity of Index Models over Evolving Linked Data Perplexity of Index Models over Evolving Linked Data
Perplexity of Index Models over Evolving Linked Data
Thomas Gottron
 
Secure Image Transmission for Cloud Storage System Using Hybrid Scheme
Secure Image Transmission for Cloud Storage System Using Hybrid SchemeSecure Image Transmission for Cloud Storage System Using Hybrid Scheme
Secure Image Transmission for Cloud Storage System Using Hybrid Scheme
IJERD Editor
 
Investigative Compression Of Lossy Images By Enactment Of Lattice Vector Quan...
Investigative Compression Of Lossy Images By Enactment Of Lattice Vector Quan...Investigative Compression Of Lossy Images By Enactment Of Lattice Vector Quan...
Investigative Compression Of Lossy Images By Enactment Of Lattice Vector Quan...
IJERA Editor
 

More Related Content

What's hot

A survey on Fully Homomorphic Encryption
A survey on Fully Homomorphic EncryptionA survey on Fully Homomorphic Encryption
A survey on Fully Homomorphic Encryption
iosrjce
 
Homomorphic Encryption
Homomorphic EncryptionHomomorphic Encryption
Homomorphic Encryption
Vipin Tejwani
 
Processing Reachability Queries with Realistic Constraints on Massive Network...
Processing Reachability Queries with Realistic Constraints on Massive Network...Processing Reachability Queries with Realistic Constraints on Massive Network...
Processing Reachability Queries with Realistic Constraints on Massive Network...
BigMine
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
Harry Potter
 
Hash function
Hash functionHash function
Hash function
Harry Potter
 
A Short Review of the NTRU Cryptosystem
A Short Review of the NTRU CryptosystemA Short Review of the NTRU Cryptosystem
A Short Review of the NTRU Cryptosystem
OnBoard Security, Inc. - a Qualcomm Company
 
Lattice-based Signatures
Lattice-based SignaturesLattice-based Signatures
Lattice-based Signatures
OnBoard Security, Inc. - a Qualcomm Company
 
Narrow bicliques cryptanalysisoffullidea
Narrow bicliques cryptanalysisoffullideaNarrow bicliques cryptanalysisoffullidea
Narrow bicliques cryptanalysisoffullideaRifad Mohamed
 
Aes cryptography algorithm based on intelligent blum blum-shub prn gs publica...
Aes cryptography algorithm based on intelligent blum blum-shub prn gs publica...Aes cryptography algorithm based on intelligent blum blum-shub prn gs publica...
Aes cryptography algorithm based on intelligent blum blum-shub prn gs publica...
zaidinvisible
 
A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...
A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...
A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...
Patel Dasharathbhai
 
01204427-Hash_Crypto (1).ppt
01204427-Hash_Crypto (1).ppt01204427-Hash_Crypto (1).ppt
01204427-Hash_Crypto (1).ppt
GnanalakshmiV
 
Tribeflow on bitcoin data
Tribeflow on bitcoin dataTribeflow on bitcoin data
Tribeflow on bitcoin data
Abdullah Khan Zehady
 
Distributed key generation protocol with hierarchical threshold access structure
Distributed key generation protocol with hierarchical threshold access structureDistributed key generation protocol with hierarchical threshold access structure
Distributed key generation protocol with hierarchical threshold access structure
National Chengchi University
 
Post quantum cryptography - thesis
Post quantum cryptography - thesisPost quantum cryptography - thesis
Post quantum cryptography - thesis
Samy Shehata
 
Simple regenerating codes: Network Coding for Cloud Storage
Simple regenerating codes: Network Coding for Cloud StorageSimple regenerating codes: Network Coding for Cloud Storage
Simple regenerating codes: Network Coding for Cloud StorageKevin Tong
 
Partial Homomorphic Encryption
Partial Homomorphic EncryptionPartial Homomorphic Encryption
Partial Homomorphic Encryption
securityxploded
 
REU Group 2 - Paper
REU Group 2 - PaperREU Group 2 - Paper
REU Group 2 - PaperScott Payne
 
