[go: up one dir, main page]
Skip to main content

Advertisement

Springer Nature Link
Log in

New attacks on secret sharing-based data outsourcing: toward a resistant scheme

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

In this paper, two new practical attacks on some secret sharing-based data outsourcing schemes are first introduced, and several other security and performance issues with the existing schemes are also explored. The existing and new attacks exploit the information about the share range boundaries or the correspondences between the secret values and shares. A range expansion technique is then proposed to thwart one of the attacks. It expands the ranges in every range predicate in the submitted queries in order to hide the share range boundaries from any query observer. Next, a mapping method is proposed to thwart the other attacks. It maps each secret value to a mapping value using a secret one-to-many mapping with a finite set of linear mapping rules so that the tuples of shares are generated from the mapping values rather than directly from the secret values. The proposed mapping method works as an additional layer of security and addresses any attack based on the correspondences between the secret values and shares. At the same time, it preserves the homomorphism property of secret sharing. Finally, a new secure data outsourcing scheme is elaborated on secret sharing, the proposed mapping method, and the proposed range expansion technique. The proposed scheme is resistant to various attacks and also some inferences. It supports the fully server-side or a partially server-side query execution of most types of queries. The experimental results confirm that the proposed scheme is quite practical and efficient.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. di Vimercati SDC, Foresti S, Paraboschi S et al (2011) Efficient and private access to outsourced data. In: Proceedings of 2011 31st International Conference on Distributed Computing Systems, pp 710–719. https://doi.org/10.1109/ICDCS.2011.37

  2. Hong J, Wen T, Guo Q et al (2019) Privacy protection and integrity verification of aggregate queries in cloud computing. Cluster Comput 22:5763–5773. https://doi.org/10.1007/s10586-017-1521-0

    Article  Google Scholar 

  3. Neela KL, Kavitha V (2022) An improved RSA technique with efficient data integrity verification for outsourcing database in cloud. Wirel Pers Commun. https://doi.org/10.1007/s11277-021-09248-8

    Article  Google Scholar 

  4. Shynu PG, Nadesh RK, Menon VG et al (2020) A secure data deduplication system for integrated cloud-edge networks. J Cloud Comput. https://doi.org/10.1186/s13677-020-00214-6

    Article  Google Scholar 

  5. Hesamifard E, Takabi H, Ghasemi M, Jones C (2017) Privacy-preserving machine learning in cloud. In: Proceedings of the 2017 on Cloud Computing Security Workshop, pp 39–43. https://doi.org/10.1145/3140649.3140655

  6. Zhou L, Zhu Y, Castiglione A (2017) Efficient k-NN query over encrypted data in cloud with limited key-disclosure and offline data owner. Comput Secur 69:84–96. https://doi.org/10.1016/j.cose.2016.11.013

    Article  Google Scholar 

  7. Kim H-J, Lee H, Kim Y-K, Chang J-W (2022) Privacy-preserving kNN query processing algorithms via secure two-party computation over encrypted database in cloud computing. J Supercomput. https://doi.org/10.1007/s11227-021-04286-2

    Article  Google Scholar 

  8. Rong H, Liu J, Wu W et al (2020) Toward fault-tolerant and secure frequent itemset mining outsourcing in hybrid cloud environment. Comput Secur. https://doi.org/10.1016/j.cose.2020.101969

    Article  Google Scholar 

  9. Song DX, Wagner D, Perrig A (2000) Practical techniques for searches on encrypted data. In: Proceeding of the 2000 IEEE Symposium on Security and Privacy (S&P 2000), pp 44–55. https://doi.org/10.1109/SECPRI.2000.848445

  10. Xu L, Weng C-Y, Yuan L-P et al (2018) A shareable keyword search over encrypted data in cloud computing. J Supercomput 74:1001–1023. https://doi.org/10.1007/s11227-015-1515-8

    Article  Google Scholar 

  11. Miao M, Wang J, Wen S, Ma J (2019) Publicly verifiable database scheme with efficient keyword search. Inf Sci (NY) 475:18–28. https://doi.org/10.1016/j.ins.2018.09.067

    Article  MATH  Google Scholar 

  12. Noroozi M, Eslami Z (2019) Public-key encryption with keyword search: a generic construction secure against online and offline keyword guessing attacks. J Ambient Intell Humaniz Comput 11:879–890. https://doi.org/10.1007/s12652-019-01254-w

