Staff View
Order-revealing encryption: new constructions and barriers

Descriptive

TitleInfo
Title
Order-revealing encryption: new constructions and barriers
Name (type = personal)
NamePart (type = family)
Zhang
NamePart (type = given)
Cong
NamePart (type = date)
1988-
DisplayForm
Cong Zhang
Role
RoleTerm (authority = RULIB)
author
Name (type = personal)
NamePart (type = family)
Wright
NamePart (type = given)
Rebecca
DisplayForm
Rebecca Wright
Affiliation
Advisory Committee
Role
RoleTerm (authority = RULIB)
chair
Name (type = personal)
NamePart (type = family)
Cash
NamePart (type = given)
David
DisplayForm
David Cash
Affiliation
Advisory Committee
Role
RoleTerm (authority = RULIB)
internal member
Name (type = personal)
NamePart (type = family)
Allender
NamePart (type = given)
Eric
DisplayForm
Eric Allender
Affiliation
Advisory Committee
Role
RoleTerm (authority = RULIB)
internal member
Name (type = personal)
NamePart (type = family)
Ma
NamePart (type = given)
Shiqing
DisplayForm
Shiqing Ma
Affiliation
Advisory Committee
Role
RoleTerm (authority = RULIB)
internal member
Name (type = personal)
NamePart (type = family)
Tang
NamePart (type = given)
Qiang
DisplayForm
Qiang Tang
Affiliation
Advisory Committee
Role
RoleTerm (authority = RULIB)
outside member
Name (type = corporate)
NamePart
Rutgers University
Role
RoleTerm (authority = RULIB)
degree grantor
Name (type = corporate)
NamePart
School of Graduate Studies
Role
RoleTerm (authority = RULIB)
school
TypeOfResource
Text
Genre (authority = marcgt)
theses
Genre (authority = ExL-Esploro)
ETD doctoral
OriginInfo
DateCreated (qualifier = exact); (encoding = w3cdtf); (keyDate = yes)
2020
DateOther (type = degree); (qualifier = exact); (encoding = w3cdtf)
2020-10
Language
LanguageTerm (authority = ISO 639-3:2007); (type = text)
English
Abstract (type = abstract)
Order-revealing encryption (ORE) is a symmetric encryption scheme that gives a public procedure by which two ciphertexts can be compared to reveal the order of their underlying plaintexts. ORE is a very popular primitive for outsourcing databases and has seen deployments in products and usage in applied research, as it allows for efficiently performing range queries over encrypted data. However, a series of works, starting with Naveed emph{et al.} (CCS 2015), have shown that when the adversary has a good estimate of the distribution of the data, ORE provides little protection.

In this dissertation, we present our works on order-revealing encryption, which include novel security notions, new constructions, and barriers. First, we consider the best-possible security notion for ORE (ideal ORE), which means that, given the ciphertexts, emph{only} the order is revealed --- anything else, such as the distance between plaintexts, is hidden. Despite the fact that this notion provides the best security for ORE, the only known constructions of ideal ORE are based on cryptographic multilinear maps and are currently too impractical for real-world applications. In this work, we give evidence that building ideal ORE from weaker tools is hard. Essentially, we show black-box separations between ideal ORE and most symmetric-key primitives, as well as public-key encryption and anything else implied by generic group model in a black-box way. This result tells us that any construction of ORE must either (1) achieve weaker notions of security, (2) be based on more complicated cryptographic tools, or (3) require non-black-box techniques thus it suggests that any ORE achieving ideal security will likely be at least somewhat inefficient.

Then we propose a new meaningful security notion--- extit{parameter-hiding}. In our definition, we consider the case that the database entries are drawn identically and independently from the distribution of known shape, but for which the mean and variance are not (and thus the attacks of Naveed et al. do not apply). We say an ORE is parameter-hiding, if for any probabilistic and polynomial-time adversary, given any sequence (polynomial-size) of ciphertexts, the mean and variance of the message distribution are hidden. Based on this notion, we build the corresponding construction of ORE that satisfying it from a bi-linear map.

