RICERCA ITALIANA     

Research program

Cryptographic databases

University Co-ordinator

Università degli Studi di SALERNO - INFORMATICA ED APPLICAZIONI "R.M. CAPOCELLI" - ()

Research Unit Leader

Alfredo De Santis

Description

The research unit of Salerno (UNISA) will be involved in studying the issues related to the definition of cryptographic techniques offering the following functionalities:
- flexibility in accessing data for users with different access profiles;
- availability of tools allowing searching information in encrypted databases without leaking secret information.

More precisely, UNISA will be involved in several WPs, as a unit leader or in cooperation with the other units. In the following, we provide a detailed description of the contributions that UNISA will give to each WP.


-WP0: State of the art (Units: R: UNIBG, C: UNISA, UNIMI)
In this WP, UNISA will cooperate with the other research units in order to analyze the state of the art regarding cryptographic techniques for data protection and access control.
More precisely, the study will focus on PIR, Searchable Encryption and cryptographic key assignment schemes for access control in distributed databases.
The work of this WP will be distributed along the first year of the project and will produce a deliverable, which will be integrated with the ones produced by the other units, to fill in the final deliverable, produced by UNIBG.


-WP1: Cryptographic techniques for selective data retrieval (Units: R: UNISA, C: UNIMI)
This WP, for which UNISA is the leader unit, will focus on the design and the analysis of PIR and SE schemes.
Concerning with PIR schemes, we will study efficient protocols in terms of communication complexity in the unconditionally and computationally secure models, allowing information retrieval through keywords. Currently available PIR schemes assume that the user knows exactly the position of the item of information within the database. However, such an assumption, is not satisfied in several real-life applications. A single manuscript [CGN] has studied PIR schemes in which items are retrieved through keywords instead of using the knowledge of the physical position in the database.
Investigations will be conducted along two different research lines.
a) Layering: integration of existing PIR schemes with interfaces enabling the user to retrieve items through keywords. Such an approach has already been applied in [CGN] and it seems to be promising.
b) One-level protocols: design of schemes which use directly keywords to retrieve items privately. One-level protocols should be more efficient than layered schemes.
As regards to SE schemes, current solutions to the problem of searchable encryption allow the owner of the database to perform simple keyword searches, i.e., ``does keyword w belong to the database?''. Furthermore the owner may delegate some third party to perform the same type of query. In some cases the set of possible keywords should be known at the moment in which the database is created. In other words, the owner of the information cannot allow a third party to perform arbitrary queries to the database unless there is an interaction with the owner.
In this WP, we will address the following problems:
First of all, most of the current solutions are designed with the generic idea of searching in encrypted files. Although this idea can be easily cast into the one of searching in encrypted databases, we plan to fully explore the peculiarities of this application domain, e.g., the existence of indices, ``bounded'' size of the set of possible keywords, and so on, in order to provide better solutions to the problem.
Afterwards, we plan to consider the problem of delegation in a concrete way. We will study SE schemes that allow to delegate a user to perform keyword searches without the need of interaction with the owner of the information. A possible example may be the possibility to delegate a user to get access to the information for a given time period, e.g., in the case of a subscription to a service.
Finally, we will consider the problem of performing arbitrary searches. Indeed, in the context of databases, a query may be described by a boolean expression containing simple queries. Currently, the only way to perform such kind of queries is to execute all the simple queries and to compose their results locally. A more subtle problem is that the structure of the query might reveal information about the structure of the database that the owner might not be willing to disclose.
The work of this WP will be distributed along the lifetime of the project. At the end of every year, we will produce a deliverable with a detailed description of the results obtained.


