Abstract
Database outsourcing, also known as database as a service, has become a popular way to store and process large amounts of data. Unfortunately, remote data storage can compromise confidentiality. An obvious solution is to encrypt data, prior to storage, but encrypted data is more difficult to query. We describe and demonstrate an efficient scheme for comparing ciphertexts, corresponding to arbitrary plaintexts, in such a way that the result is the same as if the plaintexts had been compared. This allows queries to be processed remotely and securely. Comparison is not limited to equality. For example, encrypted employee names can be sorted remotely without decryption. Any encryption algorithm can be used. Demonstration queries are shown in SQL.
References
Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data (2004)
Amanatidis, G., Boldyreva, A., O’Neill, A.: Provably-secure schemes for basic query support in outsourced databases. In: Barker, S., Ahn, G.-J. (eds.) Data and Applications Security 2007. LNCS, vol. 4602, pp. 14–30. Springer, Heidelberg (2007)
Boldyreva, A., Chenette, N., Lee, Y., O’Neill, A.: Order-preserving symmetric encryption. In: Proceedings of the 28th Annual International Conference on Advances in Cryptology: The Theory and Applications of Cryptographic Techniques (2009)
Chung, S.S., Ozsoyoglu, G.: Anti-tamper databases: processing aggregate queries over encrypted databases. In: Proceedings of the 22nd International Conference on Data Engineering Workshops (2006)
Elovici, Y., Waisenberg, R., Shmueli, E., Gudes, E.: A structure preserving database encryption scheme. In: Jonker, W., Petković, M. (eds.) SDM 2004. LNCS, vol. 3178, pp. 28–40. Springer, Heidelberg (2004)
Hacigumus, H., Iyer, B., Li, C., Mehrotra, S.: Executing SQL over encrypted data in the database-service-provider model. In: Proceedings of the 2002 ACM SIGMOD International Conference on Management of Data (2002)
Hore, B., Mehrotra, S., Tsudik, G.: A privacy-preserving index for range queries. In: Proceedings of the Thirtieth International Conference on Very Large Data Bases, vol. 30 (2004)
Li, J., Omiecinski, E.R.: Efficiency and security trade-off in supporting range queries on encrypted databases. In: Jajodia, S., Wijesekera, D. (eds.) Data and Applications Security 2005. LNCS, vol. 3654, pp. 69–83. Springer, Heidelberg (2005)
Song, D.X., Wagner, D. Perrig, A.: Practical techniques for searches on encrypted data. In: Proceedings of the 2000 IEEE Symposium on Security and Privacy (2000)
Swaminathan, A., Mao, Y., Su, G.-M., Gou, H., Varna, A.L., He, S., Wu, M., Oard, D.W.: Confidentiality-preserving rank-ordered search. In: Proceedings of the 2007 ACM Workshop on Storage Security and Survivability (2007)
AWS: Amazon Relational Database Service, http://aws.amazon.com/rds
AWS: Twilio/Wigle.net Street Vector Data Set. http://aws.amazon.com/datasets/Geographic/2408
AggData: Complete List of United States Zip Codes. http://www.aggdata.com/node/86
Koleshnikov, V., Shikfa, A.: On the limits of privacy provided by order-preserving encryption. Bell Labs Tech. J. 17(3), 135–146 (2012). wileyonlinelibrary.com
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Buffenbarger, J. (2016). Comparing Encrypted Strings. In: Haltinner, K., Sarathchandra, D., Alves-Foss, J., Chang, K., Conte de Leon, D., Song, J. (eds) Cyber Security. CSS 2015. Communications in Computer and Information Science, vol 589. Springer, Cham. https://doi.org/10.1007/978-3-319-28313-5_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-28313-5_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-28312-8
Online ISBN: 978-3-319-28313-5
eBook Packages: Computer ScienceComputer Science (R0)