Privacy-Preserving Query Processing by Multi-Party Computation

Privacy-preserving query processing (P 3Q) techniques are increasingly important on partitioned databases, where relational queries have to be executed on horizontal data partitions held by different data owners. To conduct queries on the entire data partitions, the data owners may jointly collaborate to one another for sharing their private data or delegate them to an external service provider. In the literature these two solutions are referred to multi-party computation (MPC) and data outsourcing (DO), respectively. On the other hand, when no data owner or external service provider can be trusted enough to know all the inputs, privacy becomes a primary concern. To this purpose, data owners are not willing to share plaintext data with other parties or outsource plaintext to the service provider as well. A traditional solution to ensure privacy protection consists in adopting encryption scheme in order to help preventing information leakage. Such traditional solutions however reduce query execution efficiency notably in MPC scenario with large size data. This introduces the need to develop efficient techniques for P 3Q, allowing data owners to respect data privacy when collaborating during the execution of queries. Recently, many techniques for P 3Q have been developed in the multiparty context, which are based on the application of secure multi-party computation (SMC) protocols. While these solutions have focused on increasing the privacy, efficiency has been only marginally addressed. For this reason, in this thesis we describe a scalable approach for computing privacy-preserving queries on the entire relation(s) without sharing their private partitions. Our solution is applicable to a subset of SQL query language called SQL−− including selection and equi-join queries. In order to nicely scale with large size data, we show how computation and communication costs can be reduced via a novel bucketization technique. We consider the classical notion of query privacy, where the queries only learns as little as possible (in a computational sense) about the query. To ensure such privacy, our technique involves a trusted third party (TTP) only at the beginning of the protocol execution. Experimental results on horizontally partitioned, distributed data show the effectiveness of our approach. We also consider the problem of encrypted data outsourcing (EDO) where the owners encrypt their sensitive data with their own keys and outsource their partitions to a cloud service provider. This case poses a significant challenge to a cloud service provider, since the queries should be computed over data encrypted with different keys that the cloud must not know (we refer to this setting as multi-key data outsourcing). This problem has been addressed for instance with expensive techniques like of key sharing or exhaustive re-encryption by the server. In this thesis we address this challenge by introducing a novel security solution, which applies proxy reencryption (PRE) scheme to bring data encrypted with different keys under the same key, making cloud service provider searching feasible (we refer to this setting as single-key data outsourcing). The adopted technique relies on proxy server to transform data encrypted with the public key of different owners, so that the query result on the entire partition(s) can be decrypted by the user. This is done without the need for single data owner to release its secret key, and more importantly the proxy server does not learn the content of data processed. Overall, the key research area of this thesis is to conduct SQL−− queries without disclosing any data owner’s private data by SMC and EDO paradigms to determine the advantages and drawbacks of each paradigm in terms of security and efficiency.