ABSTRACT
Recently there has been much interest in performing search queries over encrypted data to enable functionality while protecting sensitive data. One particularly efficient mechanism for executing such queries is order-preserving encryption/encoding (OPE) which results in ciphertexts that preserve the relative order of the underlying plaintexts thus allowing range and comparison queries to be performed directly on ciphertexts. Recently, Popa et al. (SP 2013) gave the first construction of an ideally-secure OPE scheme and Kerschbaum (CCS 2015) showed how to achieve the even stronger notion of frequency-hiding OPE. However, as Naveed et al. (CCS 2015) have recently demonstrated, these constructions remain vulnerable to several attacks. Additionally, all previous ideal OPE schemes (with or without frequency-hiding) either require a large round complexity of O(log n) rounds for each insertion, or a large persistent client storage of size O(n), where n is the number of items in the database. It is thus desirable to achieve a range query scheme addressing both issues gracefully. In this paper, we propose an alternative approach to range queries over encrypted data that is optimized to support insert-heavy workloads as are common in "big data" applications while still maintaining search functionality and achieving stronger security. Specifically, we propose a new primitive called partial order preserving encoding (POPE) that achieves ideal OPE security with frequency hiding and also leaves a sizable fraction of the data pairwise incomparable. Using only O(1) persistent and O(ne) non-persistent client storage for 0<e<1, our POPE scheme provides extremely fast batch insertion consisting of a single round, and efficient search with O(1) amortized cost for up to O(n(1-e)) search queries. This improved security and performance makes our scheme better suited for today's insert-heavy databases.
- California public employee payroll data, 2014. Source: Transparent California, http://transparentcalifornia.com/downloads/.Google Scholar
- Alok Aggarwal and Jeffrey Scott Vitter. The I/O complexity of sorting and related problems. In ICALP 1987, volume 267 of LNCS, pages 467--478. Springer Berlin Heidelberg, 1987. Google ScholarDigital Library
- Rakesh Agrawal, Jerry Kiernan, Ramakrishnan Srikant, and Yirong Xu. Order-preserving encryption for numeric data. In ACM SIGMOD 2014, pages 563--574, 2004. Google ScholarDigital Library
- Daniel Apon, Jonathan Katz, Elaine Shi, and Aishwarya Thiruvengadam. Verifiable oblivious storage. In PKC 2014, volume 8383 of LNCS, pages 131--148. Springer, Heidelberg, March 2014. Google ScholarDigital Library
- Lars Arge. The buffer tree: A technique for designing batched external data structures. Algorithmica, 37(1):1--24, 2003.Google ScholarDigital Library
- Michael Ben-Or, Shafi Goldwasser, and Avi Wigderson. Completeness theorems for non-cryptographic fault-tolerant distributed computation (extended abstract). In 20th ACM STOC, pages 1--10, 1988. Google ScholarDigital Library
- Alexandra Boldyreva, Nathan Chenette, Younho Lee, and Adam O'Neill. Order-preserving symmetric encryption. In EUROCRYPT 2009, pages 224--241, 2009.Google ScholarDigital Library
- Alexandra Boldyreva, Nathan Chenette, and Adam O'Neill. Order-preserving encryption revisited: Improved security analysis and alternative solutions. In CRYPTO 2011, pages 578--595, 2011. Google ScholarDigital Library
- Dan Boneh, Giovanni Di Crescenzo, Rafail Ostrovsky, and Giuseppe Persiano. Public key encryption with keyword search. In EUROCRYPT 2004, volume 3027 of LNCS, pages 506--522. Springer, Heidelberg, May 2004.Google ScholarCross Ref
- Dan Boneh, Kevin Lewi, Mariana Raykova, Amit Sahai, Mark Zhandry, and Joe Zimmerman. Semantically secure order-revealing encryption: Multi-input functional encryption without obfuscation. In EUROCRYPT 2015, Part II, volume 9057 of LNCS, pages 563--594. Springer, Heidelberg, April 2015.Google ScholarCross Ref
- Dan Boneh and Brent Waters. Conjunctive, subset, and range queries on encrypted data. In TCC 2007, pages 535--554, 2007. Google ScholarDigital Library
