Order-hiding range query over encrypted data without search pattern leakage

Yi Dou, Henry C.B. Chan, Man Ho Au

Research output: Journal article publicationJournal articleAcademic researchpeer-review

2 Citations (Scopus)

Abstract

For cloud data storage, data privacy and security are two key concerns. Although sensitive data can be encrypted before they are stored in the cloud, the encrypted data can hardly be processed efficiently. Hence, a lightweight solution is required to satisfy both high security and high efficiency requirements. In this paper, we study the problem of range query over encrypted data. The main idea is to transform the range comparison to a privacy-preserving set intersection operation. To protect record privacy, our scheme builds searchable encrypted indexes for records that are secure against inference attack. To ensure the privacy of range queries, non-deterministic encryption, which has not been achieved in range query before, is proposed to hide the search pattern of queries. During range comparison, our scheme neither leaks the order relationship between the upper/ lower bound of a range query and the encrypted index, nor produces false positives in the query results. We have implemented our scheme and evaluated its performance in comparison with other schemes. The comparison results indicate that our scheme has a shorter index size and search time than the order-revealing encryption (ORE) scheme when the processing unit is large. Meanwhile, our scheme only leaks the access pattern, and is proved to be more secure than existing schemes.

Original languageEnglish
Pages (from-to)1806-1824
Number of pages19
JournalComputer Journal
Volume61
Issue number12
DOIs
Publication statusPublished - 1 Dec 2018

Keywords

  • Cloud data storage
  • Cloud security
  • Data privacy
  • Range query
  • Searchable symmetric encryption

ASJC Scopus subject areas

  • Computer Science(all)

Cite this