With the development of cloud computing, privacy has become the key problem of cloud security. While encryption is a well-established technology for protecting sensitive data, it makes effective data utilization a very challenging task. To solve the problem, this paper designs a randomized data structure—random tree (RT), and constructs an encryption scheme OPEART (order-preserving encryption algorithm based on RT). OPEART realizes the encryption of data by randomness, and supports relational calculations (>, <, >=, etc.) on encrypted data. Security analysis and performance evaluation show that OPEART is IND-DNCPA while achieving the goal of relational calculations on encrypted cloud data efficiently.%随着云计算的深入发展,隐私安全成为云安全的一个关键问题.加密是一种常用的保护敏感数据的方法,但是它不支持有效的数据操作.为了提供云计算环境中的隐私保护,设计了一种随机数据结构——随机树,并构建了基于随机树的保序加密算法OPEART(order-preserving encryption based on random tree).OPEART通过引入随机性实现了对数据的加密,并支持加密数据的任何关系运算(>,<,>=等).安全分析和性能评估表明:OPEART 是 IND- DNCPA(indistinguishability under distinct and neighbouring chosen plaintext attack)安全的,并能高效地实现对加密数据的关系运算.
展开▼