Survey on Key Techniques of Encrypted Computing in Fully Encrypted Databases
Author:
Affiliation:

  • Article
  • | |
  • Metrics
  • |
  • Reference [136]
  • |
  • Related
  • |
  • Cited by
  • | |
  • Comments
    Abstract:

    In recent years, with the popularity of cloud services, increasingly more enterprises and individuals have stored their data in cloud databases. However, enjoying the convenience of cloud services also brings about data security issues. One of the crucial problems is data confidentiality protection, which is to safeguard the sensitive data of users from being spied on or leaked. Fully encrypted databases have emerged to face this challenge. Compared with traditional databases, fully encrypted databases can encrypt data in the entire lifecycle of data transmission, storage, and computation, thereby ensuring data confidentiality. Currently, there are still many challenges in encrypting data while supporting all SQL functionalities and maintaining high performance. This study comprehensively investigates the key techniques of encrypted computing in fully encrypted databases, summarizes the techniques according to the types, and compares and sums up them based on functionality, security, and performance. Firstly, it introduces the architecture of fully encrypted databases, including crypto-based architecture, trusted execution environment (TEE)-based architecture, and hybrid architecture. Then, the key techniques of each architecture are summarized. Finally, the challenges and opportunities of current research are discussed, with some open problems provided for future research.

    Reference
    [1] Do Q, Martini B, Choo KKR. The role of the adversary model in applied security research. Computers & Security, 2019, 81: 156–181.
    [2] Antonopoulos P, Arasu A, Singh KD, Eguro K, Gupta N, Jain R, Kaushik R, Kodavalla H, Kossmann D, Ogg N, Ramamurthy R, Szymaszek J, Trimmer J, Vaswani K, Venkatesan R, Zwilling M. Azure SQL database always encrypted. In: Proc. of the 2020 ACM SIGMOD Int’l Conf. on Management of Data. Portland: ACM, 2020. 1511–1525. [doi: 10.1145/3318464.3386141]
    [3] Sun YY, Wang S, Li HR, Li FF. Building enclave-native storage engines for practical encrypted databases. Proc. of the VLDB Endowment, 2021, 14(6): 1019–1032. [doi: 10.14778/3447689.3447705]
    [4] Zhu JW, Cheng K, Liu JY, Guo L. Full encryption: An end to end encryption mechanism in GaussDB. Proc. of the VLDB Endowment, 2021, 14(12): 2811–2814.
    [5] Naveed M, Kamara S, Wright CV. Inference attacks on property-preserving encrypted databases. In: Proc. of the 22nd ACM SIGSAC Conf. on Computer and Communications Security. Denver: ACM, 2015. 644–655. [doi: 10.1145/2810103.2813651]
    [6] Grubbs P, Lacharite MS, Minaud B, Paterson KG. Pump up the volume: Practical database reconstruction from volume leakage on range queries. In: Proc. of the 2018 ACM SIGSAC Conf. on Computer and Communications Security. Toronto: ACM, 2018. 315–331. [doi: 10.1145/3243734.3243864]
    [7] Gui ZC, Johnson O, Warinschi B. Encrypted databases: New volume attacks against range queries. In: Proc. of the 2019 ACM SIGSAC Conf. on Computer and Communications Security. London: ACM, 2019. 361–378. [doi: 10.1145/3319535.3363210]
    [8] Grubbs P, Sekniqi K, Bindschaedler V, Naveed M, Ristenpart T. Leakage-abuse attacks against order-revealing encryption. In: Proc. of the 2017 IEEE Symp. on Security and Privacy (SP). San Jose: IEEE, 2017. 655–672. [doi: 10.1109/SP.2017.44]
    [9] Blackstone L, Kamara S, Moataz T. Revisiting leakage abuse attacks. In: Proc. of the 27th Annual Network and Distributed System Security Symp. San Diego: The Internet Society, 2020. 1–43.
    [10] Cash D, Grubbs P, Perry J, Ristenpart T. Leakage-abuse attacks against searchable encryption. In: Proc. of the 22nd ACM SIGSAC Conf. on Computer and Communications Security. Denver: ACM, 2015. 668–679. [doi: 10.1145/2810103.2813700]
    [11] Goldwasser S, Micali S. Probabilistic encryption & how to play mental poker keeping secret all partial information. In: Proc. of the 14th Annual ACM Symp. on Theory of Computing. San Francisco: ACM, 1982. 365–377. [doi: 10.1145/800070.802212]
    [12] Goldwasser S, Micali S. Probabilistic encryption. Journal of Computer and System Sciences, 1984, 28(2): 270–299.