Perplexity of Index Models over Evolving Linked Data
Perplexity of Index Models over Evolving Linked Data Perplexity of Index Models over Evolving Linked Data
Perplexity of Index Models over Evolving Linked Data
Thomas Gottron
 

What's hot (20)

Sha3
Sha3Sha3
Sha3
 
A survey on Fully Homomorphic Encryption
A survey on Fully Homomorphic EncryptionA survey on Fully Homomorphic Encryption
A survey on Fully Homomorphic Encryption
 
Homomorphic Encryption
Homomorphic EncryptionHomomorphic Encryption
Homomorphic Encryption
 
Processing Reachability Queries with Realistic Constraints on Massive Network...
Processing Reachability Queries with Realistic Constraints on Massive Network...Processing Reachability Queries with Realistic Constraints on Massive Network...
Processing Reachability Queries with Realistic Constraints on Massive Network...
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
 
Hash function
Hash functionHash function
Hash function
 
Narrow bicliquesppt
Narrow bicliquespptNarrow bicliquesppt
Narrow bicliquesppt
 
A Short Review of the NTRU Cryptosystem
A Short Review of the NTRU CryptosystemA Short Review of the NTRU Cryptosystem
A Short Review of the NTRU Cryptosystem
 
Lattice-based Signatures
Lattice-based SignaturesLattice-based Signatures
Lattice-based Signatures
 
Narrow bicliques cryptanalysisoffullidea
Narrow bicliques cryptanalysisoffullideaNarrow bicliques cryptanalysisoffullidea
Narrow bicliques cryptanalysisoffullidea
 
Aes cryptography algorithm based on intelligent blum blum-shub prn gs publica...
Aes cryptography algorithm based on intelligent blum blum-shub prn gs publica...Aes cryptography algorithm based on intelligent blum blum-shub prn gs publica...
Aes cryptography algorithm based on intelligent blum blum-shub prn gs publica...
 
A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...
A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...
A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...
 
01204427-Hash_Crypto (1).ppt
01204427-Hash_Crypto (1).ppt01204427-Hash_Crypto (1).ppt
01204427-Hash_Crypto (1).ppt
 
Tribeflow on bitcoin data
Tribeflow on bitcoin dataTribeflow on bitcoin data
Tribeflow on bitcoin data
 
Distributed key generation protocol with hierarchical threshold access structure
Distributed key generation protocol with hierarchical threshold access structureDistributed key generation protocol with hierarchical threshold access structure
Distributed key generation protocol with hierarchical threshold access structure
 
Post quantum cryptography - thesis
Post quantum cryptography - thesisPost quantum cryptography - thesis
Post quantum cryptography - thesis
 
Simple regenerating codes: Network Coding for Cloud Storage
Simple regenerating codes: Network Coding for Cloud StorageSimple regenerating codes: Network Coding for Cloud Storage
Simple regenerating codes: Network Coding for Cloud Storage
 
Partial Homomorphic Encryption
Partial Homomorphic EncryptionPartial Homomorphic Encryption
Partial Homomorphic Encryption
 
REU Group 2 - Paper
REU Group 2 - PaperREU Group 2 - Paper
REU Group 2 - Paper
 
Perplexity of Index Models over Evolving Linked Data
Perplexity of Index Models over Evolving Linked Data Perplexity of Index Models over Evolving Linked Data
Perplexity of Index Models over Evolving Linked Data
 

Similar to Executing Boolean Queries on an Encrypted Bitmap Index

Secure Image Transmission for Cloud Storage System Using Hybrid Scheme
Secure Image Transmission for Cloud Storage System Using Hybrid SchemeSecure Image Transmission for Cloud Storage System Using Hybrid Scheme
Secure Image Transmission for Cloud Storage System Using Hybrid Scheme
IJERD Editor
 
Investigative Compression Of Lossy Images By Enactment Of Lattice Vector Quan...
Investigative Compression Of Lossy Images By Enactment Of Lattice Vector Quan...Investigative Compression Of Lossy Images By Enactment Of Lattice Vector Quan...
Investigative Compression Of Lossy Images By Enactment Of Lattice Vector Quan...
IJERA Editor
 
