Abstract
At CCS 2015 Naveed et al. presented first attacks on efficiently searchable encryption, such as deterministic and order-preserving encryption. These plaintext guessing attacks have been further improved in subsequent work, e.g. by Grubbs et al. in 2016. Such cryptanalysis is crucially important to sharpen our understanding of the implications of security models. In this paper we present an order-preserving encryption scheme in the form of an efficiently searchable, encrypted data structure that is provably secure against these and even more powerful chosen plaintext attacks. Our data structure supports logarithmic-time search with linear space complexity. The indices of our data structure can be used to search by standard comparisons and hence allow easy retrofitting to existing database management systems. We implemented our scheme and show that its search time overhead is only 10 ms compared to non-secure search on a database with 1 million entries.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
In case several cells of a simple data structure are encrypted as a whole, we call this combination a cell of another data structure.
- 2.
Note that in case of public key encryption our definition does not imply that the entire operation can be completed using only the public key.
- 3.
This is easy to see, since they do not encrypt the structural information in their data structure, i.e. the pointers to leaf nodes in the tree, and hence the ciphertexts can be ordered.
- 4.
Recall that the adversary is allowed to submit the same plaintext multi-sets in the -security experiment.
References
Boelter, T., Poddar, R., Popa, R.A.: A secure one-roundtrip index for range queries. Technical report 568, IACR Cryptology ePrint Archive (2016)
Boldyreva, A., Chenette, N., Lee, Y., O’Neill, A.: Order-preserving symmetric encryption. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 224–241. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01001-9_13
Boldyreva, A., Chenette, N., O’Neill, A.: Order-preserving encryption revisited: improved security analysis and alternative solutions. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 578–595. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22792-9_33
Boneh, D., Lewi, K., Raykova, M., Sahai, A., Zhandry, M., Zimmerman, J.: Semantically secure order-revealing encryption: multi-input functional encryption without obfuscation. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 563–594. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46803-6_19
Boneh, D., Waters, B.: Conjunctive, subset, and range queries on encrypted data. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 535–554. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-70936-7_29
Cash, D., Grubbs, P., Perry, J., Ristenpart, T.: Leakage-abuse attacks against searchable encryption. In: Proceedings of the 22nd ACM Conference on Computer and Communications Security, CCS (2015)
Chenette, N., Lewi, K., Weis, S.A., Wu, D.J.: Practical order-revealing encryption with limited leakage. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 474–493. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-52993-5_24
Curtmola, R., Garay, J., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. J. Comput. Secur. 19(5), 895–934 (2011)
Demertzis, I., Papadopoulos, S., Papapetrou, O., Deligiannakis, A., Garofalakis, M.: Practical private range search revisited. In: Proceedings of the ACM International Conference on Management of Data, SIGMOD (2016)
Ducklin, P.: Anatomy of a password disaster - adobe’s giant-sized cryptographic blunder (2013). https://nakedsecurity.sophos.com/2013/11/04/anatomy-of-a-password-disaster-adobes-giant-sized-cryptographic-blunder/
Durak, B., DuBuisson, T., Cash, D.: What else is revealed by order-revealing encryption? In: Proceedings of the 23rd ACM Conference on Computer and Communications Security, CCS (2016)
Fitzpatrick, A.: Apple says systems weren’t hacked in nude pics grab (2014). http://time.com/3257945/apple-icloud-brute-force-jennifer-lawrence/
