Jun Xu,Weiming Zhang,Ce Yang,Jiajia Xu,Nenghai Yu

DOI: https://doi.org/10.1109/CSC.2012.26

2012-01-01

Abstract:To protect privacy of users, sensitive data need to be encrypted before outsourcing to cloud, which makes effective data retrieval a very tough task. In this paper, we proposed a novel order-preserving encryption(OPE) based ranked search scheme over encrypted cloud data, which uses the encrypted keyword frequency to rank the results and provide accurate results via two-step ranking strategy. The first step coarsely ranks the documents with the measure of coordinate matching, i.e., classifying the documents according to the number of query terms included in each document. In the second step, for each category obtained in the first step, a fine ranking process is executed by adding up the encrypted score. Extensive experiments show that this new method is indeed an advanced solution for secure multi-keyword retrieval.

Jiuling Zhang,Beixing Deng,Xing Li

DOI: https://doi.org/10.1007/978-3-642-31020-1_8

2012-01-01

Abstract:Ranking the encrypted documents stored on cloud storage servers is important in encrypted information retrieval. Order preserving encryption (OPE) could be used to help ranking the encrypted documents. However, order preserving encryption schemes don’t support additions over cipher texts. A new additive order preserving encryption is proposed. Both the cipher text and the sum of the cipher texts preserve orders. By summing up the encryptions of term weights, the relevance between encrypted documents and queries are obtained. According to the relevance the documents are ranked. Experimental results show that the proposed encryption scheme based ranking could achieve very good retrieval performance.

Cong Wang,Ning Cao,Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1109/tpds.2011.282

IF: 5.3

2012-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Cloud computing economically enables the paradigm of data service outsourcing. However, to protect data privacy, sensitive cloud data have to be encrypted before outsourced to the commercial public cloud, which makes effective data utilization service a very challenging task. Although traditional searchable encryption techniques allow users to securely search over encrypted data through keywords, they support only Boolean search and are not yet sufficient to meet the effective data utilization need that is inherently demanded by large number of users and huge amount of data files in cloud. In this paper, we define and solve the problem of secure ranked keyword search over encrypted cloud data. Ranked search greatly enhances system usability by enabling search result relevance ranking instead of sending undifferentiated results, and further ensures the file retrieval accuracy. Specifically, we explore the statistical measure approach, i.e., relevance score, from information retrieval to build a secure searchable index, and develop a one-to-many order-preserving mapping technique to properly protect those sensitive score information. The resulting design is able to facilitate efficient server-side ranking without losing keyword privacy. Thorough analysis shows that our proposed solution enjoys “as-strong-as-possible” security guarantee compared to previous searchable encryption schemes, while correctly realizing the goal of ranked keyword search. Extensive experimental results demonstrate the efficiency of the proposed solution.

Baiqiang Wang,Dongfang Zhao

2024-11-26

Abstract:Order-preserving encryption (OPE) is a fundamental cryptographic tool for enabling efficient range queries on encrypted data in outsourced databases. Despite its importance, existing OPE schemes face critical limitations that hinder their practicality. Stateful designs require clients to maintain plaintext-to-ciphertext mappings, imposing significant storage and management overhead. Stateless designs often rely on interactive protocols between the client and server, leading to high communication latency and limited scalability. These limitations make existing schemes unsuitable for real-world applications that demand simplicity, efficiency, and scalability. In this work, we present Homomorphic OPE (HOPE), a new OPE scheme that eliminates client-side storage and avoids additional client-server interaction during query execution. HOPE leverages the additive property of homomorphic encryption to introduce a novel comparison key mechanism, which transforms ciphertext comparison into a randomized difference computation. This mechanism ensures that only the sign of the comparison is preserved while fully masking the underlying plaintext values, enabling secure and efficient range queries without leaking additional information about the data. We provide a formal cryptographic analysis of HOPE, proving its security under the widely accepted IND-OCPA model. Our proofs rigorously demonstrate that the comparison key mechanism reveals no information beyond the order of the plaintexts and ensures resistance to both chosen-plaintext attacks and frequency analysis. To validate the practicality of HOPE, we conduct extensive experiments comparing it with state-of-the-art OPE schemes. The results demonstrate that HOPE achieves competitive query performance while addressing the key limitations of existing designs, making it a scalable and secure solution for outsourced database systems.

