Practical Query-based Order Revealing Encryption from Symmetric Searchable Encryption

Abstract

In the 2010s, there has been significant interest in developing methods, such as searchable encryption for exact matching and order-preserving/-revealing encryption for range search, to perform search on encrypted data. However, the symmetric searchable encryption method has been steadily used not only in databases but also in full-text search engine because of its quick performance and high security against intruders and system administrators. Contrarily, order-preserving/-revealing encryption is rarely employed in practice: almost all related schemes suffer from inference attacks, and some schemes are secure but impractical because they require exponential storage size or communication complexity. In this study, we define the new security models based on order-revealing encryption (ORE) for performing range search, and explain that previous techniques are not satisfied with our weak security model. We present two generic constructions of ORE using the searchable encryption method. Our constructions offer practical performance such as the storage size of O(nb) and computation complexity of O(n2), where the plaintext space is a set of n-bit binaries and b denotes the block size of the ciphertext generated via searchable encryption. The first construction gives the comparison result to the server, and the security considers a weak security model. The second construction hides the comparison result from the server, and only the secret-key owner can recover it.