- Christoph Bösch, Pieter H. Hartel, Willem Jonker, and Andreas Peter. A survey of provably secure searchable encryption. ACM Comput. Surv., 47(2):18:1--18:51, 2014. Google ScholarDigital Library
- David Cash, Stanislaw Jarecki, Charanjit S. Jutla, Hugo Krawczyk, Marcel-Catalin Rosu, and Michael Steiner. Highly-scalable searchable symmetric encryption with support for boolean queries. In CRYPTO 2013, Part I, pages 353--373, 2013.Google ScholarCross Ref
- Fay Chang, Jeffrey Dean, Sanjay Ghemawat, Wilson C. Hsieh, Deborah A. Wallach, Michael Burrows, Tushar Chandra, Andrew Fikes, and Robert Gruber. Bigtable: A distributed storage system for structured data. In OSDI 2006, pages 205--218, 2006. Google ScholarDigital Library
- Nathan Chenette, Kevin Lewi, Stephen A. Weis, and David J. Wu. Practical order-revealing encryption with limited leakage. In FSE, pages 474--493. Springer, 2016.Google ScholarDigital Library
- Reza Curtmola, Juan A. Garay, Seny Kamara, and Rafail Ostrovsky. Searchable symmetric encryption: improved definitions and efficient constructions. In ACM CCS 06, pages 79--88, 2006. Google ScholarDigital Library
- Giuseppe DeCandia, Deniz Hastorun, Madan Jampani, Gunavardhan Kakulapati, Avinash Lakshman, Alex Pilchin, Swaminathan Sivasubramanian, Peter Vosshall, and Werner Vogels. Dynamo: Amazon's highly available key-value store. In SOSP 2007, pages 205--220, 2007. Google ScholarDigital Library
- Srinivas Devadas, Marten van Dijk, Christopher W. Fletcher, Ling Ren, Elaine Shi, and Daniel Wichs. Onion ORAM: A constant bandwidth blowup oblivious RAM. Theory of Cryptography Conference, TCC '16, 2016.Google ScholarCross Ref
- Sky Faber, Stanislaw Jarecki, Hugo Krawczyk, Quan Nguyen, Marcel-Catalin Rosu, and Michael Steiner. Rich queries on encrypted data: Beyond exact matches. In ESORICS 2015, Part II, volume 9327 of LNCS, pages 123--145. Springer, Heidelberg, September 2015.Google ScholarCross Ref
- Sanjam Garg, Craig Gentry, and Shai Halevi. Candidate multilinear maps from ideal lattices. In EUROCRYPT 2013, volume 7881 of LNCS, pages 1--17. Springer, Heidelberg, May 2013.Google ScholarCross Ref
- Sanjam Garg, Steve Lu, Rafail Ostrovsky, and Alessandra Scafuro. Garbled RAM from one-way functions. In 47th ACM STOC, pages 449--458. ACM Press, June 2015. Google ScholarDigital Library
- Craig Gentry. Fully homomorphic encryption using ideal lattices. In 41st ACM STOC, pages 169--178, 2009. Google ScholarDigital Library
- Eu-Jin Goh. Secure indexes. IACR Cryptology ePrint Archive, 2003:216, 2003.Google Scholar
- Oded Goldreich. Towards a theory of software protection and simulation by oblivious RAMs. In 19th ACM STOC, pages 182--194. ACM Press, May 1987. Google ScholarDigital Library
- Oded Goldreich, Silvio Micali, and Avi Wigderson. Proofs that yield nothing but their validity and a methodology of cryptographic protocol design (extended abstract). In 27th FOCS, 1986. Google ScholarDigital Library
- Michael T. Goodrich, Michael Mitzenmacher, Olga Ohrimenko, and Roberto Tamassia. Practical oblivious storage. In ACM CODASPY '12, pages 13--24, 2012. Google ScholarDigital Library
- Florian Hahn and Florian Kerschbaum. Searchable encryption with secure and efficient updates. In ACM CCS 14, pages 310--320, 2014. Google ScholarDigital Library
- C. A. R. Hoare. Algorithm 64: Quicksort. Commun. ACM, 4(7):321--, July 1961. Google ScholarDigital Library
- Florian Kerschbaum. Frequency-hiding order-preserving encryption. In ACM CCS 15, pages 656--667, 2015. Google ScholarDigital Library
- Florian Kerschbaum and Axel Schröpfer. Optimal average-complexity ideal-security order-preserving encryption. In ACM CCS 14, pages 275--286, 2014. Google ScholarDigital Library
- Rui Li, Alex X. Liu, Ann L. Wang, and Bezawada Bruhadeshwar. Fast range query processing with strong privacy protection for cloud computing. Proc. VLDB Endow., 7(14):1953--1964, October 2014. Google ScholarDigital Library