Grubbs, P., McPherson, R., Naveed, M., Ristenpart, T., Shmatikov, V.: Breaking web applications built on top of encrypted data. In: Proceedings of the 23rd ACM Conference on Computer and Communications Security, CCS (2016)
Grubbs, P., Ristenpart, T., Shmatikov, V.: Why your encrypted database is not secure. Technical report 468, IACR Cryptology ePrint Archive (2017)
Grubbs, P., Sekniqi, K., Bindschaedler, V., Naveed, M., Ristenpart, T.: Leakage-abuse attacks against order-revealing encryption. Technical report 895, IACR Cryptology ePrint Archive (2016)
Hahn, F., Kerschbaum, F.: Poly-logarithmic range queries on encrypted data with small leakage. In: Proceedings of the ACM Workshop on Cloud Computing Security Workshop, CCSW (2016)
Islam, M., Kuzu, M., Kantarcioglu, M.: Access pattern disclosure on searchable encryption: ramification, attack and mitigation. In: Proceedings of the 19th Network and Distributed System Security Symposium, NDSS (2012)
Katz, J., Sahai, A., Waters, B.: Predicate encryption supporting disjunctions, polynomial equations, and inner products. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 146–162. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78967-3_9
Kellaris, G., Kollios, G., Nissim, K., O’Neill, A.: Generic attacks on secure outsourced databases. In: Proceedings of the 23rd ACM Conference on Computer and Communications Security, CCS (2016)
Kerschbaum, F.: Frequency-hiding order-preserving encryption. In: Proceedings of the 22nd ACM Conference on Computer and Communications Security, CCS (2015)
Kolesnikov, V., Shikfa, A.: On the limits of privacy provided byorder-preserving encryption. Bell Labs Tech. J. 17(3), 135–146 (2012)
Lacharité, M.S., Minaud, B., Paterson, K.: Improved reconstruction attacks on encrypted data using range query leakage. Technical report 701, IACR Cryptology ePrint Archive (2017)
Lewi, K., Wu, D.: Order-revealing encryption: new constructions, applications, and lower bounds. In: Proceedings of the 23rd ACM Conference on Computer and Communications Security, CCS (2016)
Lu, Y.: Privacy-preserving logarithmic-time search on encrypted data in cloud. In: Proceedings of the 19th Network and Distributed System Security Symposium, NDSS (2012)
McCarthy, K.: Panama papers hack: unpatched wordpress, drupal bugs to blame? (2016). http://www.theregister.co.uk/2016/04/07/panama_papers_unpatched_wordpress_drupal/
Naveed, M., Kamara, S., Wright, C.V.: Inference attacks on property-preserving encrypted databases. In: Proceedings of the 22nd ACM Conference on Computer and Communications Security, CCS (2015)
Popa, R.A., Li, F.H., Zeldovich, N.: An ideal-security protocol for order-preserving encoding. In: 34th IEEE Symposium on Security and Privacy, S&P (2013)
Pouliot, D., Wright, C.: The shadow nemesis: inference attacks on efficiently deployable, efficiently searchable encryption. In: Proceedings of the 23rd ACM Conference on Computer and Communications Security, CCS (2016)
Roche, D., Apon, D., Choi, S., Yerukhimovich, A.: Pope: partial order preserving encoding. In: Proceedings of the 23rd ACM Conference on Computer and Communications Security, CCS (2016)
Shi, E., Bethencourt, J., Chan, H.T.H., Song, D.X., Perrig, A.: Multi-dimensional range query over encrypted data. In: Proceedings of the 2007 Symposium on Security and Privacy, S&P (2007)
Zhang, Y., Katz, J., Papamanthou, C.: All your queries are belong to us: the power of file-injection attacks on searchable encryption. In: Proceedings of the 25th USENIX Security Symposium, USENIX SECURITY (2016)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Kerschbaum, F., Tueno, A. (2019). An Efficiently Searchable Encrypted Data Structure for Range Queries. In: Sako, K., Schneider, S., Ryan, P. (eds) Computer Security – ESORICS 2019. ESORICS 2019. Lecture Notes in Computer Science(), vol 11736. Springer, Cham. https://doi.org/10.1007/978-3-030-29962-0_17
Download citation
DOI: https://doi.org/10.1007/978-3-030-29962-0_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-29961-3
Online ISBN: 978-3-030-29962-0
eBook Packages: Computer ScienceComputer Science (R0)