A Privacy-Preserving Graph Encryption Scheme Based on Oblivious RAM

TL;DR

This paper introduces a new graph encryption scheme that combines oblivious RAM and trusted execution environments to enhance privacy by preventing access and query pattern leakage in encrypted graph data.

Contribution

It presents a novel encryption scheme that significantly improves privacy protections for graph data against pattern leakage, utilizing O-RAM and TEE techniques.

Findings

Effective in hiding access patterns during queries

Reduces information leakage about graph structure

Demonstrates practical efficiency in location navigation scenarios

Abstract

Graph encryption schemes play a crucial role in facilitating secure queries on encrypted graphs hosted on untrusted servers. With applications spanning navigation systems, network topology, and social networks, the need to safeguard sensitive data becomes paramount. Existing graph encryption methods, however, exhibit vulnerabilities by inadvertently revealing aspects of the graph structure and query patterns, posing threats to security and privacy. In response, we propose a novel graph encryption scheme designed to mitigate access pattern and query pattern leakage through the integration of oblivious RAM and trusted execution environment techniques, exemplified by a Trusted Execution Environment (TEE). Our solution establishes two key security objectives: (1) ensuring that adversaries, when presented with an encrypted graph, remain oblivious to any information regarding the underlying graph, and (2) achieving query indistinguishability by concealing access patterns. Additionally, we conducted experimentation to evaluate the efficiency of the proposed schemes when dealing with real-world location navigation services.