Multiple Dimensional Fault Tolerant Schemes for Crypto Stream Ciphers
Multiple Dimensional Fault Tolerant Schemes for Crypto Stream CiphersMultiple Dimensional Fault Tolerant Schemes for Crypto Stream Ciphers
Multiple Dimensional Fault Tolerant Schemes for Crypto Stream Ciphers
IJNSA Journal
 
Multiple Dimensional Fault Tolerant Schemes for Crypto Stream Ciphers
Multiple Dimensional Fault Tolerant Schemes for Crypto Stream CiphersMultiple Dimensional Fault Tolerant Schemes for Crypto Stream Ciphers
Multiple Dimensional Fault Tolerant Schemes for Crypto Stream Ciphers
IJNSA Journal
 
A smart front end real-time detection and tracking
A smart front end real-time detection and trackingA smart front end real-time detection and tracking
A smart front end real-time detection and tracking
Lihguong Jang
 
Analysis of Cryptographic Algorithms
Analysis of Cryptographic AlgorithmsAnalysis of Cryptographic Algorithms
Analysis of Cryptographic Algorithms
ijsrd.com
 
Watermarking of JPEG2000 Compressed Images with Improved Encryption
Watermarking of JPEG2000 Compressed Images with Improved EncryptionWatermarking of JPEG2000 Compressed Images with Improved Encryption
Watermarking of JPEG2000 Compressed Images with Improved Encryption
Editor IJCATR
 
Performance Evaluation & Design Methodologies for Automated 32 Bit CRC Checki...
Performance Evaluation & Design Methodologies for Automated 32 Bit CRC Checki...Performance Evaluation & Design Methodologies for Automated 32 Bit CRC Checki...
Performance Evaluation & Design Methodologies for Automated 32 Bit CRC Checki...
VIT-AP University
 
11.secure compressed image transmission using self organizing feature maps
11.secure compressed image transmission using self organizing feature maps11.secure compressed image transmission using self organizing feature maps
11.secure compressed image transmission using self organizing feature mapsAlexander Decker
 
Design and Simulation Triple-DES
Design and Simulation Triple-DESDesign and Simulation Triple-DES
Design and Simulation Triple-DESchatsiri
 
A new dynamic speech encryption algorithm based on Lorenz chaotic map over in...
A new dynamic speech encryption algorithm based on Lorenz chaotic map over in...A new dynamic speech encryption algorithm based on Lorenz chaotic map over in...
A new dynamic speech encryption algorithm based on Lorenz chaotic map over in...
IJECEIAES
 
Js2517181724
Js2517181724Js2517181724
Js2517181724
IJERA Editor
 
LDPC Encoding
LDPC EncodingLDPC Encoding
LDPC Encoding
Bhagwat Singh Rathore
 
Georgy Nosenko - An introduction to the use SMT solvers for software security
Georgy Nosenko - An introduction to the use SMT solvers for software securityGeorgy Nosenko - An introduction to the use SMT solvers for software security
Georgy Nosenko - An introduction to the use SMT solvers for software securityDefconRussia
 
Hardware Implementations of RS Decoding Algorithm for Multi-Gb/s Communicatio...
Hardware Implementations of RS Decoding Algorithm for Multi-Gb/s Communicatio...Hardware Implementations of RS Decoding Algorithm for Multi-Gb/s Communicatio...
Hardware Implementations of RS Decoding Algorithm for Multi-Gb/s Communicatio...
RSIS International
 
Lossless Data Compression Using Rice Algorithm Based On Curve Fitting Technique
Lossless Data Compression Using Rice Algorithm Based On Curve Fitting TechniqueLossless Data Compression Using Rice Algorithm Based On Curve Fitting Technique
Lossless Data Compression Using Rice Algorithm Based On Curve Fitting Technique
IRJET Journal
 
The wise doc_trans presentation
The wise doc_trans presentationThe wise doc_trans presentation
The wise doc_trans presentation
Raouf KESKES
 
