Jae Hwan Park
Securing multi-client range queries over encrypted data
Park, Jae Hwan; Rezaeifar, Zeinab; Hahn, Changhee
Authors
Zeinab Rezaeifar
Changhee Hahn
Abstract
Order-revealing encryption (ORE) allows secure range query processing over encrypted databases through a publicly accessible comparison function, while keeping other details concealed. Since parameter-hiding ORE (ASIACRYPT 2018) demonstrated improved privacy preservation at the cost of O(n2) comparison operations, where n is the bit length of plaintexts, Lv et al. (ESORICS 2021) introduced an efficient ORE scheme that reduced the comparison operations to O(n), all while accommodating multiple clients. In this paper, we identify a vulnerability in Lv et al.’s ORE scheme, which we refer to as “Query Reusability.” Exploiting this vulnerability, we develop an optimal query recovery attack. According to our experiment on the real-world datasets, our attack can recover a 64-bit plaintext query within a mere 83ms. We then propose msq-ORE, a multi-client secure range query ORE scheme that effectively mitigates the vulnerability while maintaining computational costs comparable to the state-of-the-art ORE scheme. Lastly, our performance analysis results show that the proposed scheme achieves efficacy.
| Journal Article Type | Article |
|---|---|
| Acceptance Date | Mar 26, 2024 |
| Online Publication Date | Apr 26, 2024 |
| Publication Date | 2024 |
| Deposit Date | Jun 20, 2024 |
| Publicly Available Date | Apr 27, 2025 |
| Journal | Cluster Computing |
| Print ISSN | 1386-7857 |
| Electronic ISSN | 1573-7543 |
| Publisher | Springer (part of Springer Nature) |
| Peer Reviewed | Peer Reviewed |
| Volume | 27 |
| Pages | 9679–9692 |
| DOI | https://doi.org/10.1007/s10586-024-04472-w |
| Public URL | https://uwe-repository.worktribe.com/output/12077469 |
Files
Securing multi-client range queries over encrypted data
(533 Kb)
PDF
Licence
http://www.rioxx.net/licenses/all-rights-reserved
Copyright Statement
This version of the article has been accepted for publication, after peer review (when applicable) and is subject to Springer Nature’s AM terms of use, but is not the Version of Record and does not reflect post-acceptance improvements, or any corrections. The Version of Record is available online at: https://doi.org/10.1007/s10586-024-04472-w
You might also like
A reliable geocast routing protocol for Vehicular Ad Hoc Networks
(2015)
Journal Article
Secure and privacy-aware traffic information as a service in VANET-based clouds
(2015)
Journal Article
Analysis of security issues in wireless charging of electric vehicles on the move
(2016)
Journal Article
A new privacy aware payment scheme for wireless charging of electric vehicles
(2016)
Journal Article
A trust-based method for mitigating cache poisoning in Name Data Networking
(2017)
Journal Article
Downloadable Citations
About UWE Bristol Research Repository
Administrator e-mail: repository@uwe.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2025
Advanced Search