多媒體網路安全實驗室 Practical Searching Over Encrypted Data By Private Information...
-
Upload
juliet-riley -
Category
Documents
-
view
223 -
download
0
Transcript of 多媒體網路安全實驗室 Practical Searching Over Encrypted Data By Private Information...
多媒體網路安全實驗室
Practical Searching Over Encrypted Data By Private
Information Retrieval
Practical Searching Over Encrypted Data By Private
Information Retrieval
Date : 2011.05.19Reporter: Chien-Wen Huang
出處 :GLOBECOM 2010, 2010 IEEE Global Telecommunications Conference
多媒體網路安全實驗室
Outline
INTRODUCTION1
PREPARATION2
PRIVATE INFORMATION RETRIEVAL33
OUR PROPOSAL AND PERFORMANCE ANALYSIS44
COMPARISON35
CONCLUSION46
2
多媒體網路安全實驗室
1.INTRODUCTIONthere are Sender and User (Receiver) who
want to communicate mainly via the “honest-but-curious” database. Sender: only permitted to send a couple of
keywords, but not the whole data which is commonly a relatively large file(videos or photos)
User: could efficiently search and retrieve the information those Sender submitted
3
多媒體網路安全實驗室
2.PREPARATIONBoneh et al.proposed the scheme:
PIR technique aims to retrieve the target data
Several techniques have been employed Bloom filter: used only as the intermediate storage
of the information on addresses of data color survival game modified encrypted data
4
多媒體網路安全實驗室
5
多媒體網路安全實驗室
Bloom Filters
It’s used to verify that some data is not in the database (mismatch) List of bad credit card numbers Useful when the data consumes a very small
portion of search space
A bloom filter is a bit stringn hash functions that map the data into n
bits in the bloom filter
6
多媒體網路安全實驗室
Simple Example
Use a bloom filter of 16 bits h1(key) = key mod 16 h2(key) = key mod 14 + 2
Insert numbers 27, 18, 29 and 28
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
1 1 1 1 1 1 1
• Check for 22: H1(22) = 6, h2(22) = 10 (not in filter)
• Check for 51: H1(51) = 3, h2(51) = 11 (false positive)
7
多媒體網路安全實驗室
3.PRIVATE INFORMATION RETRIEVAL
A. IPIR Then he sends to DB a query of whole dataset,so
that DB replies all of dataset.
B. Block PIR uses multiple databases Like Chor et.al.(by 1995) BlockPIR scheme is secure, if DBs do not collude
together.
8
多媒體網路安全實驗室
C. Computational PIR Based on Paillier cryptosystem the computation cost instead of communication cost
here is the bottleneck of the operation time
The homomorphic encryption is assumed as follows:1)Compute
2)Select random
3)
4)
)()()( 2121 MMEMEME pkpkpk
),q-lcm(p-pqn 11 and ** andZ 2 nnZrg
2modnrgc nm
9
多媒體網路安全實驗室 4.OUR PROPOSAL AND PERFORMANCE
ANALYSISA. Proposed SchemeDB: has a size of N bits and can store n
messages in maximum.Buffer: has a size of M bits(we assume M is a
square)R(receiver): has the key pair and a length of
cipher text is kS(sender): uses the keyword of w words(k,m)-Bloom Filter: has k hash functions and
outputs value with a length of m bits.10
多媒體網路安全實驗室
11
多媒體網路安全實驗室
Assume there are two buffers, Buffer1 and Buffer21. S associates keyword W to the message M and
send E(M) to DB.
2. DB stores E(M) in main database, returns the corresponding address ρ.
3. S inputs W to Bloom filter to get the k outputs as addresses of Buffer(1,2)
4. S then encrypts the r copies of ρ as and writes them into r addresses of Buffer1 and Buffer2
5. S modifies the encrypted data12
多媒體網路安全實驗室
R intends to search the keyword W associated with the message from DB.1) Input W to Bloom filter and get the k addresses
H(W) of Buffer.
2) Execute BlockPIR to the addresses k times, and get k outputs of .
a) R generates random vector
b) Repeat k times to recover
3) R decrypts and gets
4) R executes CPIR to the ρ of DB and gets the M associated with W.
iandm ' }1,0{
13
多媒體網路安全實驗室
B. Performance of Previous Scheme the time required for CPIR is shown as follows:
C. Implementation with IPIR - For Comparison the time required for IPIR is shown as follows:
14
多媒體網路安全實驗室
D.Performance of Our Proposal
it is obvious to see that by using BlockPIR the computation cost is reduced a lot.
the communication cost is also acceptable considering the current networking technology.
15
多媒體網路安全實驗室
5. COMPARISON
16
多媒體網路安全實驗室
6.CONCLUSION
We have proposed a practical keyword search scheme which performs better than the previous work which is only theoretically interesting but less of practice
A simple but effective modification to overcome this problem, which greatly enhances the performance and furthermore enables the privacy-preserving outsourcing techniques
17
多媒體網路安全實驗室