Equivalence-based Security for Querying Encrypted Databases: Theory and Application to Privacy Policy Audits
Cryptography and Security
2015-08-12 v1
Abstract
Motivated by the problem of simultaneously preserving confidentiality and usability of data outsourced to third-party clouds, we present two different database encryption schemes that largely hide data but reveal enough information to support a wide-range of relational queries. We provide a security definition for database encryption that captures confidentiality based on a notion of equivalence of databases from the adversary's perspective. As a specific application, we adapt an existing algorithm for finding violations of privacy policies to run on logs encrypted under our schemes and observe low to moderate overheads.
Cite
@article{arxiv.1508.02448,
title = {Equivalence-based Security for Querying Encrypted Databases: Theory and Application to Privacy Policy Audits},
author = {Omar Chowdhury and Deepak Garg and Limin Jia and Anupam Datta},
journal= {arXiv preprint arXiv:1508.02448},
year = {2015}
}
Comments
CCS 2015 paper technical report, in progress