    [13] MongoDB. Client-side field level encryption—MongoDB manual. 2023. https://www.mongodb.com/docs/rapid/core/csfle/
    [14] Song DX, Wagner D, Perrig A. Practical techniques for searches on encrypted data. In: Proc. of the 2000 IEEE Symp. on Security and Privacy. Berkeley: IEEE, 2000. 44–55. [doi: 10.1109/SECPRI.2000.848445]
    [15] Goh EJ. Secure indexes. Cryptology ePrint archive. Paper 2003/216, 2003. https://eprint.iacr.org/2003/216
    [16] Curtmola R, Garay J, Kamara S, Ostrovsky R. Searchable symmetric encryption: Improved definitions and efficient constructions. Journal of Computer Security, 2011, 19(5): 895–934.
    [17] Chase M, Kamara S. Structured encryption and controlled disclosure. In: Proc. of the 16th Int’l Conf. on the Theory and Application of Cryptology and Information Security. Singapore: Springer, 2010. 577–594.
    [18] van Liesdonk P, Sedghi S, Doumen J, Hartel P, Jonker W. Computationally efficient searchable symmetric encryption. In: Proc. of the 7th VLDB Workshop on Secure Data Management. Singapore: Springer, 2010. 87–100.
    [19] Kamara S, Papamanthou C, Roeder T. Dynamic searchable symmetric encryption. In: Proc. of the 2012 ACM Conf. on Computer and Communications Security. Raleigh North: ACM, 2012. 965–976. [doi: 10.1145/2382196.2382298]
    [20] Cash D, Jarecki S, Jutla C, Krawczyk H, Roşu MC, Steiner M. Highly-scalable searchable symmetric encryption with support for boolean queries. In: Proc. of the 33rd Annual Int’l Cryptology Conf. Santa Barbara: Springer, 2013. 353–373. [doi: 10.1007/978-3-642-40041-4_20]
    [21] Kamara S, Papamanthou C. Parallel and dynamic searchable symmetric encryption. In: Proc. of the 17th Int’l Conf. on Financial Cryptography and Data Security. Okinawa: Springer, 2013. 258–274.
    [22] Cash D, Jaeger J, Jarecki S, Jutla CS, Krawczyk H, Roşu MC, Steiner M. Dynamic searchable encryption in very-large databases: Data structures and implementation. In: Proc. of the 21st Annual Network and Distributed System Security Symp. San Diego: The Internet Society, 2014.
    [23] Stefanov E, Papamanthou C, Shi E. Practical dynamic searchable encryption with small leakage. In: Proc. of the 21st Annual Network and Distributed System Security Symp. San Diego: The Internet Society, 2014.
    [24] Naveed M, Prabhakaran M, Gunter CA. Dynamic searchable encryption via blind storage. In: Proc. of the 2014 IEEE Symp. on Security and Privacy. Berkeley: IEEE, 2014. 639–654.
    [25] Bösch C, Hartel P, Jonker W, Peter A. A survey of provably secure searchable encryption. ACM Computing Surveys, 2014, 47(2): 18.
    [26] Bost R. ∑oφo?: Forward secure searchable encryption. In: Proc. of the 2016 ACM SIGSAC Conf. on Computer and Communications Security. Vienna: ACM, 2016. 1143–1154.
    [27] Bost R, Minaud B, Ohrimenko O. Forward and backward private searchable encryption from constrained cryptographic primitives. In: Proc. of the 2017 ACM SIGSAC Conf. on Computer and Communications Security. Dallas: ACM, 2017. 1465–1482.
    [28] George M, Kamara S, Moataz T. Structured encryption and dynamic leakage suppression. In: Proc. of the 40th Annual Int’l Conf. on the Theory and Applications of Cryptographic Techniques. Zagreb: Springer, 2021. 370–396.
    [29] Li J, Huang YY, Wei Y, Lv SY, Liu ZL, Dong CY, Lou WJ. Searchable symmetric encryption with forward search privacy. IEEE Trans. on Dependable and Secure Computing, 2021, 18(1): 460–474.
    [30] Chamani JG, Papadopoulos D, Karbasforushan M, Demertzis I. Dynamic searchable encryption with optimal search in the presence of deletions. In: Proc. of the 31st USENIX Security Symp. USENIX Association, 2022. 2425–2442.
    [31] Sharma D. Searchable encryption?: A survey. Information Security Journal: A Global Perspective, 2023, 32(2): 76–119.
