Collaborative Research: SaTC: CORE: Medium: The Next Generation of Leakage Attacks and Defenses for Encrypted Databases

协作研究：SaTC：核心：中：加密数据库的下一代泄漏攻击和防御

• 批准号: 2153768
• 负责人: Charalampos Papamanthou
• 金额: $ 40万
• 依托单位: Yale University
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-07-15 至 2025-06-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2153768&HistoricalAwards=false
• 关键词: Collaborative; Research; SaTC; CORE; Medium

growing number of works explore the area of encrypted databases as a practical approach to searching on encrypted data stored at a server. The client encrypts the data before uploading it to the server. The server is not given the decryption key, yet the server can execute searches on the encrypted data requested by the client and return the corresponding encrypted answers. An encrypted database efficiently achieves the above functionality by allowing some leakage about the original (plaintext) data that appears harmless but could be exploited by an attacker who attempts to reconstruct the original data by synthesizing leakage from the encrypted answers and encrypted queries over time. This project aims to develop the next generation of methods for building efficient encrypted databases and for analyzing their resilience to reconstruction attacks. To achieve this goal, it uses methods from algorithms, statistics, geometry, databases, and computer systems. Specific research activities include cryptanalysis of the leakage from encrypted databases with suppressed leakage as well as cryptanalysis and schemes for high-dimensional encrypted queries. Informed by the above research thrusts, this project will develop a principled analysis of defenses as well as a framework for quantifying the impact of leakage in the context of encrypted databases. Toward achieving broader impacts, this project includes curriculum development for computer security courses, efforts to include members of underrepresented groups in research activities, and outreach to industry and government audiences.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

越来越多的作品探索加密数据库领域作为搜索存储在服务器上的加密数据的实用方法。客户端在将数据上传到服务器之前对其进行加密。服务器没有得到解密密钥，但是服务器可以对客户端请求的加密数据执行搜索，并返回相应的加密答案。加密的数据库通过允许关于原始（明文）数据的一些泄漏来有效地实现上述功能，所述泄漏看起来是无害的，但是可能被攻击者利用，所述攻击者试图通过随时间合成来自加密的答案和加密的查询的泄漏来重建原始数据。该项目旨在开发下一代方法，用于构建高效的加密数据库并分析其对重建攻击的弹性。为了实现这一目标，它使用算法，统计，几何，数据库和计算机系统的方法。具体的研究活动包括加密数据库泄漏的密码分析，抑制泄漏以及高维加密查询的密码分析和方案。根据上述研究目标，该项目将开发防御的原则性分析以及量化加密数据库环境中泄漏影响的框架。为了实现更广泛的影响，该项目包括计算机安全课程的课程开发，努力将代表性不足的群体成员纳入研究活动，并与行业和政府受众进行外联。该奖项反映了NSF的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。