Order Preserving Encryption (OPE) schemes have been examined to a great extent in the cryptography literature because of their prospective application to database design. OPE is an appealing method for database encryption as it permits to execute sort and range queries in an efficient manner without decrypting the data. Databases such as CryptDB are beginning to employ encryption to guard sensi...

Private database query (PDQ) processing has received much attention from the fields of both cryptography and databases. While previous approaches to design PDQ protocols exploit several cryptographic tools concurrently, recently the appearance of fully homomorphic encryption (FHE) schemes enables us to design PDQ protocols without the aid of additional tools. However, to the best of our knowled...

We present the first one-roundtrip protocol for performing range, range-aggregate, and order-by-limit queries over encrypted data, that both provides semantic security and is efficient. We accomplish this task by chaining garbled circuits over a search tree, using branch-chained garbled circuits, as well as carefully designing garbled circuits. We then show how to build a database index that ca...

ion Layer of a database system. TEAL is an implementation of a framework for secure storage and resides inside Abstraction Layer of a database (DBAL). We demonstrate how TEAL integrates transparently into existing applications. Furthermore, we explain query processing on encrypted data by re-using components of the DBAL. Finally, we visualize the impact of the processing steps of TEAL on the ru...

In this paper, we propose a multilevel database encryption system with subkeys. This new system is called the record-oriented cryptosystem which encrypts each record with different field-subkeys according to a security class of the data element. Each field is decrypted individually by the field-subkeys of which security class is higher than or equal to that of the encrypted field-subkeys. This ...

As more organizations and companies move to the cloud, the need to protect against data breaches becomes ever more important. Although previous systems using encrypted databases have been developed, the intricacies of their design lead to further attacks that compromise the privacy of the stored data. We propose PartDB, a system to protect against such attacks. PartDB partitions data in a recon...

Sometimes there is a need to store sensitive data on an untrusted database server. Song, Wagner and Perrig have introduced a way to search for the existence of a word in an encrypted textual document. The search speed is linear in the size of the document. It does not scale well for a large database. We have developed a tree search algorithm based on the linear search algorithm that is suitable...

In this paper, we advocate an alternative signal processing based approach to searchable encryption architectures allowing to find non-exact or similar matches in the encrypted domain. The proposed approach is based on a modified architecture, where the main computational load is reallocated to a data user, who challenges an unsecure server by multiple requests, while the role of the server is ...

Data outsourcing is emerging today as a successful solution for organizations looking for a cost-effective way to make their data available for on-line querying. To protect outsourced data from unauthorized accesses, even from the (honest but curious) host server, data are encrypted and indexes associated with them enable the server to execute queries without the need of accessing cleartext. Cu...

The proliferation of online biometric authentication has necessitated security requirements of biometric templates. The existing secure biometric authentication schemes feature a server-centric model, where a service provider maintains a biometric database and is fully responsible for the security of the templates. The end-users have to fully trust the server in storing, processing and managing...