Showing papers by "Adam O'Neill published in 2009"
16 Apr 2009
TL;DR: The notion of order-preserving symmetric encryption (OPE) was introduced by Agrawal et al. as mentioned in this paper, who showed that a straightforward relaxation of standard security notions for encryption such as indistinguishability against chosen-plaintext attack (IND-CPA) is unachievable by a practical OPE scheme.
Abstract: We initiate the cryptographic study of order-preserving symmetric encryption (OPE), a primitive suggested in the database community by Agrawal et al. (SIGMOD '04) for allowing efficient range queries on encrypted data. Interestingly, we first show that a straightforward relaxation of standard security notions for encryption such as indistinguishability against chosen-plaintext attack (IND-CPA) is unachievable by a practical OPE scheme. Instead, we propose a security notion in the spirit of pseudorandom functions (PRFs) and related primitives asking that an OPE scheme look "as-random-as-possible" subject to the order-preserving constraint. We then design an efficient OPE scheme and prove its security under our notion based on pseudorandomness of an underlying blockcipher. Our construction is based on a natural relation we uncover between a random order-preserving function and the hypergeometric probability distribution. In particular, it makes black-box use of an efficient sampling algorithm for the latter.
858 citations
Patent•
30 Dec 2009TL;DR: In this paper, a modified secret key collection is used to decrypt a message and the decryption involves providing multiple partial operation results in separate respective steps, which can reduce leakage of meaningful information from cryptographic operations.
Abstract: A system is described for reducing leakage of meaningful information from cryptographic operations. The system uses a pairwise independent hash function to generate a modified secret key SK′ having individual components. The system forms a modified secret key collection that includes SK′ and its individual components. The system then uses the modified secret key collection to decrypt a message. The decryption involves providing multiple partial operation results in separate respective steps. Leakage of meaningful information is reduced due to difficulty in piecing together meaningful information from information leaked by the separate partial operations. In one example, the hash function has the form HK(r)=ar+b, where a, b, and r are selected values, such as random numbers. In another example, the hash function has the form HK(r)=Ar*B, where A, B, and r are selected values.
6 citations