    [32] Minaud B, Reichle M. Dynamic local searchable symmetric encryption. In: Proc. of the 42nd Annual Int’l Cryptology Conf. Santa Barbara: Springer, 2022. 91–120. [doi: 10.1007/978-3-031-15985-5_4]
    [33] Falzon F, Markatou EA, Espiritu Z, Tamassia R. Range search over encrypted multi-attribute data. Proc. of the VLDB Endowment, 2022, 16(4): 587–600.
    [34] Demertzis I, Papadopoulos S, Papapetrou O, Deligiannakis A, Garofalakis M. Practical private range search revisited. In: Proc. of the 2016 Int’l Conf. on Management of Data. San Francisco: ACM, 2016. 185–198. [doi: 10.1145/2882903.2882911]
    [35] Suga T, Nishide T, Sakurai K. Secure keyword search using bloom filter with specified character positions. In: Proc. of the 6th Int’l Conf. on Provable Security. Chengdu: Springer, 2012. 235–252.
    [36] Hacigümüş H, Iyer B, Li C, Mehrotra S. Executing SQL over encrypted data in the database-service-provider model. In: Proc. of the 2002 ACM SIGMOD Int’l Conf. on Management of Data. Madison: ACM, 2002. 216–227. [doi: 10.1145/564691.564717]
    [37] Hore B, Mehrotra S, Tsudik G. A privacy-preserving index for range queries. In: Proc. of the 30th Int’l Conf. on Very Large Data Bases. Toronto: Morgan Kaufmann, 2004. 720–731.
    [38] Hore B, Mehrotra S, Canim M, Kantarcioglu M. Secure multidimensional range queries over outsourced data. The VLDB Journal, 2012, 21(3): 333–358.
    [39] Agrawal R, Kiernan J, Srikant R, Xu YR. Order preserving encryption for numeric data. In: Proc. of the 2004 ACM SIGMOD Int’l Conf. on Management of Data. Paris: ACM, 2004. 563–574. [doi: 10.1145/1007568.1007632]
    [40] Boldyreva A, Chenette N, Lee Y, O’Neill A. Order-preserving symmetric encryption. In: Proc. of the 28th Annual Int’l Conf. on the Theory and Applications of Cryptographic Techniques. Cologne: Springer, 2009. 224–241.
    [41] Boldyreva A, Chenette N, O’Neill A. Order-preserving encryption revisited: Improved security analysis and alternative solutions. In: Proc. of the 31st Annual Int’l Cryptology Conf. Santa Barbara: Springer, 2011. 578–595. [doi: 10.1007/978-3-642-22792-9_33]
    [42] Liu DX, Wang SL. Programmable order-preserving secure index for encrypted database query. In: Proc. of the 5th IEEE Int’l Conf. on Cloud Computing. Honolulu: IEEE, 2012. 502–509. [doi: 10.1109/CLOUD.2012.65]
    [43] Popa RA, Li FH, Zeldovich N. An ideal-security protocol for order-preserving encoding. In: Proc. of the 2013 IEEE Symp. on Security and Privacy. Berkeley: IEEE, 2013. 463–477. [doi: 10.1109/SP.2013.38]
    [44] Mavroforakis C, Chenette N, O’Neill A, Kollios G, Canetti R. Modular order-preserving encryption, revisited. In: Proc. of the 2015 ACM SIGMOD Int’l Conf. on Management of Data. Melbourne: ACM, 2015. 763–777. [doi: 10.1145/2723372.2749455]
    [45] Roche DS, Apon D, Choi SG, Yerukhimovich A. POPE: Partial order preserving encoding. In: Proc. of the 2016 ACM SIGSAC Conf. on Computer and Communications Security. Vienna: ACM, 2016. 1131–1142. [doi: 10.1145/2976749.2978345]
    [46] Li DJ, Lv SY, Huang YY, Liu YJ, Li T, Liu ZL, Guo L. Frequency-hiding order-preserving encryption with small client storage. Proc. of the VLDB Endowment, 2021, 14(13): 3295–3307.
    [47] 田洪亮, 张勇, 李超, 邢春晓. 云环境下数据库机密性保护技术研究综述. 计算机学报, 2017, 40(10): 2245–2270.
    Tian HL, Zhang Y, Li C, Xing CX. A survey of confidentiality protection for cloud databases. Chinese Journal of Computers, 2017, 40(10): 2245–2270 (in Chinese with English abstract).
