TY - GEN
T1 - Property preserving symmetric encryption
AU - Pandey, Omkant
AU - Rouselakis, Yannis
PY - 2012
Y1 - 2012
N2 - Processing on encrypted data is a subject of rich investigation. Several new and exotic encryption schemes, supporting a diverse set of features, have been developed for this purpose. We consider encryption schemes that are suitable for applications such as data clustering on encrypted data. In such applications, the processing algorithm needs to learn certain properties about the encrypted data to make decisions. Often these decisions depend upon multiple data items, which might have been encrypted individually and independently. Current encryption schemes do not capture this setting where computation must be done on multiple ciphertexts to make a decision. In this work, we seek encryption schemes which allow public computation of a pre-specified property P about the encrypted messages. That is, such schemes have an associated property P of fixed arity k, and a publicly computable algorithm Test, such that Test(ct 1,.,ct k )=P(m 1,.,m k ), where ct i is an encryption of m i for i=1,.,k. Further, this requirement holds even if the ciphertexts ct 1,.,ct k were generated individually and independently. We call such schemes property preserving encryption schemes. Property preserving encryption (PPEnc) makes most sense in the symmetric setting due to the requirement that Test is publicly computable. In this work, we present a thorough investigation of property preserving symmetric encryption. We start by formalizing several meaningful notions of security for PPEnc. Somewhat surprisingly, we show that there exists a hierarchy of security notions for PPEnc, indexed by integers η∈ ∈N, which does not collapse. We also present a symmetric PPEnc scheme for encrypting vectors in N N of polynomial length. This construction supports the orthogonality property: for every two vectors it is possible to publicly learn whether x→•y→ O mod p. Our scheme is based on bilinear groups of composite order.
AB - Processing on encrypted data is a subject of rich investigation. Several new and exotic encryption schemes, supporting a diverse set of features, have been developed for this purpose. We consider encryption schemes that are suitable for applications such as data clustering on encrypted data. In such applications, the processing algorithm needs to learn certain properties about the encrypted data to make decisions. Often these decisions depend upon multiple data items, which might have been encrypted individually and independently. Current encryption schemes do not capture this setting where computation must be done on multiple ciphertexts to make a decision. In this work, we seek encryption schemes which allow public computation of a pre-specified property P about the encrypted messages. That is, such schemes have an associated property P of fixed arity k, and a publicly computable algorithm Test, such that Test(ct 1,.,ct k )=P(m 1,.,m k ), where ct i is an encryption of m i for i=1,.,k. Further, this requirement holds even if the ciphertexts ct 1,.,ct k were generated individually and independently. We call such schemes property preserving encryption schemes. Property preserving encryption (PPEnc) makes most sense in the symmetric setting due to the requirement that Test is publicly computable. In this work, we present a thorough investigation of property preserving symmetric encryption. We start by formalizing several meaningful notions of security for PPEnc. Somewhat surprisingly, we show that there exists a hierarchy of security notions for PPEnc, indexed by integers η∈ ∈N, which does not collapse. We also present a symmetric PPEnc scheme for encrypting vectors in N N of polynomial length. This construction supports the orthogonality property: for every two vectors it is possible to publicly learn whether x→•y→ O mod p. Our scheme is based on bilinear groups of composite order.
UR - https://www.scopus.com/pages/publications/84859983421
U2 - 10.1007/978-3-642-29011-4_23
DO - 10.1007/978-3-642-29011-4_23
M3 - Conference contribution
AN - SCOPUS:84859983421
SN - 9783642290107
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 375
EP - 391
BT - Advances in Cryptology, EUROCRYPT 2012 - 31st Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings
T2 - 31st Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2012
Y2 - 15 April 2012 through 19 April 2012
ER -