secure database in cloud
DESCRIPTION
Secure Database in cloud. Mohammad Ahmadian [email protected] COP-6087 University of Central Florida. PART 2. DbCrypt. Goal: protect confidentiality and Integrity of data. user password. Threat 2: active/passive attacks on all servers. Threat 1: passive attacks on DB server. - PowerPoint PPT PresentationTRANSCRIPT
Secure Database in cloud
Mohammad Ahmadian [email protected]
COP-6087University of Central Florida
PART 2
DbCrypt Goal: protect confidentiality and Integrity of data
ApplicationDB ServerSQL
Threat 1: passive attacks on DB
server
Threat 2: active/passive attacks on all servers
User 1
User 2
User 3
Proxy
1. Process SQL queries on encrypted data
2. Capture and enforce cryptographically access control in SQL: chain keys from user passwords to data item (Keygen)
user password
ApplicationDB Server
curious DB administrators
hackers curious cloud/employees physical attacks
SQL
User 1
User 2
User 3
Threat Model
Consider attacks on any part of the servers, Consider passive attack like modification of information in database by
malicious cloud insider
Threat 1: Active attack to connection the cloud
DB ServerSQL
Trusted
All queries are encrypted
Proxy
application queries unencrypted
Client & server side both are trustedThe session between client and db server is compromised
Under attack
The benefit of attackers are very low
Trusted
Threat 2: Passive attacks to DB Server
DB ServerSQL
Trusted
Perform SQL query processing on encrypted data
Proxy
application queries unencrypted
Client side enjoys issuing query without concerning about underlying security mechanisms in proxy DB server is unchanged It is impossible to attacker to change data without revealing to user
Under attack
1. Support standard SQL queries on encrypted data
2. Process queries completely at the DB server3. No change to existing DBMS
1. RND-Advanced Encryption Standard◦ Obs.: set of SQL operators is limited◦ Different encryption schemes provide different
functionality
2. OPE-Order Preserving Encryption◦ Enable to comparison, order by, join, sort, MAX,
MIN.
3. MAC –Message authentication code◦ Provides integrity for data element
Solution: Cryptographic techniques
?
Example
col1/rank col2/name
table1 (cinfo)
SELECT * FROM cinfo WHERE income= 100
x5a8c34
x934bc1x5a8c34
x5a8c34
x84a21c
x5a8c34
≥
x638e54
x638e54x922eb4
x1eab81
SELECT * FROM cinfo WHERE income= x5a8c34≥
Proxy
60100800100
?x5a8c34x5a8c34x5a8c34
x638e54x922eb4x638e54
X4be219x95c623
x2ea887
x17cea7
x638e54col3/salary
Application
Encryption Technics comparison
e.g., =, !=, GROUP BY, IN, COUNT, DISTINCT
Highest Scheme Operation Detail
RND None AES
HOM +, *
AES in CTR DET equality
e.g., Paillier
OPE orderBoldyreva et
al.’09
e.g., >, <, ORDER BY, SORT, MAX, MIN
first practical implementation
Security
AES
The Advanced Encryption Standard (AES) is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001. Rijndael is a family of ciphers with different key and block sizes. For AES, NIST selected three members of the Rijndael family, each with a block size of 128 bits, but three different key lengths: 128, 192 and 256 bits.
AES is one of secure block cipher for digital information. I adapt it with key size 128 bit for this project for encrypting text columns. One of negative point of AES is it’s speed, actually it’s key generation is not so fast.
AES
Order Preserving Encryption(OPE)Order Preserving encryption(OPE) is an encryption scheme whose deterministically preserves numerical order of plaintext in the ciphertext. For quick start, consider a random order-preserving function from M to N, so that |M|<|N|. Without loss of generality, we can consider M the set {1,2,...,M} and N likewise {1,2,...,N}. Now, pick M elements of N randomly and put them in order. Our function f:M → N is simply this ordered set. To encrypt i in M, just output the ith element of this list. Consider f is an order-preserving function which maps elements in domain to ordered list of elements of the range. Obviously, the elements of range can be divided in two categories of marked and unmarked. If an element is selected by f then it is member of marked otherwise it is member of unmarked category. Thus elements of the range are partitioned into the marked and unmarked subsets, as being balls in a bin. If we draw balls without replacement, the number x of marked balls we've drawn after y samples can be described by the Hyper Geometric Distribution(HGD)
OPE-Encryption
OPE-Decryption
Multi-user
What I did in this project I spend 3 weeks to install open source cryptdb
It failed because it is depended to lots of packages and libraries and there isn’t any documentation.
I spend 3 weeks to writing my own mysql-proxy It is almost 1200 lines of code in c++ and easy to
install. It needs to add some features to handle all type of datbases
Acknowledgment & Reference
John Singleton Salih Safa
Reference:1- CryptDB: Confidentiality for Database Applications with Encrypted Query ProcessingRaluca Ada Popa, Catherine Redfield, Nickolai Zeldovich, and Hari Balakrishnan MIT CSAIL
2-Order-Preserving Symmetric EncryptionAlexandra Boldyreva, Nathan Chenette, Younho Lee and Adam O'NeillGeorgia Institute of Technology, Atlanta, GA, USA
Questions & Demo