    [48] Kerschbaum F. Frequency-hiding order-preserving encryption. In: Proc. of the 22nd ACM SIGSAC Conf. on Computer and Communications Security. Denver: ACM, 2015. 656–667. [doi: 10.1145/2810103.2813629]
    [49] Bogatov D, Kollios G, Reyzin L. A comparative evaluation of order-revealing encryption schemes and secure range-query protocols. Proc. of the VLDB Endowment, 2019, 12(8): 933–947.
    [50] Boneh D, Lewi K, Raykova M, Sahai A, Zhandry M, Zimmerman J. Semantically secure order-revealing encryption: Multi-input functional encryption without obfuscation. In: Proc. of the 34th Annual Int’l Conf. on the Theory and Applications of Cryptographic Techniques. Sofia: Springer, 2015. 563–594.
    [51] Chenette N, Lewi K, Weis SA, Wu DJ. Practical order-revealing encryption with limited leakage. In: Proc. of the 23rd Int’l Conf. on Fast Software Encryption. Bochum: Springer, 2016. 474–493. [doi: 10.1007/978-3-662-52993-5_24]
    [52] Lewi K, Wu DJ. Order-revealing encryption: New constructions, applications, and lower bounds. In: Proc. of the 2016 ACM SIGSAC Conf. on Computer and Communications Security. Vienna Vienna: ACM, 2016. 1167–1178. [doi: 10.1145/2976749.2978376]
    [53] Liu ZL, Lv SY, Li J, Huang YY, Guo L, Yuan YL, Dong CY. EncodeORE: Reducing leakage and preserving practicality in order-revealing encryption. IEEE Trans. on Dependable and Secure Computing, 2022, 19(3): 1579–1591.
    [54] Durak FB, DuBuisson TM, Cash D. What else is revealed by order-revealing encryption? In: Proc. of the 2016 ACM SIGSAC Conf. on Computer and Communications Security. Vienna: ACM, 2016. 1155–1166. [doi: 10.1145/2976749.2978379]
    [55] Hu CH, Han LD, Yiu SM. Efficient and secure multi-functional searchable symmetric encryption schemes. Security and Communication Networks, 2016, 9(1): 34–42.
    [56] Bösch C, Brinkman R, Hartel P, Jonker W. Conjunctive wildcard search over encrypted data. In: Proc. of the 8th VLDB Workshop on Secure Data Management. Seattle: Springer, 2011. 114–127. [doi: 10.1007/978-3-642-23556-6_8]
    [57] 刘晋璐, 秦静, 汪青, 赵博, 张茜, 苏烨. 复杂语义可搜索加密研究. 密码学报, 2022, 9(1): 1–22.
    Liu JL, Qin J, Wang Q, Zhao B, Zhang Q, Su Y. On complex semantic searchable encryptions. Journal of Cryptologic Research, 2022, 9(1): 1–22 (in Chinese with English abstract).
    [58] Hu CH, Han LD. Efficient wildcard search over encrypted data. Int’l Journal of Information Security, 2016, 15(5): 539–547.
    [59] Bloom BH. Space/time trade-offs in hash coding with allowable errors. Communications of the ACM, 1970, 13(7): 422–426.
    [60] Chatterjee S, Kesarwani M, Modi J, Mukherjee S, Parshuram Puria SK, Shah A. Secure and efficient wildcard search over encrypted data. Int’l Journal of Information Security, 2021, 20(2): 199–244.
    [61] Yang Y, Liu XM, Deng RH, Weng J. Flexible wildcard searchable encryption system. IEEE Trans. on Services Computing, 2020, 13(3): 464–477.
    [62] Liu J, Zhao B, Qin J, Zhang X, Ma JX. Multi-keyword ranked searchable encryption with the wildcard keyword for data sharing in cloud computing. The Computer Journal, 2023, 66(1): 184–196.
    [63] Li Y, Ning JT, Chen J. Secure and practical wildcard searchable encryption system based on inner product. IEEE Trans. on Services Computing, 2023, 16(3): 2178–2190.
    [64] Li J, Wang Q, Wang C, Cao N, Ren K, Lou WJ. Fuzzy keyword search over encrypted data in cloud computing. In: Proc. of the 2010 IEEE INFOCOM. San Diego: IEEE, 2010. 1–5. [doi: 10.1109/INFCOM.2010.5462196]
    [65] Liu C, Zhu LH, Li LYJ, Tan YA. Fuzzy keyword search on encrypted cloud storage data with small index. In: Proc. of the 2011 IEEE Int’l Conf. on Cloud Computing and Intelligence Systems. Beijing: IEEE, 2011. 269–273. [doi: 10.1109/CCIS.2011.6045073]
    [66] Wang JF, Ma H, Tang Q, Li J, Zhu H, Ma S, Chen XF. Efficient verifiable fuzzy keyword search over encrypted data in cloud computing. Computer Science and Information Systems, 2013, 10(2): 667–684.