Cryptography and Security,Databases

Ning Shen,Jyh-Haw Yeh,Hung-Min Sun,Chien-Ming Chen

DOI: https://doi.org/10.1109/prdc53464.2021.00025

2021-01-01

Abstract:Order-preserving encryption (OPE) plays an important role in securing outsourced databases. OPE schemes can be either Stateless or Stateful. Stateful schemes can achieve the ideal security of order-preserving encryption, i.e., “reveal no information about the plaintexts besides order.” However, comparing to stateless schemes, stateful schemes require maintaining some state information locally besides encryption keys and the ciphertexts are mutable. On the other hand, stateless schemes only require remembering encryption keys and thus is more efficient. It is a common belief that stateless schemes cannot provide the same level of security as stateful ones because stateless schemes reveal the relative distance among their corresponding plaintext. In real world applications, such security defects may lead to the leakage of statistical and sensitive information, e.g., the data distribution, or even negates the whole encryption. In this paper, we propose a practical and secure stateless order-preserving encryption scheme. With prior knowledge of the data to be encrypted, our scheme can achieve IND-CCPA (INDistinguishability under Committed ordered Chosen Plaintext Attacks) security for static data set. Though the IND-CCPA security can't be met for dynamic data set, our new scheme can still significantly improve the security in real world applications. Along with the encryption scheme, in this paper we also provide methods to eliminate access pattern leakage in communications and thus prevents some common attacks to OPE schemes in practice.

Ning Cao,Cong Wang,Ming Li,Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1109/tpds.2013.45

IF: 5.3

2013-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:With the advent of cloud computing, data owners are motivated to outsource their complex data management systems from local sites to the commercial public cloud for great flexibility and economic savings. But for protecting data privacy, sensitive data has to be encrypted before outsourcing, which obsoletes traditional data utilization based on plaintext keyword search. Thus, enabling an encrypted cloud data search service is of paramount importance. Considering the large number of data users and documents in the cloud, it is necessary to allow multiple keywords in the search request and return documents in the order of their relevance to these keywords. Related works on searchable encryption focus on single keyword search or Boolean keyword search, and rarely sort the search results. In this paper, for the first time, we define and solve the challenging problem of privacy-preserving multi-keyword ranked search over encrypted cloud data (MRSE). We establish a set of strict privacy requirements for such a secure cloud data utilization system. Among various multi-keyword semantics, we choose the efficient similarity measure of "coordinate matching", i.e., as many matches as possible, to capture the relevance of data documents to the search query. We further use "inner product similarity" to quantitatively evaluate such similarity measure. We first propose a basic idea for the MRSE based on secure inner product computation, and then give two significantly improved MRSE schemes to achieve various stringent privacy requirements in two different threat models. Thorough analysis investigating privacy and efficiency guarantees of proposed schemes is given. Experiments on the real-world dataset further show proposed schemes indeed introduce low overhead on computation and communication.

