Order-Preserving Database Encryption with Secret Sharing

TL;DR

This paper introduces ODES, a novel order-preserving encryption scheme using secret sharing among non-colluding servers, achieving high security and superior performance compared to existing methods.

Contribution

It proposes a new stateless OPE protocol based on secret sharing, addressing practical multi-server cloud scenarios and providing enhanced security guarantees.

Findings

ODES guarantees IND-FAOCPA security level.

ODES outperforms existing schemes by orders of magnitude.

The protocol is practical for deployment in multi-server cloud environments.

Abstract

The order-preserving encryption (OPE) problem was initially formulated by the database community in 2004 soon after the paradigm database-as-a-service (DaaS) was coined in 2002. Over the past two decades, OPE has drawn tremendous research interest from communities of databases, cryptography, and security; we have witnessed significant advances in OPE schemes both theoretically and systematically. All existing OPE schemes assume that the outsourced database is modeled as a single semi-honest adversary who should learn nothing more than the order information of plaintext messages up to a negligible probability. This paper addresses the OPE problem from a new perspective: instead of modeling the outsourced database as a single semi-honest adversary, we assume the outsourced database \textit{service} compromises a cluster of non-colluding servers, which is a practical assumption as all major cloud vendors support multiple database instances deployed to exclusive sub-networks or even to distinct data centers. This assumption allows us to design a new stateless OPE protocol, namely order-preserving database encryption with secret sharing (ODES), by employing secret-sharing schemes among those presumably non-colluding servers. We will demonstrate that ODES guarantees the latest security level, namely IND-FAOCPA, and outperforms the state-of-the-art scheme by orders of magnitude.