Abstract
For cloud data storage, data privacy and security are two key concerns. Although sensitive data can be encrypted before they are stored in the cloud, the encrypted data can hardly be processed efficiently. Hence, a lightweight solution is required to satisfy both high security and high efficiency requirements. In this paper, we study the problem of range query over encrypted data. The main idea is to transform the range comparison to a privacy-preserving set intersection operation. To protect record privacy, our scheme builds searchable encrypted indexes for records that are secure against inference attack. To ensure the privacy of range queries, non-deterministic encryption, which has not been achieved in range query before, is proposed to hide the search pattern of queries. During range comparison, our scheme neither leaks the order relationship between the upper/ lower bound of a range query and the encrypted index, nor produces false positives in the query results. We have implemented our scheme and evaluated its performance in comparison with other schemes. The comparison results indicate that our scheme has a shorter index size and search time than the order-revealing encryption (ORE) scheme when the processing unit is large. Meanwhile, our scheme only leaks the access pattern, and is proved to be more secure than existing schemes.
Original language | English |
---|---|
Pages (from-to) | 1806-1824 |
Number of pages | 19 |
Journal | Computer Journal |
Volume | 61 |
Issue number | 12 |
DOIs | |
Publication status | Published - 1 Dec 2018 |
Keywords
- Cloud data storage
- Cloud security
- Data privacy
- Range query
- Searchable symmetric encryption
ASJC Scopus subject areas
- General Computer Science