Zhirong Shen,Jiwu Shu,Wei Xue

DOI: https://doi.org/10.1109/iwqos.2013.6550283

2013-01-01

Abstract:Cloud computing cuts down large capital outlays in facilities purchase and eliminates complex system management for users. To protect data confidentiality in cloud utilization, sensitive data are usually stored in encrypted form, making traditional search service on plaintext inapplicable. Thus, enabling keyword search over encrypted data becomes a paramount urgency. Given massive data users with various search preferences, it becomes necessary to support preferred keyword search and output the data files in the order of the user's preference. In this paper, for the first time, we investigate the challenging problem of preferred keyword search over encrypted data (PSED). We first establish a set of privacy requirements and utilize the appearance frequency of each keyword to serve as its “weight”. A preference preprocessing mechanism is then explored to ensure that the search result will faithfully respect the user's preference and the Lagrange polynomial is introduced to express the user's preference formula. We further represent keyword weights of each file by using vectors, convert the preference polynomial into the vector form, and securely calculate their inner products to quantitatively characterize the relevance measure between data files and a query. Finally, an extensive performance evaluation demonstrates the proposed scheme can achieve acceptable efficiency.

Jing He,Yiming Wu,Guangli Xiang,Zhendong Wu,Shouling Ji

DOI: https://doi.org/10.1007/978-3-319-69471-9_33

2017-01-01

Abstract:Encrypting data before outsourcing data has become a challenge in using traditional search algorithms. Many techniques have been proposed to cater the needs. However, as cloud service has a pay-as-you-go basis, these techniques are inefficiency. In this paper we attack the challenging problem by proposing an approximate multi keyword search with multi factor ranking over encrypted cloud data. Moreover, we establish strict privacy requirements and prove that the proposed scheme is secure in terms of privacy. To the best of our knowledge, we are the first who propose approximate matching technique on semantic search. Furthermore, to improve search efficiency, we consider multi-factor ranking technique to rank a query for documents. Through comprehensive experimental analysis combined with real world data, our proposed technique shows more efficiency and can retrieve more accurate results and meanwhile improve privacy by introducing randomness in query data.

Jiuling ZHANG,Beixing DENG,Xing LI,Xiao-lei ZHANG

DOI: https://doi.org/10.1587/transinf.e95.d.2954

2012-01-01

IEICE Transactions on Information and Systems

Abstract:Ranking the encrypted documents stored on secure cloud computing servers is becoming prominent with the expansion of the encrypted data collection. In our work, order preserving encryption is employed to pre-rank the encrypted documents. Paillier's additive homomorphic encryption is used to re-rank the top pre-ranked documents of some considerate scale.

Ce Yang,Weiming Zhang,Nenghai Yu

DOI: https://doi.org/10.1109/DSC.2017.49

2017-01-01

Abstract:Order-revealing encryption (ORE) is a kind of encryption designed to support searches on ciphertexts. ORE enables efficient range query on ciphertexts, and it has been used in systems aimed at practical use. However, ORE has weaker security than conventional cryptography. To assess the security of ORE, researchers proposed concepts such as indistinguishability and one-wayness. Our work discusses the security of ORE when multiple columns are encrypted with ORE. This paper addresses two issues. First, we show an attacker can use quantile attack to distinguish two plaintext distributions with background information. Simulations show the attack succeed with high probability. Second, we propose a scheme to resist the quantile attack by adding dummy data. The proposed scheme calculates the number and position of dummy data based on the plaintext distribution and expected security level. We conduct experiments on a real dataset to show the performance of proposed scheme.

Yanjun Pan,Alon Efrat,Ming Li,Boyang Wang,Hanyu Quan,Joseph Mitchell,Jie Gao,Esther Arkin

DOI: https://doi.org/10.48550/arXiv.2001.08773

2020-01-23

Cryptography and Security

Abstract:Due to increasing concerns of data privacy, databases are being encrypted before they are stored on an untrusted server. To enable search operations on the encrypted data, searchable encryption techniques have been proposed. Representative schemes use order-preserving encryption (OPE) for supporting efficient Boolean queries on encrypted databases. Yet, recent works showed the possibility of inferring plaintext data from OPE-encrypted databases, merely using the order-preserving constraints, or combined with an auxiliary plaintext dataset with similar frequency distribution. So far, the effectiveness of such attacks is limited to single-dimensional dense data (most values from the domain are encrypted), but it remains challenging to achieve it on high-dimensional datasets (e.g., spatial data) which are often sparse in nature. In this paper, for the first time, we study data inference attacks on multi-dimensional encrypted databases (with 2-D as a special case). We formulate it as a 2-D order-preserving matching problem and explore both unweighted and weighted cases, where the former maximizes the number of points matched using only order information and the latter further considers points with similar frequencies. We prove that the problem is NP-hard, and then propose a greedy algorithm, along with a polynomial-time algorithm with approximation guarantees. Experimental results on synthetic and real-world datasets show that the data recovery rate is significantly enhanced compared with the previous 1-D matching algorithm.

