research-article

A comparative evaluation of order-revealing encryption schemes and secure range-query protocols

Authors:

Dmytro Bogatov,

George Kollios,

Leonid ReyzinAuthors Info & Claims

Proceedings of the VLDB Endowment, Volume 12, Issue 8

Pages 933 - 947

https://doi.org/10.14778/3324301.3324309

Published: 01 April 2019 Publication History

Abstract

Database query evaluation over encrypted data can allow database users to maintain the privacy of their data while outsourcing data processing. Order-Preserving Encryption (OPE) and Order-Revealing Encryption (ORE) were designed to enable efficient query execution, but provide only partial privacy. More private protocols, based on Searchable Symmetric Encryption (SSE), Oblivious RAM (ORAM) or custom encrypted data structures, have also been designed. In this paper, we develop a framework to provide the first comprehensive comparison among a number of range query protocols that ensure varying levels of privacy of user data. We evaluate five ORE-based and five generic range query protocols. We analyze and compare them both theoretically and experimentally and measure their performance over database indexing and query evaluation. We report not only execution time but also I/O performance, communication amount, and usage of cryptographic primitive operations. Our comparison reveals some interesting insights concerning the relative security and performance of these approaches in database settings.

References

[1]

R. Agrawal, J. Kiernan, R. Srikant, and Y. Xu. Order preserving encryption for numeric data. In Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data, SIGMOD '04, pages 563--574. ACM, 2004.

Digital Library

[2]

L. Arge. The buffer tree: a technique for designing batched external data structures. Algorithmica, 37(1):1--24, Sept. 2003.

Digital Library

[3]

R. Bayer and E. McCreight. Organization and maintenance of large ordered indices. In Proceedings of the 1970 ACM SIGFIDET (Now SIGMOD) Workshop on Data Description, Access and Control, SIGFIDET '70, pages 107--141. ACM, 1970.

Digital Library

[4]

V. Bindschaedler, P. Grubbs, D. Cash, T. Ristenpart, and V. Shmatikov. The tao of inference in privacy-protected databases. PVLDB, 11(11):1715--1728, 2018.

Digital Library

[5]

T. Boelter, R. Poddar, and R. A. Popa. A secure one-roundtrip index for range queries. IACR Cryptology ePrint Archive, 2016.

[6]

D. Bogatov. ORE Benchmark. https://github.com/dbogatov/ore-benchmark, 2018.

[7]

D. Bogatov. Interactive secure range queries simulations, 2019. https://ore.dbogatov.org/.

[8]

A. Boldyreva, N. Chenette, Y. Lee, and A. O'Neill. Order-preserving symmetric encryption. In Advances in Cryptology - EUROCRYPT 2009, pages 224--241. Springer Berlin Heidelberg, 2009.

[9]

A. Boldyreva, N. Chenette, and A. O'Neill. Order-preserving encryption revisited: improved security analysis and alternative solutions. In Advances in Cryptology - CRYPTO 2011, pages 578--595. Springer Berlin Heidelberg, 2011.

[10]

D. Boneh, K. Lewi, M. Raykova, A. Sahai, M. Zhandry, and J. Zimmerman. Semantically secure order-revealing encryption: multi-input functional encryption without obfuscation. In Advances in Cryptology - EUROCRYPT 2015, pages 563--594. Springer Berlin Heidelberg, 2015.

[11]

M. Bun and M. Zhandry. Order-revealing encryption and the hardness of private learning. In Theory of Cryptography, pages 176--206. Springer Berlin Heidelberg, 2016.

Digital Library

[12]

D. Cash, P. Grubbs, J. Perry, and T. Ristenpart. Leakage-abuse attacks against searchable encryption. In Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security, pages 668--679. ACM, 2015.

Digital Library

[13]

D. Cash, J. Jaeger, S. Jarecki, C. Jutla, H. Krawczyk, and M. Steiner. Dynamic searchable encryption in very-large databases: data structures and implementation. In In Network and Distributed System Security Symposium (NDSS '14, 2014.

