Research On Ciphertext Retrieval And Statistics Method Based On CryptDB

After entering the information age,database services become more and more rich,data leak increases gradually and the security of the data receives widespread attention.Under this background,database encryption has become a kind of the most effective means to protect the privacy of data.However,database encryption ensures the safety of information storage,also has brought forth the data retrieval and statistics problems.In the database model,relational database has been the core of it because it has the advantages of supporting complex queries and convenient use.For encrypted relational databases,the data is no longer with the original order,comparability and computability properties,leading to encrypted data can't be done with normal retrieval and statistics calculations like plaintext.Retrieval and statistics are core functions of the database.Therefore,it's of great research significance how to ensure the security of data and at the same time effectively achieve retrieval and statistics for encrypted database.In this thesis,the most widely used relational database is used as the research object,the first practical encrypted database retrieval scheme,CryptDB,as the research foundation.And we improved the retrieval and extended the statistics based on CryptDB.We specifically did the following work.1.Retrieval scheme based on partition.After analysis in the relevant technology of CryptDB and its retrieval process,we addressed the existing security defects in equivalence and range retrieval and proposed a scheme with more advantages on resistance of attacks and efficiency based on bucket partition method.The scheme partitions each attribute value,so that only the RND layer of partition where the query data is located can be decrypted,thus to ensure the security of data for the remaining partitions.Furthermore,the scheme avoids the shortcomings of the whole column's privacy exposure because of the RND layer decryption.At the same time,it solves the problem of inefficiency caused by one time whole column decryption,and meets the design requirements of high efficiency and security.2.Design of statistics scheme for encrypted database.In the case of the statistical function of CryptDB is not perfect,we proposed a CryptDB-based encrypted database statistics framework.This thesis used mathematical transformation to convert the multiplication to addition,so that the ciphertext can be calculated by using an additive homomorphic encryption algorithm,and then the statistics of the encrypted database can be realized.Meanwhile,we designed a query assistant table for intermediate results and established the statistical function of database.Thus we realized retrieval and statistics on encrypted including average,variance and standard deviation.Based on the analysis of the efficiency and security of the improved retrieval scheme and statistics scheme,we concluded that the scheme has higher security and efficiency compared with CryptDB,and has certain feasibility and practical value.