Inference Attacks on Encrypted Databases Based on Order Preserving Assignment Problem

  • Sota Onozawa
  • Noboru Kunihiro
  • Masayuki YoshinoEmail author
  • Ken Naganuma
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11049)


In ACM CCS 2015, Naveed et al. proposed attacks using plaintext auxiliary data for databases encrypted by ordered preserving encryption or more general property preserving encryptions. Their attacks are based on the Hungarian algorithm for solving the linear sum assignment problem (LSAP). In this work, we define a new assignment optimization problem with an additional condition of order structure and propose a search algorithm for finding its exact solution. We apply the new algorithm to attack an encrypted database in the same situation as Naveed et al. and found that our proposed method improves the success probability of the attacks compared with the attacks of Naveed et al.


Linear sum assignment problem Order-preserving encryption Inference attacks Encrypted databases 



This research was partially supported by JST CREST Grant Number JPMJCR1302, Japan.


  1. 1.
    Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of the SIGMOD, pp. 563–574 (2004)Google Scholar
  2. 2.
    Boldyreva, A., Chenette, N., Lee, Y., O’Neill, A.: Order-preserving symmetric encryption. In: Proceedings of the EUROCRYPT, pp. 224–241 (2009)CrossRefGoogle Scholar
  3. 3.
    Boldyreva, A., Chenette, N., O’Neill, A.: Order-preserving encryption revisited: improved security analysis and alternative solutions. In Proceedings of the CRYPTO, pp. 578–595 (2011)CrossRefGoogle Scholar
  4. 4.
    Karras, P., Malhotra, S., Bhatt, R., Nikitin, A., Antyukhov, D., Idreos, S.: Adaptive indexing over encrypted numeric data. In Proceedings of the SIGMOD, pp. 171–183 (2016)Google Scholar
  5. 5.
    Boneh, D., Lewi, K., Raykova, M., Sahai, A., Zhandry, M., Zimmerman, J.: Semantically secure order-revealing encryption: multi-input functional encryption without obfuscation. In: Proceedings of the EUROCRYPT, pp. 563–594 (2015)Google Scholar
  6. 6.
    Chenette, N., Lewi, K., Weis, S.A., Wu, D.J.: Practical Order-Revealing Encryption with Limited Leakage. In: Proceedings of the FSE, pp. 474–493 (2016)CrossRefGoogle Scholar
  7. 7.
    Lewi, K., Wu, D.J.: Order-Revealing Encryption: New Constructions, Applications, and Lower Bounds. In: Proceedings of ACM CCS 2016, pp. 1167–1178 (2016)Google Scholar
  8. 8.
    Popa, R.A., Redeld, C., Zeldovich, N., Balakrishnan, H.: CryptDB: protecting confidentiality with encrypted query processing. In: Proceedings of the SOSP 2011, pp. 85–100 (2011)Google Scholar
  9. 9.
    Naveed, M., Kamara, S., Wright, C.V.: Inference attacks on property-preserving encrypted databases. In: Proceedings of the ACM CCS 2015, 644–655 (2015)Google Scholar
  10. 10.
    Horst, C., Kikuchi, R., Xagawa, K.: Cryptanalysis of comparable encryption in SIGMOD 2016. In: Proceedings of SIGMOD 2017, pp. 1069–1084 (2017)Google Scholar
  11. 11.
    Betül Durak, F., DuBuisson, T.M., Cash, D.: What else is revealed by order-revealing encryption? In: Proceedings of the ACM CCS, pp. 1155–1166 (2016)Google Scholar
  12. 12.
    Kuhn, H.W.: The Hungarian method for the assignment problem. Naval Res. Logistics Q. 2, 83–87 (1955)MathSciNetCrossRefGoogle Scholar
  13. 13.
    Munkres, J.: Algorithms for the assignment and transportation problems. J. Soc. Ind. Appl. Math. 5(1), 32–38 (1957)MathSciNetCrossRefGoogle Scholar
  14. 14.
    UCI Machine Learning Repository: Adult Data Set.
  15. 15.
    Privacy Rights Clearinghouse. Chronology of data breaches.
  16. 16.
    Navarro, G.: A guided tour to approximate string matching. ACM Comput. Surv. 33(1), 31–88 (2001)CrossRefGoogle Scholar
  17. 17.
    Grubbs, P., Sekniqi, K., Bindschaedler, V., Naveed, M., Ristenpart, T.: Leakage-abuse attacks against order-revealing encryption. IEEE Symp. Secur. Priv. 2017, 665–672 (2017)Google Scholar
  18. 18.
    Kerschbaum, F.: Frequency-hiding order-preserving encryption. ACM Conf. Comput. Commun. Secur. 2015, 656–667 (2015)Google Scholar
  19. 19.
  20. 20.
  21. 21.

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Sota Onozawa
    • 1
  • Noboru Kunihiro
    • 1
  • Masayuki Yoshino
    • 2
    Email author
  • Ken Naganuma
    • 1
    • 2
  1. 1.The University of TokyoTokyoJapan
  2. 2.Hitachi, Ltd.TokyoJapan

Personalised recommendations