Journal of Information Processing Systems

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

GOPES: Group Order-Preserving Encryption Scheme Supporting Query Processing over Encrypted Data

  • Lee, Hyunjo (Dept. of Computer Engineering, Chonbuk National University) ;
  • Song, Youngho (Dept. of Computer Engineering, Chonbuk National University) ;
  • Chang, Jae-Woo (Dept. of Computer Engineering, Chonbuk National University)
  • Received : 2017.07.05
  • Accepted : 2017.09.24
  • Published : 2018.10.31
Download PDF
⟨ Previous Next ⟩

Abstract

As cloud computing has become a widespread technology, malicious attackers can obtain the private information of users that has leaked from the service provider in the outsourced databases. To resolve the problem, it is necessary to encrypt the database prior to outsourcing it to the service provider. However, the most existing data encryption schemes cannot process a query without decrypting the encrypted databases. Moreover, because the amount of the data is large, it takes too much time to decrypt all the data. For this, Programmable Order-Preserving Secure Index Scheme (POPIS) was proposed to hide the original data while performing query processing without decryption. However, POPIS is weak to both order matching attacks and data count attacks. To overcome the limitations, we propose a group order-preserving data encryption scheme (GOPES) that can support efficient query processing over the encrypted data. Since GOPES can preserve the order of each data group by generating the signatures of the encrypted data, it can provide a high degree of data privacy protection. Finally, it is shown that GOPES is better than the existing POPIS, with respect to both order matching attacks and data count attacks.

Keywords

References

  1. H. Hacigumus, S. Mehrotra, and B. Iyer, "Providing database as a service," in Proceedings 18th International Conference on Data Engineering, San Jose, CA, 2002, pp. 29-38.
  2. C. Curino, E. P. Jones, R. A. Popa, N. Malviya, E. Wu, S. Madden, H. Balakrishnan, and N. Zeldovich, "Relational cloud: a database-as-a-service for the cloud," in Proceedings of the 5th Biennial Conference on Innovative Data Systems Research, Asilomar, CA, 2011, pp. 235-240.
  3. R. Buyya, C. S. Yeo, S. Venugopal, J. Broberg, and I. Brandic, "Cloud computing and emerging IT platforms: vision, hype, and reality for delivering computing as the 5th utility," Future Generation Computer Systems, vol. 25, no. 6, pp. 599-616, 2009. https://doi.org/10.1016/j.future.2008.12.001
  4. Y. Zhu, G. J. Ahn, H. Hu, S. S. Yau, H. G. An, and C. J. Hu, "Dynamic audit services for outsourced storages in clouds," IEEE Transactions on Services Computing, vol. 6, no. 2, pp. 227-238, 2013. https://doi.org/10.1109/TSC.2011.51
  5. R. Agrawal, J. Kiernan, R. Srikant, and Y. Xu, "Order preserving encryption for numeric data," in Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data, Paris, France, 2004, pp. 563-574.
  6. L. Xiao and I. L. Yen, "Security analysis for order preserving encryption schemes," in Proceedings of 2012 46th Annual Conference on Information Sciences and Systems (CISS), Princeton, NJ, 2012, pp. 1-6.
  7. L. Xiao, I. L. Yen, and D. T. Huynh, "Extending order preserving encryption for multi-user systems," 2012; https://eprint.iacr.org/2012/192.pdf.
  8. D. H. Yum, D. S. Kim, J. S. Kim, P. J. Lee, and S. J. Hong, "Order-preserving encryption for non-uniformly distributed plaintexts," in Information Security Applications. Heidelberg: Springer, 2011, pp. 84-97.
  9. D. Liu and S. Wang, "Programmable order-preserving secure index for encrypted database query," in Proceedings of 2012 IEEE 5th International Conference on Cloud Computing, Honolulu, HI, 2012, pp. 502- 509.
  10. National Institute of Standards and Technology, "FIPS 197: Announcing the advanced encryption standard (AES)," 2001; https://csrc.nist.gov/publications/detail/fips/197/final.
  11. US Census Bureau [Online]. Available: https://www.census.gov/.