[Busec] Fwd: Talk on Order-Preserving Encryption [Thursday 04/19 @ 12:00 pm in MCS 148]

Benjamin Fuller bfuller at cs.bu.edu
Thu Apr 19 11:55:59 EDT 2012

For those of you that didn't see the announcement.  This talk starts in five minutes.


Begin forwarded message:

> From: gkollios at bu.edu
> Date: April 19, 2012 11:41:20 AM EDT
> To: cs-grads at cs.bu.edu
> Subject: Talk on Order-Preserving Encryption [Thursday 04/19 @ 12:00 pm in MCS 148]
> Data Mining and Database Group Seminar
> =======================================
> Title: Order-Preserving Encryption
> Speaker: Adam O'Neill, Boston University
> When: Thursday, April 19, 2012 at 12:00 noon
> Where: MCS 148
> Abstract:
> We will provide an overview of our recent results (with A. Boldyreva, N. Chenette, and Y. Lee) on order-preserving encryption (OPE), a type of symmetric encryption on numerical data that preserves plaintext order.  This property is in particular useful to do highly efficient range query processing on an encrypted database without needing to decrypt.  We will first discuss a natural security notion for OPE that we show is unfortunately *unachievable* by any practical OPE scheme.  We will then go on to propose a different security notion in the style of pseudorandom-function-security, asking that the OPE is ``as random as possible'' subject to the order-preserving constraint, which we call POPF (pseudorandom order-preserving function) security.  We will then show how to construct an efficient, POPF-secure OPE scheme based on a blockcipher and a sampling algorithm for the hypergeometic distribution.  For the remainder of the talk, we turn to the question of what encryption via a POPF-secure OPE scheme leaks about the underlying data.  In  articular, we will explain that, for a database of randomly distributed plaintexts and appropriate choice of parameters, POPF-secure OPE leaks neither the precise value of any  laintext nor the precise distance between any two of them. On the other hand, such encryption leaks approximate value of any plaintext as well as approximate distance between any two plaintexts, each to an accuracy of about square root of the domain size.
> Bio: Adam is a postdoctoral associate in the Center for Reliable Information Systems and Cyber Security at Boston University, hosted by Ran Canetti and Leo Reyzin. He did his undergraduate work in Computer Science and Mathematics at the University of California, San Diego, and received a Ph.D. in Computer Science from the College of Computing, Georgia Institute of Technology. His advisor was Sasha Boldyreva. His main research interest is cryptography. He is a program committee member for Inscrypt 2009, CANS 2010, PKC 2012.

Benjamin Fuller
Boston University Computer Science
bfuller at cs.bu.edu

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cs-mailman.bu.edu/pipermail/busec/attachments/20120419/003713bd/attachment-0001.html 

More information about the Busec mailing list