Qinyuan Liu,Zidong Wang,Xiao He,Donghua Zhou

DOI: https://doi.org/10.1109/cns.2018.8433179

2018-01-01

Abstract:Encryption, a powerful tool for data security, has been widely applied to protect sensitive data stored on untrusted cloud servers. One important problem in such an environment is how to support advanced query predicates, such as range queries, over an encrypted data set in an efficient and secure way. Order-preserving encryption (OPE) produces ciphertexts that preserve the order of their plaintexts and performs range queries directly on ciphertexts. However, ideally secure OPE schemes are inefficient (interactive and stateful), because they either ask for extensive client-to-server interactions or require a large persistent client storage that relates to the size of the data set. In this paper, we propose a comparable inner product encoding (CIPE) scheme to support multi-attribute range queries over encrypted data. Our main idea is to encode data and query values as encrypted vectors so that order comparison is realized by calculating the vector's inner product. Compared with existing OPE schemes, our scheme has the following merits: 1) High $e$ ficiency. It allows a client to retrieve data of interest in one round without maintaining any local state. 2) Enhanced security. It achieves ideal security while effectively resisting inference attacks that existing OPE schemes are vulnerable to. Extensive experiments conducted on a real- world, large-scale data set verify the effectiveness of our scheme.

Ce Yang,Weiming Zhang,Nenghai Yu

DOI: https://doi.org/10.1016/j.ins.2016.12.025

IF: 8.1

2016-01-01

Information Sciences

Abstract:Order preserving encryption (OPE) is a kind of encryption designed to support searches on ciphertexts. OPE encrypts plaintexts to ciphertexts with the same order, making it possible to efficiently compare ciphertexts without decryption. Because of its efficiency, OPE has been used in systems aimed at practical use. However, even though many OPE schemes have been proposed, all suffer from security and ciphertext expansion problems.This paper proposes the notation of semi-order preserving encryption (SOPE) as a substitute for OPE. SOPE uses a semi-order preserving condition instead of strict order preserving condition to support a range query on ciphertexts. By this means, SOPE can enhance security and reduce storage cost with some sacrifice of precision. The loss of precision can be eliminated with the cost of extra communication and computation, because it is easy to generate a query on ciphertexts including all required plaintexts.To study the relationship among precision, security and ciphertext expansion, we introduce semi-order preserving degree d, which measures the difference between SOPE and OPE. The theoretical derivation shows that security will increase with d, while precision and ciphertext expansion will decrease with d. Thus SOPE can balance precision, security and ciphertext expansion by adjusting semi-order preserving degree d according to a concrete condition. Finally, we present an implementation of SOPE.

Peiyi Tu,Xingjun Wang

DOI: https://doi.org/10.1007/978-981-97-0945-8_22

2024-01-01

Abstract:In recent years, the Database-as-a-Service (DAS) model has become increasingly popular for cost-effective data outsourcing to cloud service providers. To ensure data security and functionality, Searchable Encryption (SE) has been introduced. However, many existing SE schemes unintentionally leak access patterns, posing significant privacy risks. While solutions like Oblivious RAM (ORAM) and Fully Homomorphic Encryption (FHE) can mitigate this, they are computationally intensive, limiting their practicality for large-scale databases. In this paper, we design a dynamic and efficient SE scheme called DPDSE that exploits differential privacy obfuscation of access patterns. Specifically, we obfuscate the ciphertext by deploying Laplace and Randomized Response mechanism. DPDSE strikes a balance between privacy and storage costs, while maintaining compatibility with any SE scheme. We give a formal mathematical proof of the security of DPDSE and conduct experiments on real datasets. The results show that DPDSE is significantly more secure than traditional SE schemes at a storage cost of up to 2.5%.

