ETRI-Knowledge Sharing Plaform

ENGLISH

성과물

논문 검색
구분 SCI
연도 ~ 키워드

상세정보

학술지 Chaotic Order Preserving Encryption for Efficient and Secure Queries on Databases
Cited 35 time in scopus Download 6 time Share share facebook twitter linkedin kakaostory
저자
이승민, 박태준, 이동혁, 남택용, 김세헌
발행일
200911
출처
IEICE Transactions on Information and Systems, v.E92-D no.11, pp.2207-2217
ISSN
0916-8532
출판사
일본, 전자정보통신학회 (IEICE)
DOI
https://dx.doi.org/10.1587/transinf.E92.D.2207
협약과제
07MK2500, 개인정보 DB를 위한 통합형 보안 기술 개발, 남택용
초록
The need for data encryption that protects sensitive data in a database has increased rapidly. However, encrypted data can no longer be efficiently queried because nearly all of the data should be decrypted. Several order-preserving encryption schemes that enable indexes to be built over encrypted data have been suggested to solve this problem. They allow any comparison operation to be directly applied to encrypted data. However, one of the main disadvantages of these schemes is that they expose sensitive data to inference attacks with order information, especially when the data are used together with unencrypted columns in the database. In this study, a new order-preserving encryption scheme that provides secure queries by hiding the order is introduced. Moreover, it provides efficient queries because any user who has the encryption key knows the order. The proposed scheme is designed to be efficient and secure in such an environment. Thus, it is possible to encrypt only sensitive data while leaving other data unencrypted. The encryption is not only robust against order exposure, but also shows high performance for any query over encrypted data. In addition, the proposed scheme provides strong updates without assumptions of the distribution of plaintext. This allows it to be integrated easily with the existing database system. Copyright © 2009 The Institute of Electronics, Information and Communication Engineers.
키워드
Beta-expansion, Database encryption, Order-preserving encryption, Random shuffling
KSP 제안 키워드
Database encryption, Database systems, High performance, Inference attacks, Information and communication, Order-preserving encryption scheme, Sensitive Data, data encryption, directly applied, encrypted data, encryption Key