    [67] Kuzu M, Islam MS, Kantarcioglu M. Efficient similarity search over encrypted data. In: Proc. of the 28th IEEE Int’l Conf. on Data Engineering. Arlington: IEEE, 2012. 1156–1167. [doi: 10.1109/ICDE.2012.23]
    [68] Wang B, Yu SC, Lou WJ, Hou YT. Privacy-preserving multi-keyword fuzzy search over encrypted data in the cloud. In: Proc. of the 2014 IEEE Conf. on Computer Communications. Toronto: IEEE, 2014. 2112–2120. [doi: 10.1109/INFOCOM.2014.6848153]
    [69] Fu ZJ, Wu XL, Guan CW, Sun XM, Ren K. Toward efficient multi-keyword fuzzy search over encrypted outsourced data with accuracy improvement. IEEE Trans. on Information Forensics and Security, 2016, 11(12): 2706–2716.
    [70] Zhong H, Li ZF, Cui J, Sun Y, Liu L. Efficient dynamic multi-keyword fuzzy search over encrypted cloud data. Journal of Network and Computer Applications, 2020, 149: 102469.
    [71] ElGamal T. A public key cryptosystem and a signature scheme based on discrete logarithms. In: Blakley GR, Chaum D, eds. Advances in Cryptology. Berlin, Heidelberg: Springer, 1985. 10–18. [doi: 10.1007/3-540-39568-7_2]
    [72] Paillier P. Public-key cryptosystems based on composite degree residuosity classes. In: Proc. of the 1999 Int’l Conf. on the Theory and Application of Cryptographic Techniques. Prague: Springer, 1999. 223–238. [doi: 10.1007/3-540-48910-X_16]
    [73] Sidorov V, Wei EYF, Ng WK. Comprehensive performance analysis of homomorphic cryptosystems for practical data processing. arXiv:2202.02960, 2022.
    [74] Papadimitriou A, Bhagwan R, Chandran N, Ramjee R, Haeberlen A, Singh H, Modi A, Badrinarayanan S. Big data analytics over encrypted datasets with seabed. In: Proc. of the 12th USENIX Conf. on Operating Systems Design and Implementation. Savannah: USENIX Association, 2016. 587–602.
    [75] Savvides S, Khandelwal D, Eugster P. Efficient confidentiality-preserving data analytics over symmetrically encrypted datasets. Proc. of the VLDB Endowment, 2020, 13(8): 1290–1303.
    [76] Timothy Tawose O, Dai J, Yang L, Zhao DF. Toward efficient homomorphic encryption for outsourced databases through parallel caching. Proc. of the ACM on Management of Data, 2023, 1(1): 66.
    [77] Rivest RL, Adleman L, Dertouzos ML. On data banks and privacy homomorphisms. In: DeMillo RA, ed. Foundations of Secure Computation. New York: Academic Press, 1978. 169–179.
    [78] Gentry C. Fully homomorphic encryption using ideal lattices. In: Proc. of the 41st Annual ACM Symp. on Theory of Computing. Bethesda: ACM, 2009. 169–178. [doi: 10.1145/1536414.1536440]
    [79] Gentry C, Halevi S. Implementing gentry’s fully-homomorphic encryption scheme. In: Proc. of the 30th Annual Int’l Conf. on the Theory and Applications of Cryptographic Techniques. Tallinn: Springer, 2011. 129–148.
    [80] Brakerski Z, Vaikuntanathan V. Efficient fully homomorphic encryption from (standard) LWE. In: Proc. of the 52nd IEEE Annual Symp. on Foundations of Computer Science. Palm Springs: IEEE, 2011. 97–106. [doi: 10.1109/FOCS.2011.12]
    [81] Brakerski Z, Gentry C, Vaikuntanathan V. (Leveled) fully homomorphic encryption without bootstrapping. In: Proc. of the 3rd Innovations in Theoretical Computer Science Conf. Cambridge: ACM, 2012. 309–325. [doi: 10.1145/2090236.2090262]
    [82] Fan JF, Vercauteren F. Somewhat practical fully homomorphic encryption. Cryptology ePrint Archive, Paper 2012/144, 2012. https://eprint.iacr.org/2012/144
    [83] Gentry C, Sahai A, Waters B. Homomorphic encryption from learning with errors: Conceptually-simpler, asymptotically-faster, attribute-based. In: Proc. of the 33rd Annual Int’l Cryptology Conf. Santa Barbara: Springer, 2013. 75–92.
