Privacy-Preserving Secret Shared Computations using MapReduce

TL;DR

This paper introduces algorithms for privacy-preserving data outsourcing and SQL query execution using secret sharing and MapReduce, ensuring data and query privacy in untrusted cloud environments.

Contribution

It presents novel algorithms that enable secure SQL query processing over outsourced data without revealing database contents or queries, using secret sharing within MapReduce.

Findings

Algorithms prevent knowledge of database and queries by adversaries

Efficient in terms of communication rounds and bit flow

Database owner does not learn the queries

Abstract

Data outsourcing allows data owners to keep their data at \emph{untrusted} clouds that do not ensure the privacy of data and/or computations. One useful framework for fault-tolerant data processing in a distributed fashion is MapReduce, which was developed for \emph{trusted} private clouds. This paper presents algorithms for data outsourcing based on Shamir's secret-sharing scheme and for executing privacy-preserving SQL queries such as count, selection including range selection, projection, and join while using MapReduce as an underlying programming model. Our proposed algorithms prevent an adversary from knowing the database or the query while also preventing output-size and access-pattern attacks. Interestingly, our algorithms do not involve the database owner, which only creates and distributes secret-shares once, in answering any query, and hence, the database owner also cannot learn the query. Logically and experimentally, we evaluate the efficiency of the algorithms on the following parameters: (\textit{i}) the number of communication rounds (between a user and a server), (\textit{ii}) the total amount of bit flow (between a user and a server), and (\textit{iii}) the computational load at the user and the server.\B