TY - GEN
T1 - Parameter-hiding order revealing encryption
AU - Cash, David
AU - Liu, Feng Hao
AU - O’Neill, Adam
AU - Zhandry, Mark
AU - Zhang, Cong
N1 - Funding Information: Acknowledgments. David Cash is supported by NSF CNS-1453132. Feng-Hao Liu is supported by NSF CNS-1657040. Adam O’Neill is supported in part by NSF CNS-1650419. Mark Zhandry is supported by NSF. David Cash and Cong Zhang are partially supported by DARPA and SSC Pacific under contract N66001-15-C-4070. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of NSF, DARPA or SSC Pacific. Publisher Copyright: © 2018, International Association for Cryptologic Research.
PY - 2018
Y1 - 2018
N2 - Order-revealing encryption (ORE) is a primitive for outsourcing encrypted databases which allows for efficiently performing range queries over encrypted data. Unfortunately, a series of works, starting with Naveed et al. (CCS 2015), have shown that when the adversary has a good estimate of the distribution of the data, ORE provides little protection. In this work, we consider the case that the database entries are drawn identically and independently from a distribution of known shape, but for which the mean and variance are not (and thus the attacks of Naveed et al. do not apply). We define a new notion of security for ORE, called parameter-hiding ORE, which maintains the secrecy of these parameters. We give a construction of ORE satisfying our new definition from bilinear maps.
AB - Order-revealing encryption (ORE) is a primitive for outsourcing encrypted databases which allows for efficiently performing range queries over encrypted data. Unfortunately, a series of works, starting with Naveed et al. (CCS 2015), have shown that when the adversary has a good estimate of the distribution of the data, ORE provides little protection. In this work, we consider the case that the database entries are drawn identically and independently from a distribution of known shape, but for which the mean and variance are not (and thus the attacks of Naveed et al. do not apply). We define a new notion of security for ORE, called parameter-hiding ORE, which maintains the secrecy of these parameters. We give a construction of ORE satisfying our new definition from bilinear maps.
KW - Encryption
KW - Order-revealing encryption
UR - http://www.scopus.com/inward/record.url?scp=85057624453&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85057624453&partnerID=8YFLogxK
U2 - https://doi.org/10.1007/978-3-030-03326-2_7
DO - https://doi.org/10.1007/978-3-030-03326-2_7
M3 - Conference contribution
SN - 9783030033255
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 181
EP - 210
BT - Advances in Cryptology – ASIACRYPT 2018 - 24th International Conference on the Theory and Application of Cryptology and Information Security, Proceedings
A2 - Peyrin, Thomas
A2 - Galbraith, Steven
PB - Springer Verlag
T2 - 24th Annual International Conference on Theory and Application of Cryptology and Information Security, ASIACRYPT 2018
Y2 - 2 December 2018 through 6 December 2018
ER -