Delegatable Order-Revealing Encryption for Reliable Cross-Database Query

Changhee Hahn, Junbeom Hur

    Research output: Contribution to journalArticlepeer-review

    2 Citations (Scopus)

    Abstract

    Cloud service providers adopt pay-per-query pricing models to charge data owners based on the amount of data scanned by each query. In such models, the trustworthiness of the underlying billing system is as important as the privacy preservation for the data and queries. In this paper, we revisit delegatable order-revealing encryption (DORE), a range query algorithm allowing authorized users to retrieve data of specific ranges across multiple databases encrypted under different secret keys. We first investigate which factor in the authorization mechanism of DORE can lead to overprivileged users and let them allow any unauthorized user to query over the database of the victim without risking their credits, such as leaking the secret keys. Unfortunately, such unauthorized queries would incur unexpected financial damage to the victim in practical pay-per-query models. We then propose SEDORE, a secure order-revealing encryption scheme with resilience to unauthorized queries across databases. SEDORE features a novel user authorization mechanism limiting user privileges carefully. Consequently, the authorized users cannot illegally invite any unauthorized user to query unless they entirely leak their credits. We demonstrate that the performance of SEDORE is comparable to that of DORE while achieving a higher security level.

    Original languageEnglish
    Pages (from-to)1763-1777
    Number of pages15
    JournalIEEE Transactions on Services Computing
    Volume16
    Issue number3
    DOIs
    Publication statusPublished - 2023 May 1

    Bibliographical note

    Funding Information:
    This work was supported in part by the National Research Foundation of Korea(NRF) Grant funded by the Korea government(MSIT) under Grant 2021R1F1A1061420, in part by IITP Grant funded by the MSIT, Korea under Grants 2022-0-00411, IITP-2022-2020-0-01819, and IITP-2022- 2021-0-01810.

    Publisher Copyright:
    © 2008-2012 IEEE.

    Keywords

    • Range query
    • cross-database query
    • delegation
    • encrypted database
    • order-revealing encryption

    ASJC Scopus subject areas

    • Information Systems and Management
    • Hardware and Architecture
    • Computer Networks and Communications
    • Computer Science Applications

    Fingerprint

    Dive into the research topics of 'Delegatable Order-Revealing Encryption for Reliable Cross-Database Query'. Together they form a unique fingerprint.

    Cite this