Hardware implementation of aes encryption and decryption for low area & power...
Hardware implementation of aes encryption and decryption for low area & power...Hardware implementation of aes encryption and decryption for low area & power...
Hardware implementation of aes encryption and decryption for low area & power...
eSAT Publishing House
 
Elliptic Curve based Authenticated Session Key Establishment Protocol for Hig...
Elliptic Curve based Authenticated Session Key Establishment Protocol for Hig...Elliptic Curve based Authenticated Session Key Establishment Protocol for Hig...
Elliptic Curve based Authenticated Session Key Establishment Protocol for Hig...
IJNSA Journal
 

Similar to Executing Boolean Queries on an Encrypted Bitmap Index (20)

Secure Image Transmission for Cloud Storage System Using Hybrid Scheme
Secure Image Transmission for Cloud Storage System Using Hybrid SchemeSecure Image Transmission for Cloud Storage System Using Hybrid Scheme
Secure Image Transmission for Cloud Storage System Using Hybrid Scheme
 
Investigative Compression Of Lossy Images By Enactment Of Lattice Vector Quan...
Investigative Compression Of Lossy Images By Enactment Of Lattice Vector Quan...Investigative Compression Of Lossy Images By Enactment Of Lattice Vector Quan...
Investigative Compression Of Lossy Images By Enactment Of Lattice Vector Quan...
 
Multiple Dimensional Fault Tolerant Schemes for Crypto Stream Ciphers
Multiple Dimensional Fault Tolerant Schemes for Crypto Stream CiphersMultiple Dimensional Fault Tolerant Schemes for Crypto Stream Ciphers
Multiple Dimensional Fault Tolerant Schemes for Crypto Stream Ciphers
 
Multiple Dimensional Fault Tolerant Schemes for Crypto Stream Ciphers
Multiple Dimensional Fault Tolerant Schemes for Crypto Stream CiphersMultiple Dimensional Fault Tolerant Schemes for Crypto Stream Ciphers
Multiple Dimensional Fault Tolerant Schemes for Crypto Stream Ciphers
 
A smart front end real-time detection and tracking
A smart front end real-time detection and trackingA smart front end real-time detection and tracking
A smart front end real-time detection and tracking
 
Analysis of Cryptographic Algorithms
Analysis of Cryptographic AlgorithmsAnalysis of Cryptographic Algorithms
Analysis of Cryptographic Algorithms
 
Watermarking of JPEG2000 Compressed Images with Improved Encryption
Watermarking of JPEG2000 Compressed Images with Improved EncryptionWatermarking of JPEG2000 Compressed Images with Improved Encryption
Watermarking of JPEG2000 Compressed Images with Improved Encryption
 
Performance Evaluation & Design Methodologies for Automated 32 Bit CRC Checki...
Performance Evaluation & Design Methodologies for Automated 32 Bit CRC Checki...Performance Evaluation & Design Methodologies for Automated 32 Bit CRC Checki...
Performance Evaluation & Design Methodologies for Automated 32 Bit CRC Checki...
 
11.secure compressed image transmission using self organizing feature maps
11.secure compressed image transmission using self organizing feature maps11.secure compressed image transmission using self organizing feature maps
11.secure compressed image transmission using self organizing feature maps
 
Design and Simulation Triple-DES
Design and Simulation Triple-DESDesign and Simulation Triple-DES
Design and Simulation Triple-DES
 
A new dynamic speech encryption algorithm based on Lorenz chaotic map over in...
A new dynamic speech encryption algorithm based on Lorenz chaotic map over in...A new dynamic speech encryption algorithm based on Lorenz chaotic map over in...
A new dynamic speech encryption algorithm based on Lorenz chaotic map over in...
 
