Article Preview
Top1. Introduction
With the advent of the era of big data, as a convenient and efficient information carrier, the database has been widely used in various scenarios. However, some previously inconspicuous problems have become more and more prominent; among them, the security of private data storage is of the most significant concern. A security breach happened in the database of True Dialog in 2019, the American commercial SMS service provider, which led to the disclosure of millions of SMS messages1; Besides, a cross-platform database company MongoDB was attacked by Hacker groups who infiltrated 22,900 insecure databases, which accounted for almost 47% of all MongoDB databases, with a total economic loss of US$3.2 million in July 20202. Consequently, how to protect data privacy in various database applications has become a research hotspot in academia in recent years (Agrawal et al., 2001; Verykios et al., 2004; Agrawal et al., 2000; Zhao et al., 2020; Clifton et al., 2002; Zhang et al., 2005; Machanavajjhala et al., 2007; Xiao et al., 2006; Xiao et al., 2007; Nayyar, 2019; Raj, R. et al., 2020; Li, J. et al., 2021).
In different protection schemes for database privacy data (Verykios et al., 2004; Agrawal et al., 2000; Zhao et al., 2020), encrypting plaintext privacy data is very useful. However, after the plaintext data is encrypted, the original keywords may become different ciphertext information, and the correlation among the keywords is also destroyed. In this way, it is difficult for the query algorithm to work appropriately based on these keywords. What's more, it is also a challenging task to query the ciphertext data without decrypting it. As a result, a homomorphic encryption scheme emerged. Homomorphic encryption is used to encrypt user privacy data, and a series of operations such as deletion, update, and retrieval can be directly performed on the encrypted data.
Homomorphic encryption is a type of encryption method with unique natural properties. And this concept was first proposed by Rivest et al (1978) in the 1970s. Compared with standard encryption algorithms, homomorphic encryption can not only achieve basic encryption operations but also it can realize multiple calculation functions between ciphertexts. In other words, calculating first and then decrypting can be similar to decoding first and calculating. Compared with traditional encryption methods, homomorphic encryption technology can calculate multiple ciphertexts and then decrypt them. By using this, there is no need to decrypt each ciphertext and spend high computational costs. This article divides the homomorphic encryption technology in database privacy protection into three categories according to the type and number of ciphertext operations supported: Partial Homomorphic Encryption (PHE); Somewhat Homomorphic Encryption (SHE) and Fully Homomorphic Encryption (FHE). Additionally, the representative algorithms of each type are shown in Figure 1.
Figure 1. Types of homomorphic encryption
This paper reviewed the research on the application of homomorphic encryption in database privacy protection based on analyzing related domestic and foreign research, which provides a reference for future research. The structure of this paper is as follows: Section 1 introduces the research problems and objectives of this paper; Section 2 introduced the research progress of database privacy protection and homomorphic encryption technology, providing a general overview of the relevant reviews; Sections 3-5 analyzed and summarize the application of three homomorphic encryption technologies in database privacy protection respectively; Section 6 summarized the applications of various homomorphic encryption introduced in this article in database privacy protection, showing the direction to future research.