eprint.iacr.org will be offline for approximately an hour for routine maintenance at 11pm UTC on Tuesday, April 16. We lost some data between April 12 and April 14, and some authors have been notified that they need to resubmit their papers.

Paper 2015/1106

POPE: Partial Order Preserving Encoding

Daniel S. Roche, Daniel Apon, Seung Geol Choi, and Arkady Yerukhimovich

Abstract

Recently there has been much interest in performing search queries over encrypted data to enable functionality while protecting sensitive data. One particularly efficient mechanism for executing such queries is order-preserving encryption/encoding (OPE) which results in ciphertexts that preserve the relative order of the underlying plaintexts thus allowing range and comparison queries to be performed directly on ciphertexts. Recently, Popa et al. (S&P 2013) gave the first construction of an ideally-secure OPE scheme and Kerschbaum (CCS 2015) showed how to achieve the even stronger notion of frequency-hiding OPE. However, as Naveed et al. (CCS 2015) have recently demonstrated, these constructions remain vulnerable to several attacks. Additionally, all previous ideal OPE schemes (with or without frequency-hiding) either require a large round complexity of O(log n) rounds for each insertion, or a large persistent client storage of size O(n), where n is the number of items in the database. It is thus desirable to achieve a range query scheme addressing both issues gracefully. In this paper, we propose an alternative approach to range queries over encrypted data that is optimized to support insert-heavy workloads as are common in "big data" applications while still maintaining search functionality and achieving stronger security. Specifically, we propose a new primitive called partial order preserving encoding (POPE) that achieves ideal OPE security with frequency hiding and also leaves a sizable fraction of the data pairwise incomparable. Using only O(1) persistent and $O(n^\epsilon)$ non-persistent client storage for $0 < \epsilon < 1$, our POPE scheme provides extremely fast batch insertion consisting of a single round, and efficient search with O(1) amortized cost for up to $O(n^{1-\epsilon})$ search queries. This improved security and performance makes our scheme better suited for today's insert-heavy databases.

Note: Added citations

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. ACM CCS 2016
DOI
10.1145/2976749.2978345
Keywords
order-preserving encodingorder-preserving encryptionpartial order-preserving encodingoblivious RAMoblivious storage
Contact author(s)
roche @ usna edu
History
2016-10-13: last of 4 revisions
2015-11-18: received
See all versions
Short URL
https://ia.cr/2015/1106
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2015/1106,
      author = {Daniel S.  Roche and Daniel Apon and Seung Geol Choi and Arkady Yerukhimovich},
      title = {POPE: Partial Order Preserving Encoding},
      howpublished = {Cryptology ePrint Archive, Paper 2015/1106},
      year = {2015},
      doi = {10.1145/2976749.2978345},
      note = {\url{https://eprint.iacr.org/2015/1106}},
      url = {https://eprint.iacr.org/2015/1106}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.