Chaotic Order Preserving Encryption for Efficient and Secure Queries on Databases

摘要

The need for data encryption that protects sensitive data in a database has increased rapidly. However, encrypted data can no longer be efficiently queried because nearly all of the data should be decrypted. Several order-preserving encryption schemes that enable indexes to be built over encrypted data have been suggested to solve this problem. They allow any comparison operation to be directly applied to encrypted data. However, one of the main disadvantages of these schemes is that they expose sensitive dala to inference attacks with order information, especially when the data are used together with unencrypted columns in the database. In this study, a new order-preserving encryption scheme that provides secure queries by hiding the order is introduced. Moreover, it provides efficient queries because any user who has the encryption key knows the order. The proposed scheme is designed to be efficient and secure in such an environment. Thus, it is possible to encrypt only sensitive data while leaving other data unencrypted. The encryption is not only robust against order exposure, but also shows high performance for any query over encrypted data. In addition, the proposed scheme provides strong updates without assumptions of the distribution of plaintext. This allows it to be integrated easily with the existing database system.