Various cryptographic techniques are used in outsourced database systems to ensure data privacy while allowing for efficient querying. This work proposes a definition and components of a new secure and efficient outsourced database system, which answers various types of queries, with different privacy guarantees in different security models. This work starts with the survey of five order-revealing encryption schemes that can be used directly in many database indices and five range query protocols with various security / efficiency tradeoffs. The survey systematizes the state-of-the-art range query solutions in a snapshot adversary setting and offers some non-obvious observations regarding the efficiency of the constructions. In $\mathcal{E}\text{psolute}$, a secure range query engine, security is achieved in a setting with a much stronger adversary where she can continuously observe everything on the server, and leaking even the result size can enable a reconstruction attack. $\mathcal{E}\text{psolute}$ proposes a definition, construction, analysis, and experimental evaluation of a system that provably hides both access pattern and communication volume while remaining efficient. The work concludes with $k\text{-a}n\text{o}n$ -- a secure similarity search engine in a snapshot adversary model. The work presents a construction in which the security of $k\text{NN}$ queries is achieved similarly to OPE / ORE solutions -- encrypting the input with an approximate Distance Comparison Preserving Encryption scheme so that the inputs, the points in a hyperspace, are perturbed, but the query algorithm still produces accurate results. We use TREC datasets and queries for the search, and track the rank quality metrics such as MRR and nDCG. For the attacks, we build an LSTM model that trains on the correlation between a sentence and its embedding and then predicts words from the embedding.
翻译:外包数据库系统使用各种加密技术,以确保数据隐私,同时允许高效查询。 这项工作提出了一个新的安全高效外包数据库系统的定义和组成部分, 该系统可以解答各种类型的询问, 在不同的安全模式中提供不同的隐私保障。 这项工作始于对五个直接用于许多数据库指数的重置加密计划的调查, 以及五个范围查询协议, 包括各种安全/ 效率取舍。 调查将最先进的范围查询解决方案系统系统系统系统系统系统系统系统系统系统系统化, 在一个瞬间对手设置中, 提供一些关于构建效率的非明显可见的观测。 在一个安全范围的查询引擎($mathcal{E_ text{ littlex{Splittle}$) 中, 在一个更强大的敌人环境中, 她可以持续观察服务器上的所有内容, 并泄露结果大小可以进行重建攻击。 $mathcal calal commalal expressionalation, 和 explicalalal deal dealations the Systems, the smal requirealalalal ress, the modeal and preal- sal- hal exprettlegreal demotional a surate_