    Article  Google Scholar 

  13. Hacigümüş H, Iyer B, Li C, Mehrotra S (2002) Executing SQL over encrypted data in the database-service-provider model. In: Proceedings of the 2002 ACM SIGMOD International Conference on Management of Data, pp 216–227. https://doi.org/10.1145/564691.564717

  14. Hore B, Mehrotra S, Tsudik G (2004) A privacy-preserving index for range queries. In: Proceedings of the Thirtieth International Conference on Very Large Data Bases-Volume 30, pp 720–731

  15. Mei Z, Zhu H, Cui Z et al (2018) Executing multi-dimensional range query efficiently and flexibly over outsourced ciphertexts in the cloud. Inf Sci (NY) 432:79–96. https://doi.org/10.1016/j.ins.2017.11.065

    Article  Google Scholar 

  16. Agrawal R, Kiernan J, Srikant R, Xu Y (2004) Order preserving encryption for numeric data. In: Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data, pp 563–574. https://doi.org/10.1145/1007568.1007632

  17. Popa RA, Li FH, Zeldovich N (2013) An ideal-security protocol for order-preserving encoding. In: Proceedings of the 2013 IEEE Symposium on Security and Privacy, pp 463–477. https://doi.org/10.1109/SP.2013.38

  18. Yang C, Zhang W, Yu N (2017) Semi-order preserving encryption. Inf Sci (NY) 387:266–279. https://doi.org/10.1016/j.ins.2016.12.025

    Article  MATH  Google Scholar 

  19. Paillier P (1999) Public-key cryptosystems based on composite degree residuosity classes. In: Stern J (eds) Advances in cryptology — EUROCRYPT ’99. Lecture notes in computer science, vol 1592, pp 223–238. https://doi.org/10.1007/3-540-48910-X_16

  20. Ding W, Yan Z, Deng RH (2017) Encrypted data processing with homomorphic re-encryption. Inf Sci (NY) 409–410:35–55. https://doi.org/10.1016/j.ins.2017.05.004

    Article  MATH  Google Scholar 

  21. Liu X, Choo K-KR, Deng RH et al (2018) Efficient and privacy-preserving outsourced calculation of rational numbers. IEEE Trans Dependable Secur Comput 15:27–39. https://doi.org/10.1109/tdsc.2016.2536601

    Article  Google Scholar 

  22. Gentry C (2009) Fully homomorphic encryption using ideal lattices. In: Proceedings of the 41st Annual ACM Symposium on Theory of Computing, pp 169–178. https://doi.org/10.1145/1536414.1536440

  23. Brakerski Z, Vaikuntanathan V (2011) Fully homomorphic encryption from Ring-LWE and security for key dependent messages. In: Rogaway P (eds) Advances in cryptology – CRYPTO 2011. Lecture notes in computer science, vol 6841, pp 505–524. https://doi.org/10.1007/978-3-642-22792-9_29

  24. Naehrig M, Lauter K, Vaikuntanathan V (2011) Can homomorphic encryption be practical? In: Proceedings of the 3rd ACM Workshop on Cloud Computing Security Workshop, pp 113–124. https://doi.org/10.1145/2046660.2046682

  25. Aggarwal G, Bawa M, Ganesan P, et al (2005) Two can keep a secret: a distributed architecture for secure database services. In: The Second Biennial Conference on Innovative Data Systems Research (CIDR 2005), Asilomar, California

  26. Mondal A, More Y, Ramachandran P, Panda P, Virk H, Gupta D (2022) Scotch: an efficient secure computation framework for secure aggregation. arXiv preprint. arXiv:2201.07730

  27. Li J, Makkonen O, Hollanti C, Gnilke OW (2022) Efficient recovery of a shared secret via cooperation: applications to SDMM and PIR. IEEE J Sel Areas Commun. https://doi.org/10.1109/jsac.2022.3142366

    Article  Google Scholar 

  28. Yu K, Tan L, Yang C et al (2021) A blockchain-based Shamir’s threshold cryptography scheme for data protection in industrial Internet of Things Settings. IEEE Internet Things J. https://doi.org/10.1109/jiot.2021.3125190

    Article  Google Scholar 

  29. Liu Y, Zhao Q (2018) E-voting scheme using secret sharing and K-anonymity. World Wide Web 22:1657–1667. https://doi.org/10.1007/s11280-018-0575-0

    Article  Google Scholar 

  30. Tejedor-Romero M, Orden D, Marsa-Maestre I et al (2021) Distributed remote E-voting system based on Shamir’s secret sharing scheme. Electronics. https://doi.org/10.3390/electronics10243075

