Cryptology ePrint Archive: Report 2015/1190

Private Large-Scale Databases with Distributed Searchable Symmetric Encryption

Yuval Ishal and Eyal Kushilevitz and Steve Lu and Rafail Ostrovsky

Abstract: With the growing popularity of remote storage, the ability to outsource a large private database yet be able to search on this encrypted data is critical. Searchable symmetric encryption (SSE) is a practical method of encrypting data so that natural operations such as searching can be performed on this data. It can be viewed as an efficient private-key alternative to powerful tools such as fully homomorphic encryption, oblivious RAM, or secure multiparty computation. The main drawbacks of existing SSE schemes are the limited types of search available to them and their leakage. In this paper, we present a construction of a private outsourced database in the two-server model (e.g. two cloud services) which can be thought of as an SSE scheme on a B-tree that allows for a wide variety of search features such as range queries, substring queries, and more. Our solution can hide all leakage due to access patterns (``metadata'') between queries and features a tunable parameter that provides a smooth tradeoff between privacy and efficiency. This allows us to implement a solution that supports databases which are terabytes in size and contain millions of records with only a 5x slowdown compared to MySQL when the query result size is around 10% of the database, though the fixed costs dominate smaller queries resulting in over 100x relative slowdown (under 1 second actual).

In addition, our solution also provides a mechanism for allowing data owners to set filters that prevent prohibited queries from returning any results, without revealing the filtering terms. Finally, we also present the benchmarks of our prototype implementation. This is the full version of the extended abstract to appear at CT-RSA 2016.

Category / Keywords: secret-key cryptography / Searchable Symmetric Encryption, Secure Databases, Private Cloud Computing

Original Publication (with major differences): CT-RSA 2016

Date: received 13 Dec 2015

Contact author: stevelu8 at gmail com

Available format(s): PDF | BibTeX Citation

Note: This is the full version of the extended abstract to appear at CT-RSA 2016.

Version: 20151216:035740 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]