Js2517181724
Js2517181724Js2517181724
Js2517181724
 
Js2517181724
Js2517181724Js2517181724
Js2517181724
 
LDPC Encoding
LDPC EncodingLDPC Encoding
LDPC Encoding
 
Georgy Nosenko - An introduction to the use SMT solvers for software security
Georgy Nosenko - An introduction to the use SMT solvers for software securityGeorgy Nosenko - An introduction to the use SMT solvers for software security
Georgy Nosenko - An introduction to the use SMT solvers for software security
 
Hardware Implementations of RS Decoding Algorithm for Multi-Gb/s Communicatio...
Hardware Implementations of RS Decoding Algorithm for Multi-Gb/s Communicatio...Hardware Implementations of RS Decoding Algorithm for Multi-Gb/s Communicatio...
Hardware Implementations of RS Decoding Algorithm for Multi-Gb/s Communicatio...
 
Lossless Data Compression Using Rice Algorithm Based On Curve Fitting Technique
Lossless Data Compression Using Rice Algorithm Based On Curve Fitting TechniqueLossless Data Compression Using Rice Algorithm Based On Curve Fitting Technique
Lossless Data Compression Using Rice Algorithm Based On Curve Fitting Technique
 
The wise doc_trans presentation
The wise doc_trans presentationThe wise doc_trans presentation
The wise doc_trans presentation
 
Hardware implementation of aes encryption and decryption for low area & power...
Hardware implementation of aes encryption and decryption for low area & power...Hardware implementation of aes encryption and decryption for low area & power...
Hardware implementation of aes encryption and decryption for low area & power...
 
Elliptic Curve based Authenticated Session Key Establishment Protocol for Hig...
Elliptic Curve based Authenticated Session Key Establishment Protocol for Hig...Elliptic Curve based Authenticated Session Key Establishment Protocol for Hig...
Elliptic Curve based Authenticated Session Key Establishment Protocol for Hig...
 

Recently uploaded

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
Bhaskar Mitra
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
CatarinaPereira64715
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
Fwdays
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 

Recently uploaded (20)

