Practical Application of Order-preserving Encryption in Wide Column Stores

Order-preserving encryption (OPE) produces ciphertexts that preserve the relative order of the underlying plaintexts. Thus, it is very suitable for range queries over encrypted outsourced data, as it is a popular case in cloud database scenarios. Unfortunately, most schemes suffer from infeasibility in practice due to requirements like hardly maintainable data structures or additional architectural components. While OPE is a widely discussed topic in theory, to our knowledge only one OPE scheme received noticeable practical attention ((Boldyreva et al., 2009) for SQL-based systems in (Popa et al., 2011; Tu et al., 2013)). Therefore, our work identifies the practical requirements for utilizing OPE in real world usage with focus on existing NoSQL cloud database technologies. We evaluate a variety of popular schemes and propose improvements for two of them in order to further improve their practicability. Then we assess the performance of our modifications in comparison to the approach of (Boldyreva et al., 2011) (which can be considered the successor of (Boldyreva et al., 2009) by a runtime analysis in combination with two popular NoSQL wide column store databases.