Driven by the cloud-first initiative taken by various governments and companies, it has become a common practice to outsource spatial data to cloud servers for a wide range of applications such as location-based services and geographic information systems. Searchable encryption is a common practice for outsourcing spatial data which enables search over encrypted data by sacrificing the full security via leaking some information about the queries to the server. However, these inherent leakages could equip the server to learn beyond what is considered in the scheme, in the worst-case allowing it to reconstruct of the database. Recently, a novel form of database reconstruction attack against such kind of outsourced spatial data was introduced (Markatou and Tamassia, IACR ePrint 2020/284), which is performed using common leakages of searchable encryption schemes, i.e., access and search pattern leakages. An access pattern leakage is utilized to achieve an order reconstruction attack, whereas both access and search pattern leakages are exploited for the full database reconstruction attack. In this paper, we propose two novel schemes for outsourcing encrypted spatial data supporting dynamic range search. Our proposed schemes leverage R+tree to partition the dataset and binary secret sharing to support secure range search. They further provide backward and content privacy and do not leak the access pattern, therefore being resilient against the above mentioned database reconstruction attacks. The evaluations and results on the real-world dataset demonstrate the practicality of our schemes, due to (a) the minimal round-trip between the client and server, and (b) the low computation and storage overhead on the client side.
P.K.Agarwal, J.Ericksonet al., Geometric range searching and its relatives, Contemporary Mathematics223 (1999), 1–56. doi:10.1090/conm/223/03131.
2.
R.Agrawal, J.Kiernan, R.Srikant and Y.Xu, Order preserving encryption for numeric data, in: Proceedings of the 2004 ACM SIGMOD, ACM, 2004, pp. 563–574.
3.
D.Beaver, Commodity-based cryptography (extended abstract), in: Proceedings of the Twenty-Ninth Annual ACM Symposium on the Theory of Computing, El Paso, Texas, USA, May 4–6, 1997, 1997, pp. 446–455.
4.
R.Bost, : Forward secure searchable encryption, in: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, ACM, 2016, pp. 1143–1154. doi:10.1145/2976749.2978303.
5.
R.Bost, B.Minaud and O.Ohrimenko, Forward and backward private searchable encryption from constrained cryptographic primitives, in: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, ACM, 2017, pp. 1465–1482. doi:10.1145/3133956.3133980.
6.
M.D.Cock, R.Dowsley, C.Horst, R.Katti, A.Nascimento, W.-S.Poon and S.Truex, Efficient and private scoring of decision trees, support vector machines and logistic regression models based on pre-computation, IEEE TDSC16(2) (2019), 217–230.
7.
R.Dowsley, Cryptography Based on Correlated Data: Foundations and Practice, PhD thesis, Karlsruhe Institute of Technology, Germany, 2016.
8.
F.B.Durak, T.M.DuBuisson and D.Cash, What else is revealed by order-revealing encryption? in: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, ACM, 2016, pp. 1155–1166. doi:10.1145/2976749.2978379.
J.Garay, B.Schoenmakers and J.Villegas, Practical and secure solutions for integer comparison, in: International Workshop on Public Key Cryptography, Springer, 2007, pp. 330–342.
11.
P.Grubbs, M.Lacharité, B.Minaud and K.G.Paterson, Learning to reconstruct: Statistical learning theory and encrypted database attacks, in: 2019 IEEE Symposium on Security and Privacy, 2019, pp. 1067–1083. doi:10.1109/SP.2019.00030.
12.
R.Guo, B.Qin, Y.Wu, R.Liu, H.Chen and C.Li, Mixgeo: Efficient secure range queries on encrypted dense spatial data in the cloud, in: Proceedings of the International Symposium on Quality of Service, 2019, pp. 1–10.
13.
A.Guttman R-trees, A dynamic index structure for spatial searching, in: Proceedings of the 1984 ACM SIGMOD International Conference on Management of Data, SIGMOD ’84, ACM, New York, NY, USA, 1984, pp. 47–57. doi:10.1145/602259.602266.
14.
S.Hoogh de, Design of large scale applications of secure multiparty computation: Secure linear programming, PhD thesis, Department of Mathematics and Computer Science, 2012.
15.
A.L.Ji, A.J.Rubin, K.Thrane, S.Jiang, D.L.Reynolds, R.M.Meyers, M.G.Guo, B.M.George, A.Mollbrink, J.Bergenstråhleet al., Multimodal analysis of composition and spatial architecture in human squamous cell carcinoma, Cell182(2) (2020), 497–514. doi:10.1016/j.cell.2020.05.039.
16.
