FREQUENCY-HIDING ORDER-PRESERVING ENCRYPTION

摘要

Methods, systems, and computer-readable storage media for encrypting data to provide encrypted data for storage in a database. Implementations include actions of receiving, at client-side computing device, an input set including a plaintext value that is to be encrypted to provide an encrypted value, determining whether the plaintext value is stored in a search tree that is stored by the client-side computing device, if the plaintext value is not stored in the search tree, the encrypted value is provided using deterministic encryption of the plaintext value, and if the plaintext value is stored in the search tree, the encrypted value is provided using randomized encryption of the plaintext value, updating the search tree to include a node including the plaintext value and the encrypted value, and transmitting the encrypted value to a server-side computing device for storage of the encrypted value in the database.

主权项

1. A computer-implemented method for encrypting data to provide encrypted data for storage in a database, the method being executed using one or more processors and comprising:
receiving, by at least one processor of a client-side computing device, an input set comprising a plaintext value that is to be encrypted to provide an encrypted value; determining whether the plaintext value is stored in a search tree that is stored by the client-side computing device, if the plaintext value is not stored in the search tree, the encrypted value is provided using deterministic encryption of the plaintext value, and if the plaintext value is stored in the search tree, the encrypted value is provided using randomized encryption of the plaintext value; updating the search tree to include a node comprising the plaintext value and the encrypted value; and transmitting, by the client-side computing device, the encrypted value to a server-side computing device for storage of the encrypted value in the database.