Summary: ENKI

This is a summary of the paper “ENKI: Access Control for Encrypted Query Processing” by Hang et al. (SIGMOD 2015). All the information is based on my understanding of the paper and may contain inaccuracies.

Overview

ENKI allows the execution of SQL queries over encrypted data. It is based on CryptDB and uses the same model of layers of encryptions. The authors claim that this is the first work that supports queries over data encrypted with different keys.

The implementation is done by adding user-defined functions to a SAP HANA database, and the results of the experiments using the TCP-C benchmark show an average overhead of 36.98% for two users, increasing modestly for more complex scenarios.

Contributions

The contributions include an attribute-based access control scheme enforced by encryption. In addition, the authors introduce different techniques to support relational operations in multi user mode: query rewriting; privacy-preserving models for join, set difference and count distinct; and a post-processing phase on the client.

Limitations

ENKI assumes passive attackers, and does not protect against active ones. Furthermore, it does not cover attacks against clients.

The finest granularity for access control is at tuple level. As it is the case with CryptDB, the last encryption layer for items uses deterministic encryption.

Successful attacks to the application can learn the keys of logged in users, but offline users are not affected in this case.

Final Notes

I made a presentation about ENKI containing more details and examples, and made it available on SlideShare:

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s