[14]

D. Cash, S. Jarecki, C. Jutla, H. Krawczyk, M.-C. Rosu, and M. Steiner. Highly-scalable searchable symmetric encryption with support for boolean queries. In pages 353--373. Springer Berlin Heidelberg, 2013.

[15]

D. Cash, F.-H. Liu, A. O'Neill, M. Zhandry, and C. Zhang. Parameter-hiding order revealing encryption. In Advances in Cryptology - ASIACRYPT 2018, 2018. Forthcoming.

[16]

D. Cash, F.-H. Liu, A. O'Neill, and C. Zhang. Reducing the leakage in practical order-revealing encryption. Cryptology ePrint Archive, Report 2016/661, 2016.

[17]

Z. Chang, D. Xie, and F. Li. Oblivious RAM: a dissection and experimental evaluation. PVLDB, 9(12):1113--1124, 2016.

Digital Library

[18]

N. Chenette, K. Lewi, S. A. Weis, and D. J. Wu. Practical order-revealing encryption with limited leakage. In Fast Software Encryption, pages 474--493. Springer Berlin Heidelberg, 2016.

Digital Library

[19]

Ciphercloud. https://www.ciphercloud.com/.

[20]

I. Demertzis, S. Papadopoulos, O. Papapetrou, A. Deligiannakis, and M. Garofalakis. Practical private range search revisited. In pages 185--198. ACM, 2016.

[21]

I. Demertzis, S. Papadopoulos, O. Papapetrou, A. Deligiannakis, and M. N. Garofalakis. Practical private range search revisited. In Proceedings of the 2016 International Conference on Management of Data, pages 185--198, 2016.

Digital Library

[22]

F. B. Durak, T. M. DuBuisson, and D. Cash. What else is revealed by order-revealing encryption? In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pages 1155--1166. ACM, 2016.

Digital Library

[23]

Y. Elovici, R. Waisenberg, E. Shmueli, and E. Gudes. A structure preserving database encryption scheme. In Secure Data Management, pages 28--40. Springer Berlin Heidelberg, 2004.

[24]

J. Eom, D. H. Lee, and K. Lee. Multi-client order-revealing encryption. IEEE Access:45458--45472, 2018.

[25]

O. Goldreich and R. Ostrovsky. Software protection and simulation on oblivious RAMs. J. ACM, 43(3):431--473, May 1996.

Digital Library

[26]

P. Grubbs, T. Ristenpart, and V. Shmatikov. Why your encrypted database is not secure. In Proceedings of the 16th Workshop on Hot Topics in Operating Systems, pages 162--168. ACM, 2017.

Digital Library

[27]

P. Grubbs, K. Sekniqi, V. Bindschaedler, M. Naveed, and T. Ristenpart. Leakage-abuse attacks against order-revealing encryption. 2017 IEEE Symposium on Security and Privacy (SP):655--672, 2016.

[28]

H. Haagh, Y. Ji, C. Li, C. Orlandi, and Y. Song. Revealing encryption for partial ordering. In Cryptography and Coding, pages 3--22. Springer International Publishing, 2017.

[29]

V. T. Hoang and P. Rogaway. On generalized Feistel networks. In Proceedings of the 30th Annual Conference on Advances in Cryptology, pages 613--630. Springer-Verlag, 2010.

Digital Library

[30]

R. Housley. Using Advanced Encryption Standard (AES) Counter Mode With IPsec Encapsulating Security Payload (ESP). RFC 3686, Jan. 2004. url: https://tools.ietf.org/html/rfc3686.

Digital Library

[31]

M. S. Islam, M. Kuzu, and M. Kantarcioglu. Access pattern disclosure on searchable encryption: ramification, attack and mitigation. In 19th Annual Network and Distributed System Security Symposium, NDSS 2012, San Diego, California, USA, February 5--8, 2012, 2012.

[32]

M. S. Islam, M. Kuzu, and M. Kantarcioglu. Inference attack against encrypted range queries on outsourced databases. In Fourth ACM Conference on Data and Application Security and Privacy, CODASPY'14, San Antonio, TX, USA - March 03 - 05, 2014, pages 235--246, 2014.

