Efficient and Secure Top-k Queries With Top Order-Preserving Encryption

Top-k queries can retrieve the most relevant tuples from massive datasets and have wide implementations, such as PageRank, healthcare analytics, and decision making. The increasing demands of outsourcing large datasets to public clouds with privacy concern expect new techniques to securely perform top-k queries on encrypted data on the cloud servers. Order-preserving encryption (OPE) can be used for answering top-k queries correctly and naturally. However, it is over qualified since it unnecessarily leaks too much information (i.e., orders of non-top-k values). In this paper, we propose a mutable top OPE (TOPE) to first enable top-1 (min or max) queries on encrypted data with minimized information leakage. Then, we extend this TOPE to support top-k queries in general. With TOPE, the ciphertexts of top-k values are still the top-k in the ciphertext domain, while the ciphertexts of non-top-k values are in meaningless order. In addition, we rigorously define and prove the security of TOPE with indistinguishability under top-ordered chosen-plaintext attacks. We implement our scheme on synthetic and real datasets to show its effectiveness and efficiency. The search performance of top-k queries on massive TOPE ciphertexts with our scheme is almost as fast as on the plaintexts.

[1]  David J. Wu,et al.  Order-Revealing Encryption: New Constructions, Applications, and Lower Bounds , 2016, IACR Cryptol. ePrint Arch..

[2]  David J. Wu,et al.  Practical Order-Revealing Encryption with Limited Leakage , 2016, FSE.

[3]  Hari Balakrishnan,et al.  CryptDB: protecting confidentiality with encrypted query processing , 2011, SOSP.

[4]  Olga Ohrimenko,et al.  Sorting and Searching Behind the Curtain , 2015, Financial Cryptography.

[5]  Yantian Hou,et al.  Maple: scalable multi-dimensional range search over encrypted cloud data with tree-based index , 2014, AsiaCCS.

[6]  Angelos D. Keromytis,et al.  Blind Seer: A Scalable Private DBMS , 2014, 2014 IEEE Symposium on Security and Privacy.

[7]  Nathan Chenette,et al.  Order-Preserving Encryption Revisited: Improved Security Analysis and Alternative Solutions , 2011, CRYPTO.

[8]  Mohamed A. Soliman,et al.  Top-k Query Processing in Uncertain Databases , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[9]  Florian Kerschbaum,et al.  Optimal Average-Complexity Ideal-Security Order-Preserving Encryption , 2014, CCS.

[10]  Ronald L. Rivest,et al.  Introduction to Algorithms , 1990 .

[11]  Elaine Shi,et al.  Multi-Dimensional Range Query over Encrypted Data , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[12]  Nickolai Zeldovich,et al.  An Ideal-Security Protocol for Order-Preserving Encoding , 2013, 2013 IEEE Symposium on Security and Privacy.

[13]  Erol Gelenbe,et al.  Top-$k$ Query Result Completeness Verification in Tiered Sensor Networks , 2014, IEEE Transactions on Information Forensics and Security.

[14]  Yanbin Lu,et al.  Privacy-preserving Logarithmic-time Search on Encrypted Data in Cloud , 2012, NDSS.

[15]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[16]  Florian Kerschbaum,et al.  Frequency-Hiding Order-Preserving Encryption , 2015, CCS.

[17]  Nathan Chenette,et al.  Order-Preserving Symmetric Encryption , 2009, IACR Cryptol. ePrint Arch..

[18]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[19]  Ming Li,et al.  Verifiable Privacy-Preserving Multi-Keyword Text Search in the Cloud Supporting Similarity-Based Ranking , 2014, IEEE Trans. Parallel Distributed Syst..

[20]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: Improved definitions and efficient constructions , 2011, J. Comput. Secur..

[21]  Charalampos Papamanthou,et al.  Dynamic searchable symmetric encryption , 2012, IACR Cryptol. ePrint Arch..

[22]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.

[23]  Mark Zhandry,et al.  Semantically Secure Order-Revealing Encryption: Multi-input Functional Encryption Without Obfuscation , 2015, EUROCRYPT.

[24]  Stanley B. Zdonik,et al.  Top-k queries on uncertain data: on score distribution and typical answers , 2009, SIGMOD Conference.

[25]  Hugo Krawczyk,et al.  Highly-Scalable Searchable Symmetric Encryption with Support for Boolean Queries , 2013, IACR Cryptol. ePrint Arch..

[26]  Ihab F. Ilyas,et al.  A survey of top-k query processing techniques in relational database systems , 2008, CSUR.

[27]  Chanathip Namprempre,et al.  Authenticated encryption in SSH: provably fixing the SSH binary packet protocol , 2002, CCS '02.

[28]  Ronald L. Rivest,et al.  Introduction to Algorithms, 3rd Edition , 2009 .