    Article  Google Scholar 

  31. Framner E, Fischer-Hübner S, Lorünser T et al (2019) Making secret sharing based cloud storage usable. Inf Comput Secur 27:647–667. https://doi.org/10.1108/ics-01-2019-0016

    Article  Google Scholar 

  32. Shamir A (1979) How to share a secret. Commun ACM 22:612–613. https://doi.org/10.1145/359168.359176

    Article  MathSciNet  MATH  Google Scholar 

  33. Hadavi MA, Jalili R. Secure data outsourcing based on threshold secret sharing; towards a more practical solution. In: Proceedings of the Very Large Data Bases PhD Workshop 2010, pp 54–59

  34. Hadavi MA, Noferesti M, Jalili R, Damiani E (2012) Database as a service: towards a unified solution for security requirements. In: Proceedings of the 2012 IEEE 36th Annual Computer Software and Applications Conference Workshops, pp 415–420. https://doi.org/10.1109/COMPSACW.2012.79

  35. Tian X, Sha C, Wang X, Zhou A (2011) Privacy preserving query processing on secret share based data storage. In: Yu JX, Kim MH, Unland R (eds) Database systems for advanced applications. DASFAA 2011. Lecture notes in computer science, vol 6587, pp 108–122. https://doi.org/10.1007/978-3-642-20149-3_10

  36. Xiang T, Li X, Chen F et al (2016) Processing secure, verifiable and efficient SQL over outsourced database. Inf Sci (NY) 348:163–178. https://doi.org/10.1016/j.ins.2016.02.018

    Article  MathSciNet  MATH  Google Scholar 

  37. Agrawal D, El Abbadi A, Emekci F, Metwally A (2009) Database management as a service: challenges and opportunities. In: Proceedings of the 2009 IEEE 25th International Conference on Data Engineering, pp 1709–1716. https://doi.org/10.1109/ICDE.2009.151

  38. Agrawal D, El Abbadi A, Emekci F, Metwally A, Wang S (2011) Secure data management service on cloud computing infrastructures. In: Agrawal D, Candan KS, Li WS (eds) New Frontiers in Information and Software as Services. Lecture Notes in Business Information Processing, vol 74, pp 57–80. https://doi.org/10.1007/978-3-642-19294-4_3

  39. Emekci F, Methwally A, Agrawal D, El AA (2014) Dividing secrets to secure data outsourcing. Inf Sci (NY) 263:198–210. https://doi.org/10.1016/j.ins.2013.10.006

    Article  MathSciNet  MATH  Google Scholar 

  40. Hadavi MA, Damiani E, Jalili R, Cimato S, Ganjei Z (2013) AS5: A secure searchable secret sharing scheme for privacy preserving database outsourcing. In: Di Pietro R, Herranz J, Damiani E, State R (eds) Data privacy management and autonomous spontaneous security. DPM SETOP 2012. Lecture notes in computer science, vol 7731, pp 201–216. https://doi.org/10.1007/978-3-642-35890-6_15

  41. Hadavi MA, Jalili R, Damiani E, Cimato S (2015) Security and searchability in secret sharing-based data outsourcing. Int J Inf Secur 14:513–529. https://doi.org/10.1007/s10207-015-0277-x

    Article  Google Scholar 

  42. Ghasemi R (2019) Resolving a common vulnerability in secret sharing scheme–based data outsourcing schemes. Concurr Comput Pract Exp. https://doi.org/10.1002/cpe.5363

    Article  Google Scholar 

  43. Dautrich JL, Ravishankar CV (2012) Security limitations of using secret sharing for data outsourcing. In: Cuppens-Boulahia N, Cuppens F, Garcia-Alfaro J (eds) Data and applications security and privacy XXVI. DBSec 2012. Lecture notes in computer science, vol 7371, pp 145–160. https://doi.org/10.1007/978-3-642-31540-4_12

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Shiraz University, Shiraz, Iran

    Peyman Rahmani, Seyed Mostafa Fakhrahmad & Mohammad Taheri

Authors
  1. Peyman Rahmani
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Seyed Mostafa Fakhrahmad
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mohammad Taheri
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mohammad Taheri.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Rahmani, P., Fakhrahmad, S.M. & Taheri, M. New attacks on secret sharing-based data outsourcing: toward a resistant scheme. J Supercomput 78, 15749–15785 (2022). https://doi.org/10.1007/s11227-022-04467-7

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-022-04467-7

Keywords