Digital Library

[33]

J. Jannink. Implementing deletion in B+-trees. SIGMOD Rec., 24(1):33--38, Mar. 1995.

Digital Library

[34]

V. Kachitvichyanukul and B. Schmeiser. ALGORITHM 668: H2PEC: sampling from the hypergeometric distribution. 14:397--398, Dec. 1988.

Digital Library

[35]

H. Kadhem, T. Amagasa, and H. Kitagawa. MV-OPES: multivalued-order preserving encryption scheme: a novel scheme for encrypting integer value to many different values:2520--2533, 2010.

[36]

H. Kadhem, T. Amagasa, and H. Kitagawa. Optimization techniques for range queries in the multivalued-partial order preserving encryption scheme. In Knowledge Discovery, Knowledge Engineering and Knowledge Management, pages 338--353. Springer Berlin Heidelberg, 2013.

[37]

J. Katz and Y. Lindell. Introduction to Modern Cryptography. Chapman & Hall/CRC, second edition, 2014. ISBN: 9781466570269.

Digital Library

[38]

G. Kellaris, G. Kollios, K. Nissim, and A. O'Neill. Generic attacks on secure outsourced databases. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pages 1329--1340. ACM, 2016.

Digital Library

[39]

F. Kerschbaum. Frequency-hiding order-preserving encryption. In Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security, pages 656--667. ACM, 2015.

Digital Library

[40]

F. Kerschbaum and A. Schroepfer. Optimal average-complexity ideal-security order-preserving encryption. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pages 275--286. ACM, 2014.

Digital Library

[41]

F. Kerschbaum and A. Tueno. An efficiently searchable encrypted data structure for range queries. arXiv preprint arXiv:1709.09314, 2017.

[42]

A. Kiayias, S. Papadopoulos, N. Triandopoulos, and T. Zacharias. Delegatable pseudorandom functions and applications. In Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pages 669--684. ACM, 2013.

Digital Library

[43]

D. E. Knuth. Seminumerical algorithms, volume 2. Addison-Wesley, 3rd edition, 2016, pages 145--146.

[44]

M. Lacharite, B. Minaud, and K. G. Paterson. Improved reconstruction attacks on encrypted data using range query leakage. In 2018 IEEE Symposium on Security and Privacy (SP), pages 297--314, 2018.

[45]

K. G. Larsen and J. B. Nielsen. Yes, there is an oblivious RAM lower bound! In Advances in Cryptology - CRYPTO 2018, pages 523--542, 2018.

[46]

K. Lewi and D. J. Wu. Order-revealing encryption: new constructions, applications, and lower bounds. In pages 1167--1178. ACM, 2016.

[47]

D. Liu and S. Wang. Programmable order-preserving secure index for encrypted database query. In Proceedings - 2012 IEEE 5th International Conference on Cloud Computing, CLOUD 2012, pages 502--509, 2012.

Digital Library

[48]

D. Liu and S. Wang. Nonlinear order preserving index for encrypted database query in service cloud environments. Concurrency and Computation Practice and Experience:1967--1984.

[49]

Z. Liu, K.-K. R. Choo, and M. Zhao. Practical-oriented protocols for privacy-preserving outsourced big data analysis: challenges and future research directions. Computers & Security, 69:97--113, 2017.

[50]

B. Lynn. Pairings-based crypto (PBC). 2018. url: https://crypto.stanford.edu/pbc/ (visited on 08/15/2018).

[51]

M. Maffei, M. Reinert, and D. Schröder. On the security of frequency-hiding order-preserving encryption. In Proceedings of the International Conference on Cryptology and Network Security. Springer, 2017.

[52]

B. Morris, P. Rogaway, and T. Stegers. How to encipher messages on a small domain. 2009. (Visited on 02/12/2019). https://www.iacr.org/conferences/crypto2009/slides/p286-thorp.pdf.

Digital Library

[53]

M. Naveed, S. Kamara, and C. V. Wright. Inference attacks on property-preserving encrypted databases. In Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security, pages 644--655. ACM, 2015.

