HybrIDX : New Hybrid Index for Volume-hiding Range Queries in Data Outsourcing Services
Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review
Author(s)
Related Research Unit(s)
Detail(s)
Original language | English |
---|---|
Title of host publication | Proceedings - 2020 IEEE 40th International Conference on Distributed Computing Systems |
Subtitle of host publication | ICDCS 2020 |
Publisher | Institute of Electrical and Electronics Engineers, Inc. |
Pages | 23-33 |
ISBN (electronic) | 9781728170022 |
ISBN (print) | 9781728170039 |
Publication status | Published - Nov 2020 |
Publication series
Name | Proceedings - International Conference on Distributed Computing Systems |
---|---|
ISSN (Print) | 1063-6927 |
ISSN (electronic) | 2575-8411 |
Conference
Title | 40th IEEE International Conference on Distributed Computing Systems (ICDCS 2020) |
---|---|
Location | Virtual |
Place | Singapore |
Period | 29 November - 1 December 2020 |
Link(s)
Abstract
An encrypted index is a data structure that assisting untrusted servers to provide various query functionalities in the ciphertext domain. Although traditional index designs can prevent servers from directly obtaining plaintexts, the confidentiality of outsourced data could still be compromised by observing the volume of different queries. Recent volume attacks have demonstrated the importance of sealing volume-pattern leakage. To this end, several works are made to design secure indexes with the volume-hiding property. However, prior designs only work for encrypted keyword search. Due to the unpredictable range query results, it is difficult to protect the volume-pattern leakage while achieving efficient range queries.
In this paper, for the first time, we define and solve the challenging problem of volume-hiding range queries over encrypted data. Our proposed hybrid index framework, called HybrIDX, allows an untrusted server to efficiently search encrypted data based on order conditions without revealing the exact volume size. It resorts to the trusted hardware techniques to assist range query processing by moving the comparison algorithm to trusted SGX enclaves. To enable volume-hiding data retrieval, we propose to host encrypted results outside the enclave in an encrypted multi-maps manner. Apart from this novel hybrid index design, we further customize a bulk refresh mechanism to enable access-pattern obfuscation. We formally analyze the security strengths and complete the prototype implementation. Evaluation results demonstrate the feasibility and practicability of our designs.
In this paper, for the first time, we define and solve the challenging problem of volume-hiding range queries over encrypted data. Our proposed hybrid index framework, called HybrIDX, allows an untrusted server to efficiently search encrypted data based on order conditions without revealing the exact volume size. It resorts to the trusted hardware techniques to assist range query processing by moving the comparison algorithm to trusted SGX enclaves. To enable volume-hiding data retrieval, we propose to host encrypted results outside the enclave in an encrypted multi-maps manner. Apart from this novel hybrid index design, we further customize a bulk refresh mechanism to enable access-pattern obfuscation. We formally analyze the security strengths and complete the prototype implementation. Evaluation results demonstrate the feasibility and practicability of our designs.
Bibliographic Note
Full text of this publication does not contain sufficient affiliation information. With consent from the author(s) concerned, the Research Unit(s) information for this record is based on the existing academic department affiliation of the author(s).
Citation Format(s)
HybrIDX: New Hybrid Index for Volume-hiding Range Queries in Data Outsourcing Services. / Ren, Kui; Guo, Yu; Li, Jiaqi et al.
Proceedings - 2020 IEEE 40th International Conference on Distributed Computing Systems: ICDCS 2020. Institute of Electrical and Electronics Engineers, Inc., 2020. p. 23-33 9355767 (Proceedings - International Conference on Distributed Computing Systems).
Proceedings - 2020 IEEE 40th International Conference on Distributed Computing Systems: ICDCS 2020. Institute of Electrical and Electronics Engineers, Inc., 2020. p. 23-33 9355767 (Proceedings - International Conference on Distributed Computing Systems).
Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review