Security Analysis for an Order Preserving Encryption Scheme

The development of third-party hosting, IT outsourcing, service clouds, etc. raises important security concerns. It would be safer to encrypt critical data hosted by a third-parity, but meanwhile, the database should be able to process queries on encrypted data. Many research works have been developed to support search query processing on encrypted data, including the order preserving encryption (OPE) schemes. Security analysis plays an important role on secure algorithm design. It can help understand the level of security assurance of the algorithm. Currently, security analysis for OPE schemes is limited. In [8], a cryptographic-based OPE scheme, SEm,n, has been proposed. It defines the ideal model and the real model and construct the OPE in the real model to satisfy the idea model security. However, the security of the idea model itself has not been analyzed. In this paper, we first analyze the information leaks in SEm,n, and then use information theory to analyze the security of SEm,n. More specifically, we derive an upper bound on the probability for an adversary to recover the plaintext encrypted by SEm,n.