    [84] Ducas L, Micciancio D. FHEW: Bootstrapping homomorphic encryption in less than a second. In: Proc. of the 34th Annual Int’l Conf. on the Theory and Applications of Cryptographic Techniques. Sofia: Springer, 2014. 617–640.
    [85] Chillotti I, Gama N, Georgieva M, Izabachène M. Faster fully homomorphic encryption: Bootstrapping in less than 0.1 seconds. In: Proc. of the 22nd Int’l Conf. on the Theory and Application of Cryptology and Information Security. Hanoi: Springer, 2016. 3–33.
    [86] Cheon JH, Kim A, Kim M, Song Y. Homomorphic encryption for arithmetic of approximate numbers. In: Proc. of the 23rd Int’l Conf. on the Theory and Application of Cryptology and Information Security. Hong Kong: Springer, 2017. 409–437.
    [87] Yao AC. Protocols for secure computations. In: Proc. of the 23rd Annual Symp. on Foundations of Computer Science. Chicago: IEEE, 1982. 160–164. [doi: 10.1109/SFCS.1982.38]
    [88] Yao ACC. How to generate and exchange secrets. In: Proc. of the 27th Annual Symp. on Foundations of Computer Science. Toronto: IEEE, 1986. 162–167. [doi: 10.1109/SFCS.1986.25]
    [89] Goldwasser S, Kalai Y, Popa RA, Vaikuntanathan V, Zeldovich N. Reusable garbled circuits and succinct functional encryption. In: Proc. of the 45th Annual ACM Symp. on Theory of Computing. Palo Alto: ACM, 2013. 555–564.
    [90] Saleem A, Khan A, Shahid F, Masoom Alam M, Khan MK. Recent advancements in garbled computing: How far have we come towards achieving secure, efficient and reusable garbled circuits. Journal of Network and Computer Applications, 2018, 108: 1–19.
    [91] Zhao QS, Liu XM, Xu HL, Li YB. Practical reusable garbled circuits with parallel updates. Computer Standards & Interfaces, 2023, 86: 103721.
    [92] Harth-Kitzerow C, Carle G, Fei F, Luckow A, Klepsch J. CRGC: A practical framework for constructing reusable garbled circuits. In: Proc. of the 19th Int’l Conf. on Security and Cryptography. Lisbon: SciTePress, 2022. 83–95.
    [93] Popa RA, Redfield CMS, Zeldovich N, Balakrishnan H. CryptDB: Protecting confidentiality with encrypted query processing. In: Proc. of the 23rd ACM Symp. on Operating Systems Principles. Cascais: ACM, 2011. 85–100. [doi: 10.1145/2043556.2043566]
    [94] Popa RA, Zeldovich N, Balakrishnan H. CryptDB: A practical encrypted relational DBMS. 2011. https://people.csail.mit.edu/nickolai/papers/popa-cryptdb-tr.pdf
    [95] Popa RA, Redfield CMS, Zeldovich N, Balakrishnan H. CryptDB: Processing queries on an encrypted database. Communications of the ACM, 2012, 55(9): 103–111.
    [96] Tu S, Kaashoek MF, Madden S, Zeldovich N. Processing analytical queries over encrypted data. Proc. of the VLDB Endowment, 2013, 6(5): 289–300.
    [97] Pappas V, Krell F, Vo B, Kolesnikov V, Malkin T, Choi SG, George W, Keromytis A, Bellovin S. Blind seer: A scalable private DBMS. In: Proc. of the 2014 IEEE Symp. on Security and Privacy. Berkeley: IEEE, 2014. 359–374. [doi: 10.1109/SP.2014.30]
    [98] Poddar R, Boelter T, Popa RA. Arx: An encrypted database using semantically secure encryption. Proc. of the VLDB Endowment, 2019, 12(11): 1664–1678.
