Abstract
Order-preserving encryption (OPE) is a basic paradigm for the outsourced database where the order of plaintexts is kept in ciphertexts. OPE enables efficient order comparison execution while providing privacy protection. Unfortunately, almost all the previous OPE schemes either require numerous rounds of interactions or reveal more information about the encrypted database (e.g., the most significant bit). Order-revealing encryption (ORE) as a generalization is an encryption scheme where the order of plaintexts can be evaluated by running a comparison algorithm. Therefore, it is desirable to design an efficient ORE scheme which addresses above efficiency and security issues. In this paper, we propose a noninteractive ORE scheme from prefix encoding and Bloom filter techniques. The proposed scheme is an encryption scheme where a cloud service provider cannot evaluate the order of plaintexts until a comparison token is provided. The security analysis illustrates that our scheme achieves ideal security with frequency hiding. Furthermore, we illustrate a secure range query scheme through designing an encrypted tree structure named PORE tree from the above ORE scheme. The PORE tree reveals the order between different nodes and leaves encrypted data items in the same node incomparable even after query execution. Finally, the experimental evaluation shows the high efficiency of the proposed ORE scheme and range query scheme.
Highlights
Order-preserving encryption (OPE) is a basic paradigm for the outsourced database where the order of plaintexts is kept in ciphertexts
We propose a noninteractive Order-revealing encryption (ORE) scheme from prefix encoding and Bloom filter techniques. e proposed scheme is an encryption scheme where a cloud service provider cannot evaluate the order of plaintexts until a comparison token is provided. e security analysis illustrates that our scheme achieves ideal security with frequency hiding
We focus on the construction of the order-revealing encryption scheme over the encrypted database system in cloud computing. e main contributions are as follows: (i) We introduce a noninteractive ORE scheme over the encrypted database by leveraging Bloom filter and prefix encoding technologies. e security analysis demonstrates that our ORE scheme achieves ideal security and hides frequency information of data items
Summary
We provide some preliminaries and definitions for the design of the ORE scheme and secure range query scheme. To test whether an element w belongs to a set S, we compute its hash functions and check whether the indicated cells of set S are all 1. If all these corresponding cells are 1, w is an element of set S with allowable errors. W does not belong to the set S. e allowable error is called as false positive which satisfies Pf (1 − e− ((km)/n))k It reaches its minimum value 2− k when r ln 2 ∗ (n/m), where n is the size of the Bloom filter, k is the number of hash functions, and m denotes the number of elements in Bloom filter BF. Prefix encoding technique converts the testing of whether an element d falls into a range [a, b] to the testing of whether two sets have common elements [42]. e details are demonstrated as follows
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
