Order-Preserving Symmetric Encryption
Alexandra Boldyreva,Nathan Chenette,Younho Lee,Adam O'Neill +3 more
- pp 224-241
TLDR
The notion of order-preserving symmetric encryption (OPE) was introduced by Agrawal et al. as mentioned in this paper, who showed that a straightforward relaxation of standard security notions for encryption such as indistinguishability against chosen-plaintext attack (IND-CPA) is unachievable by a practical OPE scheme.Abstract:
We initiate the cryptographic study of order-preserving symmetric encryption (OPE), a primitive suggested in the database community by Agrawal et al. (SIGMOD '04) for allowing efficient range queries on encrypted data. Interestingly, we first show that a straightforward relaxation of standard security notions for encryption such as indistinguishability against chosen-plaintext attack (IND-CPA) is unachievable by a practical OPE scheme. Instead, we propose a security notion in the spirit of pseudorandom functions (PRFs) and related primitives asking that an OPE scheme look "as-random-as-possible" subject to the order-preserving constraint. We then design an efficient OPE scheme and prove its security under our notion based on pseudorandomness of an underlying blockcipher. Our construction is based on a natural relation we uncover between a random order-preserving function and the hypergeometric probability distribution. In particular, it makes black-box use of an efficient sampling algorithm for the latter.read more
Citations
More filters
Proceedings ArticleDOI
CryptDB: protecting confidentiality with encrypted query processing
TL;DR: The evaluation shows that CryptDB has low overhead, reducing throughput by 14.5% for phpBB, a web forum application, and by 26% for queries from TPC-C, compared to unmodified MySQL.
Proceedings ArticleDOI
Secure Ranked Keyword Search over Encrypted Cloud Data
TL;DR: This paper defines and solves the problem of effective yet secure ranked keyword search over encrypted cloud data, and proposes a definition for ranked searchable symmetric encryption, and gives an efficient design by properly utilizing the existing cryptographic primitive, order-preserving asymmetric encryption (OPSE).
Journal ArticleDOI
Enabling Secure and Efficient Ranked Keyword Search over Outsourced Cloud Data
TL;DR: This paper defines and solves the problem of secure ranked keyword search over encrypted cloud data, and explores the statistical measure approach from information retrieval to build a secure searchable index, and develops a one-to-many order-preserving mapping technique to properly protect those sensitive score information.
Proceedings ArticleDOI
Inference Attacks on Property-Preserving Encrypted Databases
TL;DR: This paper presents a series of attacks that recover the plaintext from DTE- and OPE-encrypted database columns using only the encrypted column and publicly-available auxiliary information, and considers well-known attacks, including frequency analysis and sorting, as well as new attacks based on combinatorial optimization.
Proceedings ArticleDOI
An Ideal-Security Protocol for Order-Preserving Encoding
TL;DR: The first order-preserving scheme that achieves ideal security was proposed in this article, where the ciphertexts for a small number of plaintext values change over time, and it was shown that mutable ciphertext is needed for ideal security.
References
More filters
Journal ArticleDOI
How to construct random functions
TL;DR: In this paper, a constructive theory of randomness for functions, based on computational complexity, is developed, and a pseudorandom function generator is presented, which is a deterministic polynomial-time algorithm that transforms pairs (g, r), where g is any one-way function and r is a random k-bit string, to computable functions.
Book ChapterDOI
How to construct random functions
TL;DR: A constructive theory of randomness for functions, based on computational complexity, is developed, and a pseudorandom function generator is presented that has applications in cryptography, random constructions, and complexity theory.
Book ChapterDOI
Conjunctive, subset, and range queries on encrypted data
Dan Boneh,Brent Waters +1 more
TL;DR: This work constructs public-key systems that support comparison queries on encrypted data as well as more general queries such as subset queries (x∈ S) and supports arbitrary conjunctive queries without leaking information on individual conjuncts.
Proceedings ArticleDOI
Order preserving encryption for numeric data
TL;DR: This work presents an order-preserving encryption scheme for numeric data that allows any comparison operation to be directly applied on encrypted data, and is robust against estimation of the true value in such environments.
Posted Content
Conjunctive, Subset, and Range Queries on Encrypted Data.
Dan Boneh,Brent Waters +1 more
TL;DR: In this paper, a general framework for constructing and analyzing public-key systems supporting conjunctive queries on encrypted data has been presented, without leaking information on individual conjuncts.