Digital Library

[54]

.NET Foundation. Benchmark.NET. https://github.com/dotnet/BenchmarkDotNet, 2018.

[55]

G. Özsoyoglu, D. A. Singer, and S. S. Chung. Anti-tamper databases: querying encrypted databases. In Data and Applications Security XVII: Status and Prospects, IFIP TC-11 WG 11.3 Seventeenth Annual Working Conference on Data and Application Security, August4--6, 2003, Estes Park, Colorado, USA, pages 133--146, 2003.

[56]

R. Popa, F. Li, and N. Zeldovich. An ideal-security protocol for order-preserving encoding. In IEEE Symposium on Security and Privacy, pages 463--477, 2013.

Digital Library

[57]

R. Popa, C. M. S. Redfield, N. Zeldovich, and H. Balakrishnan. CryptDB: protecting confidentiality with encrypted query processing. In Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, SOSP '11, pages 85--100. ACM, 2011.

Digital Library

[58]

D. S. Roche, D. Apon, S. G. Choi, and A. Yerukhimovich. POPE: partial order preserving encoding. In Proceedings ofthe 2016 ACM SIGSAC Conference on Computer and Communications Security, pages 1131--1142. ACM, 2016.

Digital Library

[59]

B. Schneier and J. Kelsey. Unbalanced Feistel networks and block cipher design. In Fast Software Encryption, pages 121--144. Springer Berlin Heidelberg, 1996.

[60]

Skyhigh networks. https://www.skyhighnetworks.com/.

[61]

E. Stefanov, M. v. Dijk, E. Shi, C. Fletcher, L. Ren, X. Yu, and S. Devadas. Path ORAM: an extremely simple oblivious RAM protocol. In Proceedings of the 2013 ACM SIGSAC Conference on Computer Communications Security, pages 299--310. ACM, 2013.

Digital Library

[62]

I. Teranishi, M. Yung, and T. Malkin. Order-preserving encryption secure beyond one-wayness. In Advances in Cryptology - ASIA CRYPT 2014, pages 42--61. Springer Berlin Heidelberg, 2014.

[63]

Transparent California. 2017 salaries for State of California, 2017. https://transparentcalifornia.com/salaries/2017/state-of-california/.

[64]

A. J. Walker. An efficient method for generating discrete random variables with general distributions. ACM Trans. Math. Softw., 3(3):253--256, Sept. 1977.

Digital Library

[65]

X. Wang and Y. Zhao. Order-revealing encryption: file-injection attack and forward security. In Computer Security, pages 101--121. Springer International Publishing, 2018.

[66]

S. Wozniak, M. Rossberg, S. Grau, A. Alshawish, and G. Schaefer. Beyond the ideal object: towards disclosure-resilient order-preserving encryption schemes. In Proceedings of the 2013 ACM Workshop on Cloud Computing Security Workshop, pages 89--100. ACM, 2013.

Digital Library

[67]

L. Xiao and I.-l. Yen. A note for the ideal order-preserving encryption object and generalized order-preserving encryption.

[68]

L. Xiao, I.-L. Yen, and D. T. Huynh. Extending order preserving encryption for multi-user systems. IACR Cryptology ePrint Archive:192, 2012.

Cited By

Peng CChen RWang YHe DHuang X(2024)Parameter-Hiding Order-Revealing Encryption Without PairingsPublic-Key Cryptography – PKC 202410.1007/978-3-031-57728-4_8(227-256)Online publication date: 15-Apr-2024
https://dl.acm.org/doi/10.1007/978-3-031-57728-4_8
Cao XLiu JShen YYe XRen K(2023)Frequency-Revealing Attacks against Frequency-Hiding Order-Preserving EncryptionProceedings of the VLDB Endowment10.14778/3611479.361151316:11(3124-3136)Online publication date: 24-Aug-2023
https://dl.acm.org/doi/10.14778/3611479.3611513
Han SChakraborty VGoodrich MMehrotra SSharma S(2023)Veil: A Storage and Communication Efficient Volume-Hiding AlgorithmProceedings of the ACM on Management of Data10.1145/36267591:4(1-27)Online publication date: 12-Dec-2023
https://dl.acm.org/doi/10.1145/3626759
Show More Cited By

