Abstract
Order-preserving encryption (OPE) that preserves the numerical ordering of plaintexts is one of the promising solutions of cloud security. In 2013, an ideally secure OPE, which reveals no additional information except for the order of underlying plaintexts, was proposed, along with the notion (mutable encryption) that ciphertexts can be changed. Unfortunately, even the ideally secure OPE can be vulnerable by inferring the underlying frequency of repeated plaintexts. To solve this problem, in 2015, Kerschbaum designed a frequency-hiding OPE (FH-OPE) scheme based on the notion of a randomized order under the strengthened security model. Later, Maffei et al. has shown that Kerschbaum’s model is imprecise, which means no such OPE scheme can exist. Moreover, they provided a new FH-OPE scheme under the corrected security model. However, their scheme requires the order information of all the encrypted plaintexts as an input; therefore, it causes relatively high overhead during encryption. In this work, we propose a more efficient FH-OPE based on Maffei et al.’ s security model and also present an improved update algorithm suitable for duplicate plaintexts.
Highlights
Cloud storage has become a common practice in recent years, but it still has privacy concerns with respect to the service provider hosting the data
Our contributions are as follows: (i) We propose a more practical FH-Order-preserving encryption (OPE) scheme compared with the previous schemes
We review the frequency-hiding OPE (FH-OPE) scheme of [17] in detail. e main idea is that the client maintains the randomized order Γ of all encrypted plaintexts and uses it as one of the inputs of the encryption algorithm
Summary
Cloud storage has become a common practice in recent years, but it still has privacy concerns with respect to the service provider hosting the data. E client encrypts plaintexts using a deterministic OPE algorithm and sends them to the server that maintains a search tree where ciphertexts are stored. When the client wants to perform range queries on the encrypted data, the server exploits the search tree They presented a notion of mutable encryption, which means that ciphertexts can be updated to achieve the IND-OCPA security. E scheme of [17] guarantees the IND-FA-OCPA security that has been revised to be feasible, but the client has to maintain the order information of all the encrypted plaintexts to date; this maintenance causes inefficiency in the client’s persistent storage and the encryption performance. It cannot guarantee to produce a perfectly balanced search tree when duplicate plaintexts are encrypted To overcome this problem, we propose an improved update algorithm. Designed assuming that there were no duplicate plaintexts. erefore, the algorithm cannot guarantee to produce a perfectly balanced tree when duplicate plaintexts are encrypted. e result quality of the update algorithm significantly impacts the overall performance; a new improved algorithm is needed
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
