Springer Nature is making Coronavirus research free. View research | View latest news | Sign up for updates

hOPE: improved order preserving encryption with the power to homomorphic operations of ciphertexts

  • 251 Accesses

  • 2 Citations

Abstract

Database applications that manage and utilize massive data must address the issues of element comparisons, the core operations in index accessing, metric computations and metric comparisons, and the core operations in result ranking. In the cloud era, to avoid private information leakage, encrypted data are subcontracted, and resolutions for the problems that arise in three operations over ciphertexts are urgently required. Indeed, it is possible to handle element comparison through order preserving encryption/encoding (OPE) or metric computation through homomorphic encryption (HE) directly over ciphertexts. Unfortunately, the simultaneous achievement of both goals (i.e., metric computation and comparison) by directly combining OPE and HE remains intractable. In this work, an improved OPE, named hOPE, is proposed to support homomorphic operations over ciphertexts in addition to comparisons. Based on hOPE, AhOPE and PhOPE are designed to support homomorphic addition and product, respectively. Both schemes are proved to be indistinguishable under operated and ordered chosen-plaintext attack (IND-O2CPA) secure when the adopted HE algorithm provides indistinguishable under ordered chosen-plaintext attack (IND-OCPA secure). hOPE is a general construction that supports arbitrary HE algorithms and achieves consistent security. We deploy AhOPE and PhOPE in practice with a trusted/untrusted third party and compare the result with the state-of-the-art methods. The results show that our presented algorithms need few interactions and fill the gap between OPE and HE.

This is a preview of subscription content, log in to check access.

References

  1. 1

    Agrawal R, Kiernan J, Srikant R, et al. Order preserving encryption for numeric data. In: Proceedings of the ACM SIGMOD International Conference on Management of Data (ICDE), Paris, 2004. 563–574

  2. 2

    Boldyreva A, Chenette N, Lee Y, et al. Order-preserving symmetric encryption. In: Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques, Cologne, 2009. 224–241

  3. 3

    Popa R A, Li F H, Zeldovich N. An ideal-security protocol for order-preserving encoding. In: Proceedings of IEEE Symposium on Security and Privacy (S&P), Berkeley, 2013. 463–477

  4. 4

    Teranishi I, Yung M, Malkin T. Order-preserving encryption secure beyond one-wayness. In: Advances in Cryptology—ASIACRYPT. Berlin: Springer, 2014. 42–61

  5. 5

    Mavroforakis C, Chenette N, O’Neill A, et al. Modular order-preserving encryption, revisited. In: Proceedings of the ACM International Conference on Management of Data (SIGMOD), Melbourne, 2015. 763–777

  6. 6

    Zhang H G, Han W B, Lai X J, et al. Survey on cyberspace security. Sci China Inf Sci, 2015, 58: 110101

  7. 7

    Bentley J L. Multidimensional binary search trees used for associative searching. ACM Commun, 1975, 18: 509–517

  8. 8

    Bayer R, McCreight E. Organization and maintenance of large ordered indexes. Acta Inform, 1972, 1: 173–189

  9. 9

    Hartigan J A, Wong M A. Algorithm as 136: a k-means clustering algorithm. J Royal Stat Soc Ser C, 1979, 28: 100–108

  10. 10

    Guttman A. R-trees: a dynamic index structure for spatial searching. In: Proceedings of the ACM International Conference on Management of Data (SIGMOD), Boston, 1984. 47–57

  11. 11

    Rivest R L, Adleman L, Dertouzos M L. On data banks and privacy homomorphisms. In: Proceedings of Foundations of Secure Computation, Atlanta, 1978. 165–179

  12. 12

    Paillier P. Public-key cryptosystems based on composite degree residuosity classes. In: Advances in Cryptology—EUROCRYPT’99. Berlin: Springer, 1999. 223–238

  13. 13

    Gentry C. Fully homomorphic encryption using ideal lattices. In: Proceedings of the 41st Annual ACM Symposium on Theory of Computing (STOC), Bethesda, 2009. 9: 169–178

  14. 14

    Gentry C, Halevi S. Implementing gentry’s fully-homomorphic encryption scheme. In: Advances in Cryptology— EUROCRYPT. Berlin: Springer, 2011. 129–148

  15. 15

    Brakerski Z, Gentry C, Vaikuntanathan V. (Leveled) fully homomorphic encryption without bootstrapping. In: Proceedings of the 3rd Innovations in Theoretical Computer Science Conference, Cambridge, 2012. 309–325

  16. 16

    Elmehdwi Y, Samanthula B, Jiang W. Secure k-nearest neighbor query over encrypted data in outsourced environments. In: Proceedings of IEEE 30th International Conference on Data Engineering (ICDE), Chicago, 2014. 664–675

  17. 17

    Boneh D, Lynn B, Shacham H. Short signatures from the weil pairing. In: Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology. London: Springer, 2001. 514–532

  18. 18

    Jiang Q, Wei F, Fu S, et al. Robust extended chaotic maps-based three-factor authentication scheme preserving biometric template privacy. Nonlinear Dynam, 2016, 83: 2085–2101

  19. 19

    Koblitz N, Menezes A. Pairing-based cryptography at high security levels. In: Proceedings of IMA International Conference on Cryptography and Coding, Cirencester, 2005. 13–36

  20. 20

    Jiang Q, Ma J, Li G, et al. Improvement of robust smart-card-based password authentication scheme. Int J Commun Syst, 2015, 28: 383–393

  21. 21

    Kerschbaum F, Schroepfer A. Optimal average-complexity ideal-security order-preserving encryption. In: Proceedings of ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, 2014. 275–286

  22. 22

    Curtmola R, Garay J, Kamara S, et al. Searchable symmetric encryption: improved definitions and efficient constructions. J Comput Secur, 2011, 19: 895–934

  23. 23

    Kuzu M, Islam M S, Kantarcioglu M. Efficient similarity search over encrypted data. In: Proceedings of the IEEE 28th International Conference on Data Engineering (ICDE), Washington, 2012. 1156–1167

  24. 24

    Demertzis I, Papadopoulos S, Papapetrou O, et al. Practical private range search revisited. In: Proceedings of the ACM International Conference on Management of Data (SIGMOD), San Francisco, 2016. 185–198

  25. 25

    Kerschbaum F. Frequency-hiding order-preserving encryption. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS), Denver, 2015. 656–667

  26. 26

    Popa R A, Redfield C M S, Zeldovich N, et al. CryptDB: protecting confidentiality with encrypted query processing. In: Proceedings of the 23rd ACM Symposium on Operating Systems Principles, Cascais, 2011. 85–100

  27. 27

    Tu S, Kaashoek M F, Madden S, et al. Processing analytical queries over encrypted data. Proc VLDB Endow, 2013, 6: 289–300

  28. 28

    Choi S, Ghinita G, Lim H S, et al. Secure kNN query processing in untrusted cloud environments. IEEE TKDE, 2014, 26: 2818–2831

Download references

Acknowledgements

The work was supported by National Natural Science Foundation of China (Grant Nos. 61472298, 61672408, 61262073, 61472310, U1405255, 61662009), National High Technology Research and Development Program (Grant No. 2015AA016007), and China 111 Project (Grant No. B16037).

Author information

Correspondence to Jiangtao Cui.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Peng, Y., Li, H., Cui, J. et al. hOPE: improved order preserving encryption with the power to homomorphic operations of ciphertexts. Sci. China Inf. Sci. 60, 062101 (2017). https://doi.org/10.1007/s11432-016-0242-7

Download citation

Keywords

  • order preserving encoding
  • homomorphic operation
  • B+-tree
  • lookup table
  • provable secure