Recommendations

Order-Revealing Encryption: New Constructions, Applications, and Lower Bounds
CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security

In the last few years, there has been significant interest in developing methods to search over encrypted data. In the case of range queries, a simple solution is to encrypt the contents of the database using an order-preserving encryption (OPE) scheme (...
Chosen-ciphertext secure bidirectional proxy re-encryption schemes without pairings

Proxy re-encryption (PRE) is a useful primitive that allows a semi-trusted proxy to transform a ciphertext encrypted under one key into an encryption of the same plaintext under another key. A PRE scheme is bidirectional if the proxy is able to ...
Chosen-ciphertext secure bidirectional proxy broadcast re-encryption schemes

A proxy re-encryption PRE scheme supports the delegation of decryption rights via a proxy, who makes the ciphertexts decryptable by the delegatee. However, how to structure a chosen-ciphertext secure proxy re-encryption scheme without pair is still an ...

Comments

Information & Contributors

Information

Published In

cover image Proceedings of the VLDB Endowment

Proceedings of the VLDB Endowment Volume 12, Issue 8

April 2019

112 pages

ISSN:2150-8097

Editors:
Lei Chen
HKUST
,
Fatma Özcan
IBM Research - Almaden

Issue’s Table of Contents

Publisher

VLDB Endowment

Publication History

Published: 01 April 2019

Published in PVLDB Volume 12, Issue 8

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
312
Total Downloads

Downloads (Last 12 months)30
Downloads (Last 6 weeks)0

Reflects downloads up to 14 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Peng CChen RWang YHe DHuang X(2024)Parameter-Hiding Order-Revealing Encryption Without PairingsPublic-Key Cryptography – PKC 202410.1007/978-3-031-57728-4_8(227-256)Online publication date: 15-Apr-2024
https://dl.acm.org/doi/10.1007/978-3-031-57728-4_8
Cao XLiu JShen YYe XRen K(2023)Frequency-Revealing Attacks against Frequency-Hiding Order-Preserving EncryptionProceedings of the VLDB Endowment10.14778/3611479.361151316:11(3124-3136)Online publication date: 24-Aug-2023
https://dl.acm.org/doi/10.14778/3611479.3611513
Han SChakraborty VGoodrich MMehrotra SSharma S(2023)Veil: A Storage and Communication Efficient Volume-Hiding AlgorithmProceedings of the ACM on Management of Data10.1145/36267591:4(1-27)Online publication date: 12-Dec-2023
https://dl.acm.org/doi/10.1145/3626759
Li YLiu WZhu YChen HCheng HChen THu PHuan R(2022)Privacy-Aware Fuzzy Range Query Processing Over Distributed Edge DevicesIEEE Transactions on Fuzzy Systems10.1109/TFUZZ.2021.305995230:5(1421-1435)Online publication date: 1-May-2022
https://dl.acm.org/doi/10.1109/TFUZZ.2021.3059952
Yang WLiu LLiu YFan LLu W(2022)Secure and efficient multi-dimensional range query algorithm over TMWSNsAd Hoc Networks10.1016/j.adhoc.2022.102820130:COnline publication date: 1-May-2022
https://dl.acm.org/doi/10.1016/j.adhoc.2022.102820
Li DLv SHuang YLiu YLi TLiu ZGuo L(2021)Frequency-hiding order-preserving encryption with small client storageProceedings of the VLDB Endowment10.14778/3484224.348422814:13(3295-3307)Online publication date: 28-Oct-2021
https://dl.acm.org/doi/10.14778/3484224.3484228
Bogatov DKellaris GKollios GNissim KO'Neill AKim YKim JVigna GShi E(2021)εpsolute: Efficiently Querying Databases While Providing Differential PrivacyProceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security10.1145/3460120.3484786(2262-2276)Online publication date: 12-Nov-2021
https://dl.acm.org/doi/10.1145/3460120.3484786

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents