Order-preserving symmetric encryption

Alexandra Boldyreva; Nathan Chenette; Younho Lee; Adam O'Neill

doi:10.1007/978-3-642-01001-9_13

Order-preserving symmetric encryption

Alexandra Boldyreva, Nathan Chenette, Younho Lee, Adam O'Neill

Dept. of Industrial Engineering

Georgia Institute of Technology

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

691 Scopus citations

Abstract

We initiate the cryptographic study of order-preserving symmetric encryption (OPE), a primitive suggested in the database community by Agrawal et al. (SIGMOD '04) for allowing efficient range queries on encrypted data. Interestingly, we first show that a straightforward relaxation of standard security notions for encryption such as indistinguishability against chosen-plaintext attack (IND-CPA) is unachievable by a practical OPE scheme. Instead, we propose a security notion in the spirit of pseudorandom functions (PRFs) and related primitives asking that an OPE scheme look "as-random-as-possible" subject to the orderpreserving constraint. We then design an efficient OPE scheme and prove its security under our notion based on pseudorandomness of an underlying blockcipher. Our construction is based on a natural relation we uncover between a random order-preserving function and the hypergeometric probability distribution. In particular, it makes black-box use of an efficient sampling algorithm for the latter.

Original language	English
Title of host publication	Advances in Cryptology - EUROCRYPT 2009 - 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings
Pages	224-241
Number of pages	18
DOIs	https://doi.org/10.1007/978-3-642-01001-9_13
State	Published - 2009
Event	28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2009 - Cologne, Germany Duration: 26 Apr 2009 → 30 Apr 2009

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	5479 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2009
Country/Territory	Germany
City	Cologne
Period	26/04/09 → 30/04/09

Access to Document

10.1007/978-3-642-01001-9_13

Cite this

Boldyreva, A., Chenette, N., Lee, Y., & O'Neill, A. (2009). Order-preserving symmetric encryption. In Advances in Cryptology - EUROCRYPT 2009 - 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings (pp. 224-241). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5479 LNCS). https://doi.org/10.1007/978-3-642-01001-9_13

Boldyreva, Alexandra ; Chenette, Nathan ; Lee, Younho et al. / Order-preserving symmetric encryption. Advances in Cryptology - EUROCRYPT 2009 - 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings. 2009. pp. 224-241 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{ab153772a8a24f21b3036435843c35e1,

title = "Order-preserving symmetric encryption",

abstract = "We initiate the cryptographic study of order-preserving symmetric encryption (OPE), a primitive suggested in the database community by Agrawal et al. (SIGMOD '04) for allowing efficient range queries on encrypted data. Interestingly, we first show that a straightforward relaxation of standard security notions for encryption such as indistinguishability against chosen-plaintext attack (IND-CPA) is unachievable by a practical OPE scheme. Instead, we propose a security notion in the spirit of pseudorandom functions (PRFs) and related primitives asking that an OPE scheme look {"}as-random-as-possible{"} subject to the orderpreserving constraint. We then design an efficient OPE scheme and prove its security under our notion based on pseudorandomness of an underlying blockcipher. Our construction is based on a natural relation we uncover between a random order-preserving function and the hypergeometric probability distribution. In particular, it makes black-box use of an efficient sampling algorithm for the latter.",

author = "Alexandra Boldyreva and Nathan Chenette and Younho Lee and Adam O'Neill",

year = "2009",

doi = "10.1007/978-3-642-01001-9\_13",

language = "English",

isbn = "3642010008",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "224--241",

booktitle = "Advances in Cryptology - EUROCRYPT 2009 - 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings",

note = "28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2009 ; Conference date: 26-04-2009 Through 30-04-2009",

}

Boldyreva, A, Chenette, N, Lee, Y & O'Neill, A 2009, Order-preserving symmetric encryption. in Advances in Cryptology - EUROCRYPT 2009 - 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 5479 LNCS, pp. 224-241, 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2009, Cologne, Germany, 26/04/09. https://doi.org/10.1007/978-3-642-01001-9_13

Order-preserving symmetric encryption. / Boldyreva, Alexandra; Chenette, Nathan; Lee, Younho et al.
Advances in Cryptology - EUROCRYPT 2009 - 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings. 2009. p. 224-241 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5479 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Order-preserving symmetric encryption

AU - Boldyreva, Alexandra

AU - Chenette, Nathan

AU - Lee, Younho

AU - O'Neill, Adam

PY - 2009

Y1 - 2009

N2 - We initiate the cryptographic study of order-preserving symmetric encryption (OPE), a primitive suggested in the database community by Agrawal et al. (SIGMOD '04) for allowing efficient range queries on encrypted data. Interestingly, we first show that a straightforward relaxation of standard security notions for encryption such as indistinguishability against chosen-plaintext attack (IND-CPA) is unachievable by a practical OPE scheme. Instead, we propose a security notion in the spirit of pseudorandom functions (PRFs) and related primitives asking that an OPE scheme look "as-random-as-possible" subject to the orderpreserving constraint. We then design an efficient OPE scheme and prove its security under our notion based on pseudorandomness of an underlying blockcipher. Our construction is based on a natural relation we uncover between a random order-preserving function and the hypergeometric probability distribution. In particular, it makes black-box use of an efficient sampling algorithm for the latter.

AB - We initiate the cryptographic study of order-preserving symmetric encryption (OPE), a primitive suggested in the database community by Agrawal et al. (SIGMOD '04) for allowing efficient range queries on encrypted data. Interestingly, we first show that a straightforward relaxation of standard security notions for encryption such as indistinguishability against chosen-plaintext attack (IND-CPA) is unachievable by a practical OPE scheme. Instead, we propose a security notion in the spirit of pseudorandom functions (PRFs) and related primitives asking that an OPE scheme look "as-random-as-possible" subject to the orderpreserving constraint. We then design an efficient OPE scheme and prove its security under our notion based on pseudorandomness of an underlying blockcipher. Our construction is based on a natural relation we uncover between a random order-preserving function and the hypergeometric probability distribution. In particular, it makes black-box use of an efficient sampling algorithm for the latter.

UR - http://www.scopus.com/inward/record.url?scp=67650690965&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-01001-9_13

DO - 10.1007/978-3-642-01001-9_13

M3 - Conference contribution

AN - SCOPUS:67650690965

SN - 3642010008

SN - 9783642010002

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 224

EP - 241

BT - Advances in Cryptology - EUROCRYPT 2009 - 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings

T2 - 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2009

Y2 - 26 April 2009 through 30 April 2009

ER -

Boldyreva A, Chenette N, Lee Y, O'Neill A. Order-preserving symmetric encryption. In Advances in Cryptology - EUROCRYPT 2009 - 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings. 2009. p. 224-241. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-642-01001-9_13

Order-preserving symmetric encryption

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this