Yinbin Miao,Wei Zheng,Xiaohua Jia,Ximeng Liu,Kim-Kwang Raymond Choo,Robert H. Deng,Robert Deng

DOI: https://doi.org/10.1109/tsc.2021.3140098

IF: 11.019

2022-01-01

IEEE Transactions on Services Computing

Abstract:Ranked keyword search over encrypted data has been extensively studied in cloud computing as it enables data users to find the most relevant results quickly. However, existing ranked multi-keyword search solutions cannot achieve efficient ciphertext search and dynamic updates with forward security simultaneously. To solve the above problems, we first present a basic Machine Learning-based Ranked Keyword Search (ML-RKS) scheme in the static setting by using the k-means clustering algorithm and a balanced binary tree. ML-RKS reduces the search complexity without sacrificing the search accuracy, but is still vulnerable to forward security threats when applied in the dynamic setting. Then, we propose an Enhanced ML-RKS (called ML-RKS$^{+}$+) scheme by introducing a permutation matrix. ML-RKS$^{+}$+ prevents cloud servers from making search queries over newly added files via previous tokens, thereby achieving forward security. The security analysis proves that our schemes protect the privacy of indexes, query tokens and keywords. Empirical experiments using the real-world dataset demonstrate that our schemes are efficient and feasible in practical applications.

Jianting Ning,Jia Xu,Kaitai Liang,Fan Zhang,Ee-Chien Chang

DOI: https://doi.org/10.1109/tifs.2018.2866321

IF: 7.231

2019-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Searchable encryption (SE) provides a privacy-preserving mechanism for data users to search over encrypted data stored on a remote server. Researchers have designed a number of SE schemes with high efficiency yet allowing some degree of leakage profile to the remote server. The leakage, however, should be further measured to allow us to understand what types of attacks an SE scheme would encounter. This paper considers passive attacks that make inferences based on prior knowledge and observations on queries issued by users. This is in contrast to previously studied active attacks that adaptively inject files and queries. We consider several assumptions on the types or prior knowledge the attacker possessed and propose a few passive attacks. In particular, under the "full-fledged" assumption, the keyword recovery rate of our attack is optimal in the sense that it is equal to the theoretical upper bound. We further present several enhanced attacks under other weaker assumptions on various levels of the prior knowledge that the attacker can obtain, in which the keyword recovery rates are optimal or nearly optimal (i.e., approaching the theoretical upper bound). In addition, we provide extensive experiments to show the "power" of our passive attacks. This paper highlights the importance of minimizing the prior knowledge of a server and the leakage of search queries. It also shows that simply distorting the frequency of the keyword to hold against our passive attacks may not scale well.

Yuan Li,Hongbing Wang,Yunlei Zhao

DOI: https://doi.org/10.1145/3321705.3329829

2019-01-01

Abstract:Order-revealing encryption (ORE) is a basic cryptographic primitive for ciphertext comparisons based on the order relationship of plaintexts while maintaining the privacy of them. In the data era we are experiencing, cross-dataset transactions become ubiquitous in practice. However, almost all the previous ORE schemes can only support comparisons on ciphertexts from the same user, which does not meet the requirement for the multi-user environment. In this work, we introduce and design ORE schemes with delegation functionality, which is referred to as delegatable ORE (DORE). The "delegation" here is an authorization that allows for efficient ciphertext comparisons among different users. To the best of our knowledge, it is the first ORE that allows an user to delegate the comparison privilege for his ciphertexts, which also opens the door for future explorations. At the heart of the construction and analysis of DORE is a new building tool proposed in this work, named delegatable equality-revealing encoding (DERE), which might be of independent interest.