- Tarik Moataz, Travis Mayberry, and Erik-Oliver Blass. Constant communication ORAM with small blocksize. In ACM CCS 15, pages 862--873, 2015. Google ScholarDigital Library
- Muhammad Naveed, Seny Kamara, and Charles V. Wright. Inference attacks on property-preserving encrypted databases. In ACM CCS 15, 2015. Google ScholarDigital Library
- Vasilis Pappas, Fernando Krell, Binh Vo, Vladimir Kolesnikov, Tal Malkin, Seung Geol Choi, Wesley George, Angelos D. Keromytis, and Steve Bellovin. Blind Seer: A scalable private DBMS. In 2014 IEEE Symposium on Security and Privacy, pages 359--374, 2014. Google ScholarDigital Library
- Raluca A. Popa, Frank H. Li, and Nickolai Zeldovich. An ideal-security protocol for order-preserving encoding. In 2013 IEEE Symposium on Security and Privacy, pages 463--477, 2013. Google ScholarDigital Library
- Raluca A. Popa, Catherine M. S. Redfield, Nickolai Zeldovich, and Hari Balakrishnan. CryptDB: protecting confidentiality with encrypted query processing. In SOSP 2011, pages 85--100, 2011. Google ScholarDigital Library
- Elaine Shi, John Bethencourt, Hubert T.-H. Chan, Dawn Xiaodong Song, and Adrian Perrig. Multi-dimensional range query over encrypted data. In 2007 IEEE Symposium on Security and Privacy, pages 350--364, 2007. Google ScholarDigital Library
- Elaine Shi, T.-H. Hubert Chan, Emil Stefanov, and Mingfei Li. Oblivious RAM with o((łog n)<sup>3</sup>) worst-case cost. In ASIACRYPT 2011, volume 7073 of LNCS, pages 197--214. Springer, Heidelberg, December 2011. Google ScholarDigital Library
- Dawn Xiaodong Song, David Wagner, and Adrian Perrig. Practical techniques for searches on encrypted data. In 2000 IEEE Symposium on Security and Privacy, pages 44--55, 2000. Google ScholarDigital Library
- Emil Stefanov, Marten van Dijk, Elaine Shi, Christopher W. Fletcher, Ling Ren, Xiangyao Yu, and Srinivas Devadas. Path ORAM: an extremely simple oblivious RAM protocol. In ACM CCS 13, pages 299--310. ACM Press, November 2013. Google ScholarDigital Library
- The Apache Software Foundation. Accumulo. https://accumulo.apache.org/. Accessed: 2015-09--24.Google Scholar
- The Apache Software Foundation. Cassandra. https://cassandra.apache.org/. Accessed: 2015-09--24.Google Scholar
- The Apache Software Foundation. Hbase. http://hbase.apache.org/. Accessed: 2015-09--24.Google Scholar
- Xiao Wang, Hubert Chan, and Elaine Shi. Circuit ORAM: On tightness of the Goldreich-Ostrovsky lower bound. In ACM CCS 15, pages 850--861, 2015. Google ScholarDigital Library
- D. Westhoff, J. Girao, and M. Acharya. Concealed data aggregation for reverse multicast traffic in sensor networks: Encryption, key distribution, and routing adaptation. Mobile Computing, IEEE Transactions on, 5(10):1417--1431, Oct 2006. Google ScholarDigital Library
- Andrew Chi-Chih Yao. How to generate and exchange secrets (extended abstract). In 27th FOCS, pages 162--167, 1986. Google ScholarDigital Library
Index Terms
- POPE: Partial Order Preserving Encoding
Recommendations
Order-Revealing Encryption: New Constructions, Applications, and Lower Bounds
CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications SecurityIn the last few years, there has been significant interest in developing methods to search over encrypted data. In the case of range queries, a simple solution is to encrypt the contents of the database using an order-preserving encryption (OPE) scheme (...
A secure, fast insert and efficient search order preserving encryption scheme for outsourced databases
Order preserving encryption (OPE) schemes have been studied to a great extent in the cryptography literature because of their potential application to database design. For the first time, a scheme called mutable order preserving encoding (mOPE) is ...
Inference Attacks on Property-Preserving Encrypted Databases
CCS '15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications SecurityMany encrypted database (EDB) systems have been proposed in the last few years as cloud computing has grown in popularity and data breaches have increased. The state-of-the-art EDB systems for relational databases can handle SQL queries over encrypted ...
Comments