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 

Executing Boolean Queries on an Encrypted Bitmap Index

  • 1. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Executing Boolean Queries on an Encrypted Bitmap Index Mohamed Ahmed Abdelraheem1, Christian Gehrmann1, Malin Lindstr¨om2 and Christian Nordahl2 1SICS Swedish ICT AB 2Blekinge Institute of Technology CCSW 2016, Vienna 28 Oct 2016 1 / 24
  • 2. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Data Breaches Everywhere Figure 1: World’s Biggest Data Breaches 2 / 24
  • 3. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Snowden Disclosures Figure 2: Snowden Disclosures 3 / 24
  • 4. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Protect our privacy and still enjoy public cloud services? Figure 3: Ed Snowden’s ACLU SXSW Talk, March 2014 4 / 24
  • 5. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Encrypted Search Fully Homomorphic Encryption (FHE). Secure Multiparty Computation (MPC). Oblivious RAM (ORAM). Searchable Symmetric Encryption (SSE). Deterministic Encryption (DET). Order Preserving Encryption (OPE). 5 / 24
  • 6. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Symmetric Searchable Encryption Schemes I Threat Model SSE schemes achieve (non)-adaptive security against an honest-but-curious adversary. Efficieny comes at the price of leakage Access Pattern: size of the search result. Search Pattern: whether two searches are similar. Remark Still better than DET and OPE schemes allowing leakage before any queries which makes offline inference attacks possible. 6 / 24
  • 7. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Symmetric Searchable Encryption Schemes II Song et al. [2000] proposed the first practical SSE scheme. Curtumola et al. [2006] and many other SSE schemes achieve optimal search time (sublinear) using the inverted index. Liesdonk et al. [2009] proposed the first dynamic SSE scheme using a Bitmap index. Cash et al. [2013] proposed the first sublinear scheme supporting Boolean queries w1 ∧ f (w2, · · · , wt). Remark Our work is inspired by Cash et al BXT and OXT protocols. 7 / 24
  • 8. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Our Contribution First multi-keyword SSE scheme on an encrypted Bitmap Index: Trade-off between: communication, performance, security. Single-round communication. Reasonable security targeting constrained environments. Linear search but embarrassingly parallel. Suitable for very large and dense datasets. Remark Final query result is decided at the Client. This makes our work different than standard SSE schemes but yields efficiency and security benefits. 8 / 24
  • 9. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Cash et al interactive-BXT and OXT Protocols Evaluate queries of the form w1 ∧ f (w2, ..., wt): w1 (s-term) has low freq, other wi (x-terms) has larger freq. Use an auxiliary set (XSet) beyond its main index (TSet). Security Leakage: Number of documents and number of keyword-docID pairs, N. No intersection between s-terms (OXT). Intersections between s-terms and nothing between x-terms (interactive-BXT). Cost: Sublinear search time (optimal). Communication and computation are high. Storage is on the order of keyword-doc ID pairs (optimal but not for BXT and OXT when used with dense datasets). 9 / 24
  • 10. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Single Keyword on Encrypted Bitmap Plaintext Bitmap Index Each keyword wj is associated with a bit string holding an active bit at index i iff the ith document or record contains wj . Encrypted Bitmap Index (single keyword) Each keyword wj is encrypted using DET encryption and its associated Bitmap is one-time pad encrypted (Liesdonk et al). w1 ∧ w2 on the above Encrypted Bitmap Index Leaks the result set of w1 and the result set of w2. Our Goal Evaluate queries of the form w1 ∧ f (w2, ..., wt) using an encrypted Bitmap Index with no leakage beyond the actual result set. 10 / 24
  • 11. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion BXT-Bitmap Encypted Database Setup Assume n documents and m keywords. Each keyword wj has Kj = PRF1(KI , wj ). pointer pj to its corresponding encrypted Bitmap Be created using a large key derived from Kj . two secret tags (stag, xtag) whose hash value is stored in two hash tables HTstag and HTxtag. stag = PRF2(KS , wj ) = (KS1, KS2) xtag = PRF2(KX , wj ) = (KX1, KX2) Hash table’s elements (lj , dj ) HTstag : lj = hash(KS1) and dj = enc(KS2, pj ||Kj ). HTxtag : lπ(j) = hash(KX1) and dπ(j) = enc(KX2, pj ). size of each is O(m). 11 / 24
  • 12. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Encrypted database label Value hash(KS1) E(KS2, p1||K1) hash(KS2) E(KS2, p2||K2) · · · · · · hash(KSi ) E(KS2, pi ||Ki ) · · · · · · hash(KSm) E(KS2, pm||Km) Table 1: s-term hash table. label Value · · · · · · · · · · · · · · · · · · hash(KX1) E(KX2, p1) · · · · · · · · · · · · Table 2: x-term hash table, π(1) = i. id 1 2 · · · · · · · · · · · · · · · · · · n p1 0 1 · · · · · · · · · · · · · · · · · · 1 p2 1 0 · · · · · · · · · · · · · · · · · · 1 ... ... ... · · · · · · · · · · · · · · · · · · ... pm 1 1 · · · · · · · · · · · · · · · · · · 0 Table 3: Encrypted Bitmap Index (B ) 12 / 24
