Skip to Main content Skip to Navigation
Conference papers

Searchable Encryption to Reduce Encryption Degradation in Adjustably Encrypted Databases

Abstract : Processing queries on encrypted data protects sensitive data stored in cloud databases. CryptDB has introduced the approach of adjustable encryption for such processing. A database column is adjusted to the necessary level of encryption, e.g. order-preserving, for the set of executed queries, but never reversed. This has the drawback that long running cloud databases will eventually transform into only order-preserving encrypted databases. In this paper we propose searchable encryption as an alternative in order to reduce this encryption degradation. It maintains security while only marginally impacting performance when applied only to infrequently used queries for searching. We present a budget-based encryption selection algorithm as part of query planning for making the appropriate choice between searchable and deterministic or order-preserving encryption. We evaluate our algorithm on a long-tail distributed TPC-C benchmark on an experimental implementation of encrypted queries in an in-memory database. In one choice of parameters our algorithm incurs only a $$1.5\%$$ performance penalty, but one of 15 columns is not decrypted to order-preserving or deterministic encryption. Our selection algorithm is configurable, such that higher security gains are possible at the cost of performance.
Document type :
Conference papers
Complete list of metadata

Cited literature [30 references]  Display  Hide  Download
Contributor : Hal Ifip <>
Submitted on : Monday, January 15, 2018 - 2:07:14 PM
Last modification on : Monday, January 15, 2018 - 2:11:13 PM
Long-term archiving on: : Saturday, May 5, 2018 - 6:21:40 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Florian Kerschbaum, Martin Härterich. Searchable Encryption to Reduce Encryption Degradation in Adjustably Encrypted Databases. 31th IFIP Annual Conference on Data and Applications Security and Privacy (DBSEC), Jul 2017, Philadelphia, PA, United States. pp.325-336, ⟨10.1007/978-3-319-61176-1_18⟩. ⟨hal-01684354⟩



Record views


Files downloads