Potential Security Holes in Hacıgümüş’ Scheme of Executing SQL over Encrypted Data

نویسنده

  • Kenny C.K. Fong
چکیده

Hacıgümüş, Iyer, Li and Mehrotra proposed the first scheme of executing SQL over encrypted data in the database-service-provider model. However, they did not address the security strength of the scheme over different attack models. While Hacıgümüş’ scheme looks secure in a general setting, this paper attempts to explore any plausible attacks against this scheme in specific environments. We present five potential security holes in the scheme, and propose solutions to several of them.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

SESOS: A Verifiable Searchable Outsourcing Scheme for Ordered Structured Data in Cloud Computing

While cloud computing is growing at a remarkable speed, privacy issues are far from being solved. One way to diminish privacy concerns is to store data on the cloud in encrypted form. However, encryption often hinders useful computation cloud services. A theoretical approach is to employ the so-called fully homomorphic encryption, yet the overhead is so high that it is not considered a viable s...

متن کامل

Separating indexes from data: a distributed scheme for secure database outsourcing

Database outsourcing is an idea to eliminate the burden of database management from organizations. Since data is a critical asset of organizations, preserving its privacy from outside adversary and untrusted server should be warranted. In this paper, we present a distributed scheme based on storing shares of data on different servers and separating indexes from data on a distinct server. Shamir...

متن کامل

Executing SQL queries over encrypted character strings in the Database-As-Service model

Rapid advances in the networking technologies have prompted the emergence of the ‘‘software as service’’ model for enterprise computing, moreover, which is becoming one of the key industries quickly. ‘‘Database as service’’ model provides users power to store, modify and retrieve data from anywhere in the world, as long as they have access to the Internet, thus, being increasingly popular in cu...

متن کامل

Aggregation Queries in the Database-As-a-Service Model

In the Database-As-a-Service (DAS) model, clients store their database contents at servers belonging to potentially untrusted service providers. To maintain data confidentiality, clients need to outsource their data to servers in encrypted form. At the same time, clients must still be able to execute queries over encrypted data. One prominent and fairly effective technique for executing SQL-sty...

متن کامل

Numerical SQL Value Expressions Over Encrypted Cloud Databases

Cloud databases often need client-side encryption. Encryption however impairs queries, especially with numerical SQL value expressions. Fully homomorphic encryption scheme could suffice, but known schemes remain impractical. Partially homomorphic encryption suffices for specific expressions only. The additively homomorphic Paillier scheme appears the most practical. We propose the homomorphic e...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2003