Next, we study a particular case of ORE, which is called order-preserving encryption. OPE schemes are the subset of ORE schemes for which the ciphertexts themselves are numerical values that can be compared naturally. For OPE, we study its ciphertext length under the security notion proposed by Chenette et al. for OPE (FSE 2016); their notion says that the comparison of two ciphertexts should only leak the index of the most significant bit on which they differ (MSDB-secure). In their work, they propose two constructions, both ORE and OPE; the ORE scheme has very short ciphertexts that only expand the plaintext by a factor approx 1.58, while the ciphertext-size of the OPE scheme expands the plaintext by a security-parameter factor. We give evidence that this gap between ORE and OPE is inherent, by proving that emph{any} OPE meeting the information-theoretic version of their security definition (for instance, in the random oracle model) must have the ciphertext length close to that of their constructions.
Subject (authority = local)
Topic
Black-box separation
Subject (authority = RUETD)
Topic
Computer Science
RelatedItem (type = host)
TitleInfo
Title
Rutgers University Electronic Theses and Dissertations
Identifier (type = RULIB)
ETD
Identifier
ETD_11139
PhysicalDescription
Form (authority = gmd)
InternetMediaType
application/pdf
InternetMediaType
text/xml
Extent
1 online resource (viii, 133 pages) : illistrations
Note (type = degree)
Ph.D.
Note (type = bibliography)
Includes bibliographical references
RelatedItem (type = host)
TitleInfo
Title
School of Graduate Studies Electronic Theses and Dissertations
Identifier (type = local)
rucore10001600001
Location
PhysicalLocation (authority = marcorg); (displayLabel = Rutgers, The State University of New Jersey)
NjNbRU
Identifier (type = doi)
doi:10.7282/t3-90c4-2m94
Back to the top

Rights

RightsDeclaration (ID = rulibRdec0006)
The author owns the copyright to this work.
RightsHolder (type = personal)
Name
FamilyName
Zhang
GivenName
Cong
Role
Copyright Holder
RightsEvent
Type
Permission or license
DateTime (encoding = w3cdtf); (qualifier = exact); (point = start)
2020-09-10 23:49:56
AssociatedEntity
Name
Cong Zhang
Role
Copyright holder
Affiliation
Rutgers University. School of Graduate Studies
AssociatedObject
Type
License
Name
Author Agreement License
Detail
I hereby grant to the Rutgers University Libraries and to my school the non-exclusive right to archive, reproduce and distribute my thesis or dissertation, in whole or in part, and/or my abstract, in whole or in part, in and from an electronic format, subject to the release date subsequently stipulated in this submittal form and approved by my school. I represent and stipulate that the thesis or dissertation and its abstract are my original work, that they do not infringe or violate any rights of others, and that I make these grants as the sole owner of the rights to my thesis or dissertation and its abstract. I represent that I have obtained written permissions, when necessary, from the owner(s) of each third party copyrighted matter to be included in my thesis or dissertation and will supply copies of such upon request by my school. I acknowledge that RU ETD and my school will not distribute my thesis or dissertation or its abstract if, in their reasonable judgment, they believe all such rights have not been secured. I acknowledge that I retain ownership rights to the copyright of my work. I also retain the right to use all or part of this thesis or dissertation in future works, such as articles or books.
Copyright
Status
Copyright protected
Availability
Status
Open
Reason
Permission or license
Back to the top

Technical

RULTechMD (ID = TECHNICAL1)
ContentModel
ETD
OperatingSystem (VERSION = 5.1)
windows xp
CreatingApplication
Version
1.5
DateCreated (point = end); (encoding = w3cdtf); (qualifier = exact)
2020-09-11T03:44:25
DateCreated (point = end); (encoding = w3cdtf); (qualifier = exact)
2020-09-11T03:44:25
ApplicationName
pdfTeX-1.40.19
Back to the top
Version 8.5.5
Rutgers University Libraries - Copyright ©2024