Results 1 -
6 of
6
Semantically Secure Order-Revealing Encryption: Multi-Input Functional Encryption Without Obfuscation
"... Deciding “greater-than” relations among data items just given their encryptions is at the heart of search algorithms on encrypted data, most notably, non-interactive binary search on encrypted data. Order-preserving encryption provides one solution, but provably provides only limited security guaran ..."
Abstract
-
Cited by 10 (1 self)
- Add to MetaCart
(Show Context)
Deciding “greater-than” relations among data items just given their encryptions is at the heart of search algorithms on encrypted data, most notably, non-interactive binary search on encrypted data. Order-preserving encryption provides one solution, but provably provides only limited security guarantees. Two-input functional encryption is another approach, but requires the full power of obfuscation machinery and is currently not implementable. We construct the first implementable encryption system supporting greater-than comparisons on encrypted data that provides the “best-possible ” semantic security. In our scheme there is a public algorithm that given two ciphertexts as input, reveals the order of the corresponding plaintexts and nothing else. Our constructions are inspired by obfuscation techniques, but do not use obfuscation. For example, to compare two 16-bit encrypted values (e.g., salaries or age) we only need a 9-way multilinear map. More generally, comparing k-bit values requires only a (k/2 + 1)-way multilinear map. The required degree of multilinearity can be further reduced, but at the cost of increasing ciphertext size. Beyond comparisons, our results give an implementable secret-key multi-input functional encryption scheme for functionalities that can be expressed as (generalized) branching programs of polynomial length and width. Comparisons are a special case of this class, where for k-bit inputs the branching program is of length k + 1 and width 4.
Frequency-Hiding Order-Preserving Encryption
"... Order-preserving encryption allows encrypting data, while still enabling efficient range queries on the encrypted data. This makes its performance and functionality very suitable for data outsourcing in cloud computing scenarios, but the security of order-preserving is still debatable. We present a ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
(Show Context)
Order-preserving encryption allows encrypting data, while still enabling efficient range queries on the encrypted data. This makes its performance and functionality very suitable for data outsourcing in cloud computing scenarios, but the security of order-preserving is still debatable. We present a scheme that achieves a strictly stronger notion of security than any other scheme so far. The basic idea is to randomize the ciphertexts to hide the frequency of plaintexts. Still, the client storage size remains small, in our experiments up to 1/15 of the plaintext size. As a result, one can more securely outsource large data sets, since we can also show that our security increases with larger data sets.
Beyond the ideal object: towards disclosure-resilient order-preserving encryption schemes
- In Proceedings of the ACM Workshop on Cloud Computing Security Workshop (2013), CCSW
"... ABSTRACT With the emergence of affordable cloud services, users are currently moving data to external services providers. Hence, they implicitly trust providers to not abuse or "lose" sensitive data. To protect this data in the context of cloud computing, the use of Order-Preserving Encry ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
ABSTRACT With the emergence of affordable cloud services, users are currently moving data to external services providers. Hence, they implicitly trust providers to not abuse or "lose" sensitive data. To protect this data in the context of cloud computing, the use of Order-Preserving Encryption (OPE) has been suggested to encrypt data while still allowing efficient queries. The reference approach builds on Order-Preserving Functions (OPFs) drawn uniformly at random: the so-called "ideal object". However, recent results question the suitability of this construction, as its security properties turn out to be poor. In this article, we investigate possible alternatives. For this, we introduce two descriptive metrics rating one-wayness-related properties of OPF construction schemes, i.e., the ability of an adversary to estimate the plaintext when given a ciphertext and possible extra information. Furthermore, we propose three novel approaches to draw OPFs and apply the introduced metrics to study their security features in relation to the "ideal object". The results visualize the extent of insecurity caused by using the "ideal object" and qualify the suitability of the alternative schemes under different threat scenarios.
BUILDING PRACTICAL SYSTEMS THAT COMPUTE ON ENCRYPTED DATA
, 2014
"... Theft of confidential data is prevalent. In most applications, confidential data is stored at servers. Thus, existing systems naturally try to prevent adversaries from compromising these servers. How-ever, experience has shown that adversaries still find a way to break in and steal the data. This di ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
(Show Context)
Theft of confidential data is prevalent. In most applications, confidential data is stored at servers. Thus, existing systems naturally try to prevent adversaries from compromising these servers. How-ever, experience has shown that adversaries still find a way to break in and steal the data. This dissertation shows how to protect data confidentiality even when attackers get access to all the data stored on servers. We achieve this protection through a new approach to building secure systems: building practical systems that compute on encrypted data, without access to the decryption key. In this setting, we designed and built a database system (CryptDB), a web application platform (Mylar), and two mobile systems, as well as developed new cryptographic schemes for them. We showed that these systems support a wide range of applications with low overhead. The work in this thesis has already had impact: Google uses CryptDB’s design for their new Encrypted BigQuery
LIBRARIES BUILDING PRACTICAL SYSTEMS THAT COMPUTE ON ENCRYPTED DATA
, 2014
"... Theft of confidential data is prevalent. In most applications, confidential data is stored at servers. Thus, existing systems naturally try to prevent adversaries from compromising these servers. However, experience has shown that adversaries still find a way to break in and steal the data. This dis ..."
Abstract
- Add to MetaCart
Theft of confidential data is prevalent. In most applications, confidential data is stored at servers. Thus, existing systems naturally try to prevent adversaries from compromising these servers. However, experience has shown that adversaries still find a way to break in and steal the data. This dissertation shows how to protect data confidentiality even when attackers get access to all the data stored on servers. We achieve this protection through a new approach to building secure systems: building practical systems that compute on encrypted data, without access to the decryption key. In this setting, we designed and built a database system (CryptDB), a web application platform (Mylar), and two mobile systems, as well as developed new cryptographic schemes for them. We showed that these systems support a wide range of applications with low overhead. The work in this thesis has already had impact: Google uses CryptDB's design for their new Encrypted BigQuery
Practical Order-Revealing Encryption with Limited Leakage
"... In an order-preserving encryption scheme, the encryption algorithm produces ciphertexts that preserve the order of their plaintexts. Order-preserving encryption schemes have been studied intensely in the last decade, and yet not much is known about the security of these schemes. Very recently, Boneh ..."
Abstract
- Add to MetaCart
In an order-preserving encryption scheme, the encryption algorithm produces ciphertexts that preserve the order of their plaintexts. Order-preserving encryption schemes have been studied intensely in the last decade, and yet not much is known about the security of these schemes. Very recently, Boneh et al. (Eurocrypt 2015) introduced a generalization of order-preserving encryption, called order-revealing encryption, and presented a construction which achieves this notion with best-possible security. Because their construction relies on multilinear maps, it is too impractical for most applications and therefore remains a theoretical result. In this work, we build efficiently implementable order-revealing encryption from pseudoran-dom functions. We present the first efficient order-revealing encryption scheme which achieves a simulation-based security notion with respect to a leakage function that precisely quantifies what is leaked by the scheme. Moreover, we show how composing our construction with existing order-preserving encryption schemes results in order-revealing encryption that is strictly more secure than all preceding order-preserving encryption schemes. 1