    [99] MongoDB/Mongo: The MongoDB database. 2022. https://github.com/mongodb/mongo
    [100] Braund C, Borkar P. MongoDB. MongoDB releases queryable encryption preview. 2022. https://www.mongodb.com/blog/post/mongodb-releases-queryable-encryption-preview
    [101] Popa RA, Zeldovich N. Cryptographic treatment of CryptDB’s adjustable join. CSAIL. 2012. https://people.csail.mit.edu/nickolai/papers/popa-join-tr.pdf
    [102] Costan V, Devadas S. Intel SGX explained. Cryptology ePrint Archive, 2016. https://eprint.iacr.org/2016/086.pdf
    [103] McKeen F, Alexandrovich I, Berenzon A, Rozas CV, Shafi H, Shanbhogue V, Savagaonkar UR. Innovative instructions and software model for isolated execution. In: Proc. of the 2nd Int’l Workshop on Hardware and Architectural Support for Security and Privacy. Tel Aviv: ACM, 2013. 10. [doi: 10.1145/2487726.2488368]
    [104] AMD. AMD secure encrypted virtualization (sev). AMD. 2023. https://www.amd.com/en/developer/sev.html
    [105] Ngabonziza B, Martin D, Bailey A, Cho H, Martin S. TrustZone explained: Architectural features and use cases. In: Proc. of the 2nd IEEE Int’l Conf. on Collaboration and Internet Computing. Pittsburgh: IEEE, 2016. 445–451.
    [106] Vinayagamurthy D, Gribov A, Gorbunov S. StealthDB: A scalable encrypted database with full SQL query support. Proc. on Privacy Enhancing Technologies, 2019, 2019(3): 370–388.
    [107] Priebe C, Vaswani K, Costa M. EnclaveDB: A secure database using SGX. In: Proc. of the 2018 IEEE Symp. on Security and Privacy. San Francisco: IEEE, 2018. 264–278. [doi: 10.1109/SP.2018.00025]
    [108] Bajaj S, Sion R. TrustedDB: A trusted hardware based database with privacy and data confidentiality. In: Proc. of the 2011 ACM SIGMOD Int’l Conf. on Management of Data. Athens: ACM, 2011. 205–216. [doi: 10.1145/1989323.1989346]
    [109] Bajaj S, Sion R. TrustedDB: A trusted hardware-based database with privacy and data confidentiality. IEEE Trans. on Knowledge and Data Engineering, 2014, 26(3): 752–765.
    [110] Arasu A, Blanas S, Eguro K, Joglekar M, Kaushik R, Kossmann D, Ramamurthy R, Upadhyaya P, Venkatesan R. Secure database-as-a-service with CipherBase. In: Proc. of the 2013 ACM SIGMOD Int’l Conf. on Management of Data. New York: ACM, 2013. 1033–1036. [doi: 10.1145/2463676.2467797]
    [111] Arasu A, Blanas S, Eguro K, Kaushik R, Kossmann D, Ramamurthy R, Venkatesan R. Orthogonal security with CipherBase. In: Proc. of the 6th Biennial Conf. on Innovative Data Systems Research. Asilomar, 2013.
    [112] Intel. Enclave memory measurement tool for Intel® software guard extensions (Intel® SGX) enclaves. 2019. https://www.intel.com/content/www/us/en/content-details/671037/enclave-memory-measurement-tool-for-intel-software-guard-extensions-intel-sgx-enclaves.html
    [113] El-Hindi M, Ziegler T, Heinrich M, Lutsch A, Zhao ZG, Binnig C. Benchmarking the second generation of Intel SGX hardware. In: Proc. of the 18th Int’l Workshop on Data Management on New Hardware. Philadelphia: ACM, 2022. 5.
    [114] Orenbach M, Lifshits P, Minkin M, Silberstein M. Eleos: Exitless OS services for SGX enclaves. In: Proc. of the 12th European Conf. on Computer Systems. Belgrade: ACM, 2017. 238–253. [doi: 10.1145/3064176.3064219]
    [115] SecGear. 2023. https://github.com/openeuler-mirror/secGear
    [116] Eskandarian S, Zaharia M. ObliDB: Oblivious query processing for secure databases. Proc. of the VLDB Endowment, 2019, 13(2): 169–183.
    [117] Islam MS, Kuzu M, Kantarcioglu M. Access pattern disclosure on searchable encryption: Ramification, attack and mitigation. In: Proc. of the 19th Annual Network and Distributed System Security Symp. San Diego: The Internet Society, 2017.
    [118] Goldreich O. Towards a theory of software protection and simulation by oblivious RAMs. In: Proc. of the 19th Annual ACM Symp. on Theory of Computing. New York: ACM, 1987. 182–194. [doi: 10.1145/28395.28416]
    [119] Goldreich O, Ostrovsky R. Software protection and simulation on oblivious RAMs. Journal of the ACM, 1996, 43(3): 431–473.
