BOPE: Boundary Order-Preserving Encryption Scheme in Relational Database System

• Main Authors: Si Chen, Lin Li, Wenyu Zhang, Xiaolin Chang, Zhen Han
• Format: Article
• Language: English
• Published: IEEE 2021-01-01
• Series: IEEE Access
• Subjects: Order-preserving encryption/encoding; IND-OCPA security; encrypted database system; efficiency
• Online Access: https://ieeexplore.ieee.org/document/9350588/

Recently, researchers are being more interested in performing operations directly on the encrypted database with the help of the Order-Preserving Encryption (OPE) scheme. This mechanism enables executing many types of queries efficiently, such as range query and comparison, since it can preserve the relative order of underlying plaintext on ciphertexts. However, traditional OPE schemes cannot achieve ideal security against IND-OCPA (INDistinguishability under Ordered Chosen-Plaintext Attack) in a linear length of static encoding. Popa's mutable scheme (namely, mOPE) is an effective solution to perform the range query in the database environment. In this paper, we propose a novel scheme, Boundary OrderPreserving Encryption (BOPE), to achieve high performance under ideal security. BOPE comprises two algorithms. One is a searching algorithm in which we propose a data structure, the boundary tree, to optimize the algorithm by cutting the scope of each iteration and reducing the rounds of interaction. The second algorithm is an updating algorithm for stale encoding, which determines whether to update the lookup table according to the type of each query, in order to avoid the time cost of redundant updates. We implemented and evaluated BOPE on a practical environment where we have achieved a performance increase of more than 10% from mOPE.