Deterministic and Efficiently Searchable Encryption

To provide some background to the paper, in the database literature, the naive solution of providing public key encryption on untrusted database servers (for example, data stored in a rented cloud server) includes encrypting every record non-deterministically in order to provide notions of privacy in the database. In other words, in order to find particular records in an encrypted database, the entire database would have to be scanned (in other words, searches would take time linear to the size of the database), as indexes cannot be built on non-deterministic ciphertext values. In this paper, the authors detail systems where database systems can maintain provable security bounds via encryption, while allowing logarithmic search bounds that are desired of database systems. They achieve this via deterministic public key encryption, which they prove in the paper that while normally deterministic public key encryptions do not grant the level of security expected in all applications, the deterministic public key encryption algorithms provided in the paper still maintain a degree of provable security against chosen plaintext attacks. The authors, in the last section of the paper, also include extensions to cover chosen ciphertext attacks.