Mersenne twister: a 623-dimensionally equidistributed uniform pseudo-random number generator
ACM Transactions on Modeling and Computer Simulation (TOMACS) - Special issue on uniform random number generation
Executing SQL over encrypted data in the database-service-provider model
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
Order preserving encryption for numeric data
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Order-Preserving Symmetric Encryption
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Order-preserving encryption revisited: improved security analysis and alternative solutions
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Secure multidimensional range queries over outsourced data
The VLDB Journal — The International Journal on Very Large Data Bases
An Ideal-Security Protocol for Order-Preserving Encoding
SP '13 Proceedings of the 2013 IEEE Symposium on Security and Privacy
Hi-index | 0.00 |
With the emergence of affordable cloud services, users are currently moving data to external services providers. Hence, they implicitly trust providers to not abuse or "lose" sensitive data. To protect this data in the context of cloud computing, the use of Order-Preserving Encryption (OPE) has been suggested to encrypt data while still allowing efficient queries. The reference approach builds on Order-Preserving Functions (OPFs) drawn uniformly at random: the so-called "ideal object". However, recent results question the suitability of this construction, as its security properties turn out to be poor. In this article, we investigate possible alternatives. For this, we introduce two descriptive metrics rating one-wayness-related properties of OPF construction schemes, i.e., the ability of an adversary to estimate the plaintext when given a ciphertext and possible extra information. Furthermore, we propose three novel approaches to draw OPFs and apply the introduced metrics to study their security features in relation to the "ideal object". The results visualize the extent of insecurity caused by using the "ideal object" and qualify the suitability of the alternative schemes under different threat scenarios.