Abstract
As Internet services expand and proliferate, service users’ data show an increase in volume as well as geographical dispersion mainly due to the large number of personalized services that users often access today on a daily basis. This fact, however, presents a user privacy and user data security challenge for service providers: how to protect theirs users’ data from unauthorized access. In this paper we present a new tree-based data structure for storing encrypted information in order to support fast search, update, and delete operations on the encrypted data. The data structure relies on exposing limited ordering information of the data in order to locate them fast. After showing that a totally order preserving encryption scheme is not secure, we describe a new tree data structure and assess its security and efficiency.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The Duplicates problem: The same plaintext values are always encrypted to the same ciphertext values. Thus an adversary can get meaningful information when the total number of possible plaintext values is small (e.g. Votes in an election). If we use a randomized encryption function, then same data item will appear in many different encrypted forms, thus preventing us from performing fast data operations.
References
Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data (SIGMOD 2004), pp. 563–574, ACM (2014)
Bjones, R., Krontiris, I., Paillier, P., Rannenberg, K.: Integrating anonymous credentials with eIDs for privacy-respecting online authentication. In: Preneel, B., Ikonomou, D. (eds.) APF 2012. LNCS, vol. 8319, pp. 111–124. Springer, Heidelberg (2014)
Brands, S.: Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy, 1st edn. The MIT Press, Cambridge (2000)
Camenisch, J., Groß, T.: Efficient attributes for anonymous credentials. In: Proceedings ACM Conference on Computer and Communications Security, pp. 345–356, ACM (2008)
Ozsoyoglu, S.C., Singer, D.: Anti-tamper databases: querying encrypted databases. In: Proceedings of the 17th Annual IFIP WG 11.3 Working Conference on Database and Applications Security (2003)
Acknowledgment
Research partially done while the third author was on Sabbatical leave (Spring-Summer 2015) at the Department of Business Informatics, Faculty of Economics and Business Administration, Goethe University, Frankfurt, Germany.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Ispoglou, K., Makris, C., Stamatiou, Y.C., Stavropoulos, E.C., Tsakalidis, A.K., Iosifidis, V. (2015). Partial Order Preserving Encryption Search Trees. In: Chen, Q., Hameurlain, A., Toumani, F., Wagner, R., Decker, H. (eds) Database and Expert Systems Applications. Globe DEXA 2015 2015. Lecture Notes in Computer Science(), vol 9262. Springer, Cham. https://doi.org/10.1007/978-3-319-22852-5_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-22852-5_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-22851-8
Online ISBN: 978-3-319-22852-5
eBook Packages: Computer ScienceComputer Science (R0)