  • 13. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Conjunctive Search Process w1 ∧ w2 ∧ · · · ∧ wt (I) Client (w1 ∧ · · · ∧ wt, KS , KX ): stag → PRF2(KS , w1) = (KS1, KS2). xtagj → PRF2(KX , wj ) = (KXj1 , KXj2 ), j ≥ 2. Send stag and all xtagj to Server. Server (Be, HStag, HXtag, stag, xtagj ): Use stag and HStag to retrieve result set RS of w1 from Be. Use xtagi and HXtag to find pointerxtagj to access Be. For each idi ∈ RS: send the bit Be[pointerxtagj , idi ] to Client. Client (Be[pointerxtagj , idi ], idi ∈ RS): For each (idi , xtagj ), find vj = Dec(Be[pointerxtagj , idi ]). Retrieve document idi if all vj are active bits. 13 / 24
  • 14. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Conjunctive Search Process w1 ∧ w2 ∧ · · · ∧ wt (II) Single-round communication Different than standard SSE schemes where Server determines final result set. But secure and suitable for constrained settings. More than one-round communication Allowing the Server to determine final result comes at the cost of more info leakage and communication rounds with the Client. 14 / 24
  • 15. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Security Analysis I Our solution does not reveal: direct intersections between x-terms. intersection between an s-term and any subset of the x-terms within same query. But reveals only intersection between the s-terms. Avoid s-terms Intersection? During setup the client permutes the document identifiers for each keyword using a pseudorandom permutation with a unique secret key specifically generated for each keyword. Unavoidable Access Pattern Leakage During retrieval process the index server will be able to know the intersection between s-terms unless access pattern is hidden or the index server and retrieval server have no communication. 15 / 24
  • 16. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Security Analysis II Our scheme leaks: Number of documents n. Number of unique keywords m. Size of the s-term w1. Search pattern. Intersection between s-terms. and has no other leakage beyond what can be deduced from the specified leakage. Security level At least the same level of security achieved by Cash et al’s interactive BXT protocol. 16 / 24
  • 17. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Performance Compared to Cash et al Protocols Protocol Communication Size No of Rounds Computations Search Ours (t − 1) · s 1 n xor, n/b hash O(n) I. BXT (t − 1) · s · |f | (t − 1) · s s Decryptions s OXT (t − 1) · s · |G| 1 (t − 1) · s Exp. s Table 4: s ≡ number of document identifiers corresponding to the s-term. t ≡ number of terms. b ≡ output size of hash func used during key gen. |f | ≡ the output size of f (xtrapi , ind) in bits. |G| ≡ the size of the group elements in bits where the group G satisfies the decision Diffie-Hellman (DDH) assumption). 17 / 24
  • 18. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Storage Compared to Cash et al Protocols (Census) n 100,000 150,000 200,000 250,000 299,285 N 3,792,048 5,686,907 7,582,582 9,478,817 11,347,304 HTstag/HTxtag 0.16 0.19 0.20 0.21 0.22 Bitmaps 36 62 90 119 149 Est. TSet (BXT) 122 183 244 305 365 Table 5: Storage results in MB for the Census data set, for subsets from 100,000 to 299,285 rows and 41 columns, and the estimated storage of the TSet. Note that n denotes the number of documents while N denotes the size (total number of keyword occurrences) of the Census dataset. Remark Minimal size of each TSet entry under the BXT protocol is 257 bits and more than that for OXT. 18 / 24
  • 19. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Storage Compared to Cash et al Protocols (Enron) n 100,000 200,000 300,000 400,000 N 14,352,245 26,509,765 43,529,924 57,516,347 HTstag/HTxtag 7 10 17 25 Bitmaps 1582 4414 11446 22124 Est. TSet (BXT) 461 851 1398 1848 Table 6: Storage results in MB for the Enron data set, for subsets from 100,000 to 400,000 documents, and the estimated storage of the TSet. 19 / 24
  • 20. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Single Vs Conjunctive 100 150 200 250 300 0 50 100 150 Number of documents, x1000 Time(ms) w1 w1 ∧ w2 Figure 4: Single Keyword vs Conjunctive Keyword (Census) 20 / 24
  • 21. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Conjunctive Search depends on the s-term 10 100 1000 10000 100000 0 50 100 150 Frequency of keyword Time(ms) L ∧ V V ∧ H V Figure 5: End-to-end execution time for the Census data set, 299,285 documents. H denotes a term with high frequency, L denotes a term with low frequency and V denotes the term that varies in frequency. 21 / 24
  • 22. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Number of x-terms does not affect search time 2 3 4 5 0 50 100 150 Number of x-terms Time(ms) Figure 6: End-to-end execution time for the non-interactive conjunctive search on the complete Census data set with a growing number of x-terms. The s-term has low frequency and the frequency of the x-terms varies between 4,177 and 100,955. 22 / 24
  • 23. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Conclusion Proposed a secure multi-keyword SSE scheme. Practical in limited communication and computation settings. Suitable for very dense datasets. Encrypted Bitmap is also efficient in processing Boolean queries similar to plaintext Bitmap index. Combining an inverted index with a Bitmap index in one length-hiding index would yield better time-storage trade-off. 23 / 24
  • 24. Introduction Our BXT-Bitmap Scheme Security, Performance and Storage Analysis Conclusion Thank you for your attention 24 / 24