Li Yuan,Wang Xing-Chen,Huang Lin,State Key Laboratory of Cryptology

DOI: https://doi.org/10.1007/s11390-020-0060-y

IF: 1.871

2021-01-01

Journal of Computer Science and Technology

Abstract:Order-preserving encryption (OPE) and order-revealing encryption (ORE) are among the core ingredients for encrypted databases (EDBs). In this work, we study the leakage of OPE and ORE and their forward security. We propose generic yet powerful file-injection attacks (FIAs) on OPE/ORE, aimed at the situations of possessing order by and range queries. Our FIAs only exploit the ideal leakage of OPE/ORE (in particular, no need of data denseness or frequency). We also improve their efficiency with the frequency statistics using a hierarchical idea such that the high-frequency values will be recovered more quickly. We conduct some experiments on real datasets to test the performance, and the results show that our FIAs can cause an extreme hazard on most of the existing OPEs and OREs with high efficiency and 100% recovery rate. We then formulate forward security of ORE, and propose a practical compilation framework for achieving forward secure ORE to resist the perniciousness of FIA. The compilation framework can transform most of the existing OPEs/OREs into forward secure OREs, with the goal of minimizing the extra burden incurred on computation and storage. We also present its security proof, and execute some experiments to analyze its performance. The proposed compilation is highly efficient and forward secure.

Dongfang Zhao

2024-06-06

Abstract:Order-preserving encryption (OPE) has been extensively studied for more than two decades in the context of outsourced databases because OPE is a key enabling technique to allow the outsourced database servers to sort encrypted tuples in order to build indexes, complete range queries, and so forth. The state-of-the-art OPE schemes require (i) a stateful client -- implying that the client manages the local storage of some mapping between plaintexts and ciphertexts, and/or (ii) the interaction between the client and the server during the query. In production systems, however, the above assumptions do not always hold (not to mention performance overhead): In the first case, the storage requirement could exceed the capability of the client; In the second case, the clients may not be accessible when the server executes a query involving sort or comparison. This paper proposes a new OPE scheme that works for stateless clients and requires no client-server interaction during the queries. The key idea of our proposed protocol is to leverage the underlying additive property of a homomorphic encryption scheme such that the sign of the difference between two plaintexts can be revealed by some algebraic operations with an evaluation key. We will demonstrate the correctness and security of the proposed protocol in this short paper; the implementation and experimental results will be presented in an extended report.

Cryptography and Security,Databases

Jin Li,Qian Wang,Cong Wang,Ning Cao,Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1109/infcom.2010.5462196

2010-01-01

Abstract:As Cloud Computing becomes prevalent, more and more sensitive information are being centralized into the cloud. For the protection of data privacy, sensitive data usually have to be encrypted before outsourcing, which makes effective data utilization a very challenging task. Although traditional searchable encryption schemes allow a user to securely search over encrypted data through keywords and selectively retrieve files of interest, these techniques support only exact keyword search. That is, there is no tolerance of minor typos and format inconsistencies which, on the other hand, are typical user searching behavior and happen very frequently. This significant drawback makes existing techniques unsuitable in Cloud Computing as it greatly affects system usability, rendering user searching experiences very frustrating and system efficacy very low. In this paper, for the first time we formalize and solve the problem of effective fuzzy keyword search over encrypted cloud data while maintaining keyword privacy. Fuzzy keyword search greatly enhances system usability by returning the matching files when users' searching inputs exactly match the predefined keywords or the closest possible matching files based on keyword similarity semantics, when exact match fails. In our solution, we exploit edit distance to quantify keywords similarity and develop an advanced technique on constructing fuzzy keyword sets, which greatly reduces the storage and representation overheads. Through rigorous security analysis, we show that our proposed solution is secure and privacy-preserving, while correctly realizing the goal of fuzzy keyword search.