S.Kasra-Kermanshahi, R.Dowsley, R.Steinfeld, A.Sakzad, J.K.Liu, S.Nepal and X.Yi.Geo-drs, Geometric dynamic range search on spatial data with backward and content privacy, in: Computer Security – ESORICS 2021, E.Bertino, H.Shulman and M.Waidner, eds, Cham, 2021, pp. 24–43. doi:10.1007/978-3-030-88428-4_2.
17.
G.Kellaris, G.Kollios, K.Nissim and A.O’neill, Generic attacks on secure outsourced databases, in: Proceedings of the 2016 ACM SIGSAC, ACM, 2016, pp. 1329–1340.
18.
S.K.Kermanshahi, S.-F.Sun, J.K.Liu, R.Steinfeld, S.Nepal, W.F.Lau and M.Au, Geometric range search on encrypted data with forward/backward security, IEEE Transactions on Dependable and Secure Computing (2020), 1–20.
19.
E.M.Kornaropoulos, C.Papamanthou and R.Tamassia, Data recovery on encrypted databases with k-nearest neighbor query leakage, in: 2019 IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May 19–23, 2019, 2019, pp. 1033–1050. doi:10.1109/SP.2019.00015.
20.
M.-S.Lacharité, B.Minaud and K.G.Paterson, Improved reconstruction attacks on encrypted data using range query leakage, in: 2018 IEEE Symposium on Security and Privacy (SP), IEEE, 2018, pp. 297–314. doi:10.1109/SP.2018.00002.
21.
X.Li, Y.Zhu, J.Wang and J.Zhang, Efficient and secure multi-dimensional geometric range query over encrypted data in cloud, Journal of Parallel and Distributed Computing131 (2019), 44–54. doi:10.1016/j.jpdc.2019.04.015.
22.
Y.Luo, S.Fu, D.Wang, M.Xu and X.Jia, Efficient and generalized geometric range search on encrypted spatial data in the cloud, in: 2017 IEEE/ACM 25th International Symposium on Quality of Service (IWQoS), IEEE, 2017, pp. 1–10.
23.
E.A.Markatou and R.Tamassia, Database reconstruction attacks in two dimensions, Cryptology ePrint Archive, Report 2020/284, 2020.
G.M.Morton, A computer oriented geodetic data base and a new technique in file sequencing, Technical report, IBM, 1966.
26.
M.Naveed, S.Kamara and C.V.Wright, Inference attacks on property-preserving encrypted databases, in: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, ACM, 2015, pp. 644–655. doi:10.1145/2810103.2813651.
27.
Y.Pan, A.Efrat, M.Li, B.Wang, H.Quan, J.Mitchell, J.Gao and E.Arkin, Data inference from encrypted databases: A multi-dimensional order-preserving matching approach, 2020, arXiv:2001.08773.
28.
T.Sellis, N.Roussopoulos and C.Faloutsos, The r+-tree: A dynamic index for multi-dimensional objects, Technical report, University of Maryland, 1987.
29.
E.Shen, E.Shi and B.Waters, Predicate privacy in encryption systems, in: Theory of Cryptography, 6th Theory of Cryptography Conference, TCC 2009. Proceedings, San Francisco, CA, USA, March 15–17, 2009, 2009, pp. 457–473.
30.
B.Wang, M.Li and L.X.Fastgeo, Efficient geometric range queries on encrypted spatial data, IEEE TDSC16(2) (2019), 245–258.
31.
B.Wang, M.Li and H.Wang, Geometric range search on encrypted spatial data, IEEE Transactions on Information Forensics and Security11(4) (2016), 704–719.
32.
B.Wang, M.Li, H.Wang and H.Li, Circular range search on encrypted spatial data, in: 2015 IEEE CNS, IEEE, 2015, pp. 182–190.
33.
W.K.Wong, D.W.-l.Cheung, B.Kao and N.Mamoulis, Secure knn computation on encrypted databases, in: Proceedings of the 2009 ACM SIGMOD International Conference on Management of Data, 2009, pp. 139–152. doi:10.1145/1559845.1559862.
34.
G.Xu, H.Li, Y.Dai, K.Yang and X.Lin, Enabling efficient and geometric range query with access control over encrypted spatial data, IEEE Transactions on Information Forensics and Security14(4) (2019), 870–885. doi:10.1109/TIFS.2018.2868162.
35.
Z.Zheng, J.Shen and Z.Cao, Practical and secure circular range search on private spatial data, Cryptology ePrint Archive, Report 2020/242, 2020.
36.
H.Zhu, R.Lu, C.Huang, L.Chen and H.Li, An efficient privacy-preserving location-based services query scheme in outsourced cloud, IEEE Transactions on Vehicular Technology65(9) (2015), 7729–7739. doi:10.1109/TVT.2015.2499791.
