Fast keyword query technique in encrypted databases

doi:10.3778/j.issn.1002-8331.1706-0283

Abstract

Abstract: In order to ensure the data security of sensitive information, users usually encrypt data before sending them to the cloud, which increases the difficulty for database management and queries on the encrypted data. This paper proposes a security query scheme which can obtain eligible query results without revealing sensitive information. Pseudo random functions and Bloom filters are employed to pre-process keywords of sensitive information to generate the corresponding index data structure. This scheme supports various number of keywords-query and efficient data update. In a query procedure, the client calculates trapdoors and sends it to the server, the server then executes the query according to the trapdoors. A multi-keywords query can be converted into single keyword query problems by concatenating trapdoors of multiple keywords, with the same time complexity. In addition, valid trapdoors can only be generated with secret keys by owners and the trapdoors don’t leak any sensitive information. This scheme does not rely on fully trusted database service providers. Compared with existing special double layer structure encryption methods, this scheme improves the efficiency and avoids revealing sensitive information during searching on the encrypt database. This scheme has strong compatibility, for it allows the user to encrypt sensitive information with various encryption method. The experiment is carried with TPC-H developing performance data. Experimental results show that the scheme very efficient in query execution.

Key words: Bloom filter, encrypted database, keyword query, Pseudo-Random Functions

摘要： 为保证敏感信息的数据安全，用户通常会将其加密后存储到云端数据库，这为数据库管理及后续使用增加了难度。提出一种安全查询方案，在不暴露敏感信息的情况下可获得符合查询条件的结果集。使用伪随机函数和Bloom过滤器，对敏感信息的关键词集合进行预处理，在数据库中生成相应的索引数据结构，支持不固定数量的关键词查询与高效的数据更新。查询时，客户端计算出关键词相应的陷门并将其发送给服务器，服务器使用陷门执行查询，将多关键词计算出的陷门进行串接，可将多关键词查询问题转换成单关键词查询问题，并且不提高时间复杂度。此外，有效的陷门只能由拥有密钥的用户产生，陷门不会泄露任何敏感信息，故该方案不依赖完全可信的数据库服务提供商。与现有的采用特殊双层结构的加密方式相比，提高了查询效率，解决了加密数据库处理用户查询请求时的敏感信息泄露问题，且允许用户对敏感信息采用不同的加密方式，具有很强的兼容性。使用TPC-H的数据库测试方案和测试数据进行实验，实验结果证明了算法具有较高的执行效率。

关键词: Bloom过滤器, 加密数据库, 关键词查询, 伪随机函数

ZHANG Man1, XIAN Hequn1，2, ZHANG Shuguang1. Fast keyword query technique in encrypted databases[J]. Computer Engineering and Applications, 2018, 54(13): 78-83.

张曼1，咸鹤群1，2，张曙光1. 加密数据库快速关键词查询技术[J]. 计算机工程与应用, 2018, 54(13): 78-83.

[1]	SUN Yanjun, YANG Geng, SHI Jingqi, LIU Guoxiu. User-definable order-preserving encoding with low adjusting ratio [J]. Computer Engineering and Applications, 2018, 54(9): 67-74.
[2]	GUO Rui, ZHANG Xuefeng. Combination fingerprint template protection algorithm based on Bloom filter and block [J]. Computer Engineering and Applications, 2018, 54(6): 75-80.
[3]	YIN Qinqin. Secure deduplication approach based on Bloom Filter in hybrid cloud storage environments [J]. Computer Engineering and Applications, 2018, 54(10): 73-80.
[4]	LI Juanjuan1, GONG Xiangyang2. Fast cloned tags detection algorithm in large-scale RFID systems [J]. Computer Engineering and Applications, 2017, 53(8): 106-112.
[5]	DAI Zhen1，2, CHENG Guang1，2. Advanced persistent threat detection based on characteristics of communications [J]. Computer Engineering and Applications, 2017, 53(18): 77-83.
[6]	LI Shiyang, WANG Xiaoming. Multi-user verifying completeness and integrity encrypted keyword query in cloud storage [J]. Computer Engineering and Applications, 2016, 52(7): 132-138.
[7]	LIANG Yin, DONG Yongquan. Optimal sequenced route keyword query [J]. Computer Engineering and Applications, 2015, 51(4): 138-141.
[8]	MENG Jinfeng, GAO Zhonghe. Flow sampling measurement algorithm based on dynamic counting bloom filter [J]. Computer Engineering and Applications, 2015, 51(17): 92-95.
[9]	WANG Chunlong, LIU Yuan, ZHENG Zheyuan. Network flow measurement based on LRU structure and improved Count Bloom Filter [J]. Computer Engineering and Applications, 2015, 51(13): 66-71.
[10]	XI Yewen, YANG Jinmin. Duplicate data delete technology based on double bloom filter [J]. Computer Engineering and Applications, 2014, 50(23): 198-202.
[11]	WANG Maohua1, HAO Yunli2, CHU Yawei2. Data encryption method based on privacy preserving [J]. Computer Engineering and Applications, 2014, 50(23): 87-90.
[12]	WANG Wenshuai1，2, DU Ran1，2, CHENG Yaodong1, CHEN Gang1. Topic mining method on massive microblog data [J]. Computer Engineering and Applications, 2014, 50(22): 32-37.
[13]	GAO Xiang1, LI Bing2. Research on method to detect reduplicative Chinese short texts [J]. Computer Engineering and Applications, 2014, 50(16): 192-197.
[14]	HU Beibei1, PENG Yanbing2, CHENG Guang3. DNS anomaly detection based on Counting Bloom Filter [J]. Computer Engineering and Applications, 2014, 50(15): 82-86.
[15]	LI Suqing1, TAO Shiqun2. XML documents query algorithm based on keywords [J]. Computer Engineering and Applications, 2012, 48(5): 138-142.

Fast keyword query technique in encrypted databases

加密数据库快速关键词查询技术

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics