Privacy-Preserving SQL Database Driven by Searchable Encryption

Privacy-preserving database plays a crucial role in establishing an open, shared, and governed system amidst the evolution of national big data strategies and data market. Searchable encryption (SE), as a fundamental cryptographic technology for building privacy-preserving database, facilitates efficient searching of encrypted data without the need for decryption. Among various SE schemes, Attribute-Based Searchable Encryption (ABSE) provides advantages in access control, data authenticity, and retrieval efficiency. However, most existing ABSEs could not support the flexible query methods of SQL in relational databases, as well as fine-grained query policies. Moreover, most existing ABSEs are constructed under traditional algebraic structures, such as Bilinear Pairing, which are susceptible to quantum computing attacks. To address these challenges, this paper presents a novel privacy-preserving database architecture that can be adaptable to the SQL query language of relational databases. The architecture is divided into two parts: clients and cloud outsourcing services. All data are in a ciphertext form outside the clients, and data table in cloud privacy-preserving database consists of four kinds of fileds: public fields, encrypted index fields, encrypted data fields, and confidential fields. When a user initiates an SQL query, the Privacy-Preserving SQL Engine (PP-SQL Engine) can transform it into a private SQL language to perform the cryptographic retrieval on the encrypted index fields. More specifically, the query policy in SQL is transformed into several query credentials that are bound with the policy. Theses credentials are further used to retrieve the encrypted data fields in the database whose encrypted index fields match with the policy. The retrieved encrypted data fields can be decrypted at the client through the user’s private key for verifying the user’s identity. To provide the cryptographic support for the privacy-preserving database architecture, the Retrieval-Policy Attribute-Based Searchable Encryption (RP-ABSE) scheme is designed on the Key-Policy Attribute-Based Encryption (KP-ABE) framework. The security of this scheme is based on the hard problem over ideal lattice, i.e., the Short Integer Solution (SIS) and the Learning With Error (LWE). Moreover, the secure query policy is bound to the query credentials rather than the encrypted index fileds. It ensures that encrypted data can be cryptographically retrieved by different query policies, eliminating the need for updating the encrypted data even when the query policy undergoes changes. Simultaneously, the Small Policy Matrix (SPM) is introduced to optimize the generation of secure query policies and reduce cumulative errors in the process of index matching. Finally, this paper proves that the query credential satisfies unforgeability under the chosen policy attack, and the RP-ABSE satisfies semantic security under the chosen plaintext attack with policy and identity queries. Therefore, the privacy-preserving database architecture could provide an important technique support for the establishment of data market mechanisms and data governance systems.