-WP2: Cryptographic techniques for privileges control (Units: R: UNISA, C: UNIMI)
This WP, for which UNISA is the leader unit, will focus on the design and analysis of secure and efficient solutions to solve the access control problem in a scenario where a set of users is classified according to their access permissions. Such a research is motivated by the fact that many key assignment schemes proposed in the literature have been shown to be either inefficient or vulnerable to collusion attacks, whereby two or more users collude to compute a key to which they are not entitled.
The efficiency of a key assignment scheme is evaluated with respect to several parameters, such as the amount of secret information that each class has to store, the amount of public information, the computational effort for key derivation and the amount of work needed to refresh the keys after insertion of deletions of classes in the hierarchy. In particular, schemes with low memory requirements can be also used in a scenario where the entities have limited computational power or storage, such as smartcards, sensor networks, etc.
As regards to the security against collusion attacks, we plan to study two different kinds of key assignment schemes: unconditionally secure schemes and computationally secure ones. In an unconditionally secure scheme a coalition of users, even with unlimited computing power, has absolutely no information about the key assigned to a class which cannot be accessed by any user in the coalition. In a computationally secure scheme the security holds with respect of coalition of users with limited computing power. Such an approach, which is based on unproven specific computational assumptions, is the most used one for the design of key assignment schemes. Unfortunately, several computational key assignment scheme lack a rigorous security proof showing that if a coalition of users is able to compute the key of class to which they should not access, then it is also able to break the computational assumption on which the scheme is based.
During the research program, particular attention will be given to the problem of designing key assignment schemes which could be used in a scenario where a user may belong to a certain class according to temporal constraints. We remark that all time-bound key assignment schemes proposed in the literature have been shown to be insecure against collusive attacks carried out by users belonging to different classes in certain time periods.
The work of this WP will be distributed along the lifetime of the project. At the end of every year, we will produce a deliverable with a detailed description of the results obtained.


-WP3: Prototype of cryptographic services (Units: R: UNISA, C: UNIBG)
This WP, for which UNISA is the leader unit, aims at designing and developing a prototype implementation of the cryptographic techniques on which WP1 and WP2 have focused on, in order to get a solution allowing data protection and access control in real-life applications using distributed databases. The proposed implementation will be used by UNIBG in WP7, to realize a prototype of a DBMS with encrypted representation.
The work will be organized into the following phases:
-analysis of existing protocols (and protocols proposed in previous WPs), in order to identify the more suitable ones to be used in real-life applications;
-choice of the protocols to be implemented, according to the analysis performed in the previous phase;
-choice of a suitable development platform, to simplify the implementation task, by using already existing basic components;
-development of the prototype, using the web service technology and allowing users to access the database by means of mobile devices;
-test and performance evaluation of the developed prototype, in order to establish the effective usability of the functionalities in real-life applications.
The work of this WP will be distributed along the lifetime of the project. At the end of the first year, a description of the technical
specification of the prototype will be provided. At the end of the second year, we will provide the prototype along with its final technical specification.


-WP4: Access control models for encrypted databases (Units: R: UNIMI, C: UNISA, UNIBG)
In this WP, UNISA will cooperate with the other research units to study access control models for users with heterogeneous profiles. The goal will be to provide an in-depth understanding of the security requirements needed by applications developed for the paradigm "database as a service".
The work of this WP will be distributed along the lifetime of the project. At the end of every year, we will produce a deliverable with a detailed description of the results obtained.


-WP5: Models for evaluation of protection against inference attacks (Units: R: UNIMI, C: UNISA)
In this WP, UNISA will cooperate with UNIMI in order to study the issues concerning with secrecy leakage due to the public availability of the encrypted database (inference control).
The work of this WP will be distributed along the lifetime of the project. At the end of every year, we will produce a deliverable with a detailed description of the results obtained.


-WP7: Implementation of the DBMS prototype with encrypted representation (Units: R: UNIBG, C: UNISA)
In this WP, UNISA will cooperate with UNIBG to realize a prototype of a DBMS with encrypted representation. More precisely, the prototype will use the cryptographic functionalities developed and implemented by UNISA within WP3.
The work of this WP will be distributed along the lifetime of the project. At the end of every year, we will produce a deliverable with technical specifications of the realized prototype.


-WP8: Dissemination (Units: R: UNIBG, C: UNISA, UNIMI)
Knowledge dissemination of the results obtained during the project will take place in all WPs in which UNISA is involved, through paper and abstract submission to conferences and international journals.
Moreover, UNISA will participate with UNIBG and UNIMI at the organization of a workshop at the end of the project, in order to provide spread diffusion of the results obtained.