The amount of information stored in databases is constantly increasing. Databases contain multiple records, each of them divided in several data fields. And some of these fields may contain sensitive information, so there is a need to prevent free access to it. Traditionally, cryptography has been used to conceal this kind of information, but conventional cryptography has the problem that, for queries that need access to a specific field for all the records, it requires the decryption of the entire data field. Order preserving encryption ensures that comparing encrypted data returns the same result than comparing the original data. This permits to order encrypted data without the need of decryption. In this way, databases using this kind of cryptosystems admit encrypted record fields while still allowing searches and range queries. In this paper, we propose an order preserving symmetric encryption scheme whose encryption function is recursively constructed. Starting with the trivial order preserving encryption function, which is the identity, a function is constructed in a series of steps by making it more and more complex until the the desired security level is reached. The security of the proposed cryptosystem is also analyzed.
Digital Object Identifier (DOI)
Mart?nez, Santi; M. Miret, Josep; Tom?s, Rosana; and Valls, Magda
"Securing Databases by using Diagonal-based Order Preserving Symmetric Encryption,"
Applied Mathematics & Information Sciences: Vol. 08
, Article 1.
Available at: https://dc.naturalspublishing.com/amis/vol08/iss5/1