KIT | KIT-Bibliothek | Impressum | Datenschutz

Side-Channel Attacks on Query-Based Data Anonymization

Boenisch, Franziska; Munz, Reinhard; Tiepelt, Marcel; Hanisch, Simon; Kuhn, Christiane; Francis, Paul

Abstract (englisch):
A longstanding problem in computer privacy is that of data anonymization. One common approach is to present a query interface to analysts, and anonymize on a query-by-query basis. In practice, this approach often uses a standard database back end, and presents the query semantics of the database to the analyst.

This paper presents a class of novel side-channel attacks that work against any query-based anonymization system that uses a standard database back end. The attacks exploit the implicit conditional logic of database runtime optimizations. They manipulate this logic to trigger timing and exception-throwing side-channels based on the contents of the data.

We demonstrate the attacks on the implementation of the CHORUS Differential Privacy system released by Uber as an open source project. We obtain perfect reconstruction of millions of data values even with a Differential Privacy budget smaller than epsilon = 1.0 and no prior knowledge.

The paper also presents the design of a general defense to the runtime-optimization attacks, and a concrete implementation of the defense in the latest version of Diffix. The defense works without modifications to the back end database, and operates by modifying SQL to eliminate the runtime optimization or disable the side-channels.
... mehr


Zugehörige Institution(en) am KIT Kompetenzzentrum für angewandte Sicherheitstechnologie (KASTEL)
Institut für Telematik (TM)
Publikationstyp Proceedingsbeitrag
Publikationsdatum 12.11.2021
Sprache Englisch
Identifikator ISBN: 978-1-4503-8454-4
KITopen-ID: 1000140317
Erschienen in CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, November 2021
Veranstaltung ACM SIGSAC Conference on Computer and Communications Security (CCS 2021), Online, 15.11.2021 – 19.11.2021
Verlag Association for Computing Machinery (ACM)
Seiten 1254–1265
Schlagwörter data management systems, query optimization, privacy-preserving protocols, untraceability, pseudonymity
Nachgewiesen in Scopus
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
KITopen Landing Page