EncKV : An encrypted key-value store with rich queries

Research output: Chapters, Conference Papers, Creative and Literary Works (RGC: 12, 32, 41, 45)32_Refereed conference paper (with ISBN/ISSN)peer-review

30 Scopus Citations
View graph of relations

Author(s)

Detail(s)

Original languageEnglish
Title of host publicationASIA CCS 2017 - Proceedings of the 2017 ACM Asia Conference on Computer and Communications Security
PublisherACM New York
Pages423-435
ISBN (Print)978-1-4503-4944-4
Publication statusPublished - Apr 2017

Conference

Title2017 ACM Asia Conference on Computer and Communications Security, ASIA CCS 2017
PlaceUnited Arab Emirates
CityAbu Dhabi
Period2 - 6 April 2017

Abstract

Distributed data stores have been rapidly evolving to serve the needs of large-scale applications such as online gaming and real-time targeting. In particular, distributed key-value stores have been widely adopted due to their superior performance. However, these systems do not guarantee to provide strong protection of data confientiality, and as a result fall short of addressing serious privacy concerns raised from massive data breaches. In this paper, we introduce EncKV, an encrypted keyvalue store with secure rich query support. First, EncKV stores encrypted data records with multiple secondary attributes in the form of encrypted key-value pairs. Second, it leverages the latest practical primitives for searching over encrypted data, i.e., searchable symmetric encryption and order-revealing encryption, and provides encrypted indexes with guaranteed security to support exact-match and rangematch queries via secondary attributes of data records. Third, it carefully integrates these indexes into a distributed index framework to facilitate secure query processing in parallel. To mitigate recent inference attacks on encrypted database systems, EncKV protects the order information during range queries, and presents an interactive batch query mechanism to further hide the associations across data values on different attributes. We implement an EncKV prototype on a Redis cluster, and conduct an extensive set of performance evaluations on the Amazon EC2 public cloud platform. Our results show that EncKV effectively preserves the efficiency and scalability of plaintext distributed key-value stores.

Research Area(s)

  • Encrypted key-value store, Orderrevealing encryption, Searchable encryption

Citation Format(s)

EncKV : An encrypted key-value store with rich queries. / Yuan, Xingliang; Guo, Yu; Wang, Xinyu; Wang, Cong; Li, Baochun; Jia, Xiaohua.

ASIA CCS 2017 - Proceedings of the 2017 ACM Asia Conference on Computer and Communications Security. ACM New York, 2017. p. 423-435.

Research output: Chapters, Conference Papers, Creative and Literary Works (RGC: 12, 32, 41, 45)32_Refereed conference paper (with ISBN/ISSN)peer-review