    [120] Stefanov E, Shi E, Song DX. Towards practical oblivious RAM. In: Proc. of the 19th Annual Network and Distributed System Security Symp. San Diego: The Internet Society, 2012.
    [121] Shi E, Chan THH, Stefanov E, Li MF. Oblivious RAM with O((LogN)3) worst-case cost. In: Proc. of the 17th Int’l Conf. on the Theory and Application of Cryptology and Information Security. Seoul: Springer, 2011. 197–214. [doi: 10.1007/978-3-642-25385-0_11]
    [122] Stefanov E, van Dijk M, Shi E, Fletcher C, Ren L, Yu XY, Devadas S. Path ORAM: An extremely simple oblivious RAM protocol. In: Proc. of the 2013 ACM SIGSAC Conf. on Computer & Communications Security. Berlin: ACM, 2013. 299–310.
    [123] Ren L, Fletcher CW, Kwon A, Stefanov E, Shi E, van Dijk M, Devadas S. Constants count: Practical improvements to oblivious RAM. In: Proc. of the 24th USENIX Security Symp. 2015. Washington: USENIX Association, 2015. 415–430.
    [124] Devadas S, van Dijk M, Fletcher CW, Ren L, Shi E, Wichs D. Onion ORAM: A constant bandwidth blowup oblivious RAM. In: Proc. of the 13th Theory of Cryptography Conf. Tel Aviv: Springer, 2016. 145–174.
    [125] Li YP, Chen MH. Privacy preserving joins. In: Proc. of the 24th IEEE Int’l Conf. on Data Engineering. Cancun: IEEE, 2008. 1352–1354. [doi: 10.1109/ICDE.2008.4497553]
    [126] Arasu A, Kaushik R. Oblivious query processing. In: Proc. of the 17th Int’l Conf. on Database Theory. Athens: OpenProceedings.org, 2014. 26–37.
    [127] Krastnikov S, Kerschbaum F, Stebila D. Efficient oblivious database joins. Proc. of the VLDB Endowment, 2020, 13(12): 2132–2145.
    [128] Chang Z, Xie D, Wang S, Li FF. Towards practical oblivious join. In: Proc. of the 2022 Int’l Conf. on Management of Data. Philadelphia: ACM, 2022. 803–817. [doi: 10.1145/3514221.3517868]
    [129] Chang Z, Xie D, Li FF, Phillips JM, Balasubramonian R. Efficient oblivious query processing for range and kNN queries. IEEE Trans. on Knowledge and Data Engineering, 2022, 34(12): 5741–5754.
    [130] Hackenjos T, Hahn F, Kerschbaum F. SAGMA: Secure aggregation grouped by multiple attributes. In: Proc. of the 2020 ACM SIGMOD Int’l Conf. on Management of Data. Portland: ACM, 2020. 587–601. [doi: 10.1145/3318464.3380569]
    [131] Ren XL, Su L, Gu Z, Wang S, Li FF, Xie Y, Bian S, Li C, Zhang F. HEDA: Multi-attribute unbounded aggregation over homomorphically encrypted database. Proc. of the VLDB Endowment, 2022, 16(4): 601–614.
    [132] Asharov G, Chan THH, Nayak K, Pass R, Ren L, Shi E. Locality-preserving oblivious RAM. In: Proc. of the 38th Annual Int’l Conf. on the Theory and Applications of Cryptographic Techniques. Darmstadt: Springer, 2019. 214–243. [doi: 10.1007/978-3-030-17656-3_8]
    [133] Chakraborti A, Aviv AJ, Choi SG, Mayberry T, Roche DS, Sion R. RORAM: Efficient range oram with O(log2 N) locality. In: Proc. of the 2019 Network and Distributed Systems Security (NDSS) Symp. 2019. San Diego: The Internet Society, 2019.
    [134] Zheng WT, Dave A, Beekman JG, Popa RA, Gonzalez JE, Stoica I. Opaque: An oblivious and encrypted distributed analytics platform. In: Proc. of the 14th USENIX Conf. on Networked Systems Design and Implementation. Boston: USENIX Association, 2017. 283–298. [doi: 10.5555/3154630.3154653]
    Related
    Cited by
Get Citation

毕树人,钮泽平,李国良,李琦.全密态数据库密态计算关键技术综述.软件学报,2024,35(8):3980-4010

Copy
Share
Article Metrics
  • Abstract:
  • PDF:
  • HTML:
  • Cited by:
History
  • Received:August 07,2023
  • Revised:September 11,2023
  • Online: March 20,2024
  • Published: August 06,2024
You are the first2034063Visitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063