Security and Privacy in Communication Networks. 13th International Conference, SecureComm 2017, Niagara Falls, ON, Canada, October 22–25, 2017, Proceedings

Research Article

MPOPE: Multi-provider Order-Preserving Encryption for Cloud Data Privacy

Download
144 downloads
  • @INPROCEEDINGS{10.1007/978-3-319-78813-5_44,
        author={Jinwen Liang and Zheng Qin and Sheng Xiao and Jixin Zhang and Hui Yin and Keqin Li},
        title={MPOPE: Multi-provider Order-Preserving Encryption for Cloud Data Privacy},
        proceedings={Security and Privacy in Communication Networks. 13th International Conference, SecureComm 2017, Niagara Falls, ON, Canada, October 22--25, 2017, Proceedings},
        proceedings_a={SECURECOMM},
        year={2018},
        month={4},
        keywords={Order-preserving encryption Multiple data provider Cloud security},
        doi={10.1007/978-3-319-78813-5_44}
    }
    
  • Jinwen Liang
    Zheng Qin
    Sheng Xiao
    Jixin Zhang
    Hui Yin
    Keqin Li
    Year: 2018
    MPOPE: Multi-provider Order-Preserving Encryption for Cloud Data Privacy
    SECURECOMM
    Springer
    DOI: 10.1007/978-3-319-78813-5_44
Jinwen Liang1,*, Zheng Qin1,*, Sheng Xiao1,*, Jixin Zhang1,*, Hui Yin1,*, Keqin Li,*
  • 1: Hunan University
*Contact email: jimmieleung@hnu.edu.cn, zqin@hnu.edu.cn, xiaosheng@hnu.edu.cn, zhangjixin@hnu.edu.cn, yhui@ccsu.edu.cn, lik@newpaltz.edu

Abstract

Order-preserving encryption (OPE) has been proposed as a privacy-preserving query method for cloud computing. Existing researches of OPE diverge into two groups. One group focuses on single data provider scenarios and achieves strong security notion such as indistinguishability under ordered chosen plaintext attack (IND-OCPA). Another group of research designs multi-provider schemes and provides weaker security guarantees than those of single provider schemes. In this paper, we propose a novel security notion for multi-provider scenario, indistinguishability under multi-provider ordered chosen plaintext attack (IND-MPOPCA), which guarantees equivalent security level as IND-OCPA while hiding the frequency of plaintexts and enabling multi-provider data submissions and queries. We develop a multi-provider randomized order technique to construct our MPOPE scheme to achieve the IND-MPOPCA security notion. We also conduct extensive experiments to prove the practicality and efficiency of our proposed scheme.