New order preserving encryption model for outsourced databases in cloud environments

In this paper, we aim at constructing efficient and programmable OPE scheme for outsourced databases. Firstly, we introduce the system model of outsourced database where OPE scheme will be used, show that ciphertext-only attack is basic and practical security goal. Secondly, we discuss the statistical attack for OPE schemes, point out how to hide data distribution and data frequency is important when designing OPE schemes. Thirdly, we propose a new simple OPE model, which uses message space expansion and nonlinear space split to hide data distribution and frequency and further analyze its security against two kinds of attack in details. Finally, we discuss implementation details including how to use our OPE scheme in the database applications. And we also evaluate its performance through the experiment. The security analysis and performance evaluation show that our OPE scheme is secure enough and more efficient.