Format and Order Revealing Encryption

Bibliographic Details
Main Author: Paiva, Rui David Teixeira
Publication Date: 2018
Format: Master thesis
Language: eng
Source: Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
Download full: http://hdl.handle.net/10400.6/9838
Summary: As more and more cloud services emerge so does the need for new methods for securing the data these services consume, especially since data leaks have become the norm rather than the exception. Since most cloud services require some kind of access to our private data in order to perform searches and provide services, new ways of securing our data in the cloud is needed. This dissertation examines the current state of the cryptographic world in order to try to and understand and resume what solutions currently exist for this particular type of problem. This work is motivated by a particular problem of data delegation to a cloud infrastructure. This problem involves the protection of sensitive data whilst it’s analysed by a third party. While there is no simple approach to solve this particular problem, this dissertation discusses three main approaches to tackle this problem. One approach attempts to define a new cryptographic scheme with a leakage profile that would allow a third party to only have access to some information of the plaintext but, at the same time, keep the plaintext safe from attackers. Another approach attempts to use already existing cryptographic schemes, such as, Format Preserving Encryption and Order Revealing Encryption to solve this particular problem. A final approach tries to solve this problem by utilising cryptographic tools, such as hash-functions and hash-based message authentication codes. An extended study was also conducted in many cryptographic schemes, both current and old cryptographic schemes. This study allowed for a better view of the cryptographic world and how these schemes could help us achieve a solution. For this dissertation, a prototype was also implemented of some recent cryptographic schemes. These prototype implementations allowed for a deeper understanding of how these schemes work and also allowed us to conduct some experiments while trying to combine two cryptographic schemes. The results of this dissertation show that that trying to solve a problem via creating a new cryptographic scheme is not an easy feat especially when one wants to define correctly the strict security requirements and also the work needed to understand the mathematical workings of similar schemes. Lastly we conclude that solving the problem with the help of already existing tools may be the easiest solution, but, it may also only work for a specific scenario and hence is of no use in other similar situations. A solution to the particular problem studied in this thesis is also presented at the end of this dissertation, although, it only applies to this specific problem and does not solve the more general problem of privacy of data delegation to the cloud.
id RCAP_96e1f904acbc2e2f271ef5adb67463f4
oai_identifier_str oai:ubibliorum.ubi.pt:10400.6/9838
network_acronym_str RCAP
network_name_str Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
repository_id_str https://opendoar.ac.uk/repository/7160
spelling Format and Order Revealing EncryptionAutenticaçãoCriptografiaFormat Preserving EncryptionNuvemOrder Revealing EncryptionPesquisa Sobre Dados CifradosPrivacidadeAs more and more cloud services emerge so does the need for new methods for securing the data these services consume, especially since data leaks have become the norm rather than the exception. Since most cloud services require some kind of access to our private data in order to perform searches and provide services, new ways of securing our data in the cloud is needed. This dissertation examines the current state of the cryptographic world in order to try to and understand and resume what solutions currently exist for this particular type of problem. This work is motivated by a particular problem of data delegation to a cloud infrastructure. This problem involves the protection of sensitive data whilst it’s analysed by a third party. While there is no simple approach to solve this particular problem, this dissertation discusses three main approaches to tackle this problem. One approach attempts to define a new cryptographic scheme with a leakage profile that would allow a third party to only have access to some information of the plaintext but, at the same time, keep the plaintext safe from attackers. Another approach attempts to use already existing cryptographic schemes, such as, Format Preserving Encryption and Order Revealing Encryption to solve this particular problem. A final approach tries to solve this problem by utilising cryptographic tools, such as hash-functions and hash-based message authentication codes. An extended study was also conducted in many cryptographic schemes, both current and old cryptographic schemes. This study allowed for a better view of the cryptographic world and how these schemes could help us achieve a solution. For this dissertation, a prototype was also implemented of some recent cryptographic schemes. These prototype implementations allowed for a deeper understanding of how these schemes work and also allowed us to conduct some experiments while trying to combine two cryptographic schemes. The results of this dissertation show that that trying to solve a problem via creating a new cryptographic scheme is not an easy feat especially when one wants to define correctly the strict security requirements and also the work needed to understand the mathematical workings of similar schemes. Lastly we conclude that solving the problem with the help of already existing tools may be the easiest solution, but, it may also only work for a specific scenario and hence is of no use in other similar situations. A solution to the particular problem studied in this thesis is also presented at the end of this dissertation, although, it only applies to this specific problem and does not solve the more general problem of privacy of data delegation to the cloud.Com a explosão de serviços baseados na nuvem que ocorre nos dias de hoje, torna-se imperativo que os dados que são consumidos por este tipo de serviços sejam de alguma forma protegidos contra ataques ou roubos[Cen18]. O principal problema com este tipo de serviços é que, normalmente, estes serviços precisam de acesso aos dados para conseguirem fazer pesquisas e correlacionar dados de forma a que seja possível fornecer diversos serviços. Esta dissertação tem como objetivo estudar o mundo da criptografia de forma a perceber que tipo de garantias são oferecidas pelos esquemas criptográficos existentes nos dias de hoje para serviços baseados na nuvem. Este trabalho é motivado por um problema real de delegação de dados para a nuvem. Este problema envolve a proteção de dados sensíveis que precisam de ser analisados por entidades externas. Embora não haja uma abordagem simples para resolver este tipo de problemas, nesta dissertação iremos discutir três abordagens que, potencialmente, poderão resolver este problema. Uma abordagem tenta definir o que poderia ser a estrutura geral de um novo esquema criptográfico que pudesse lidar com o problema específico em análise. Numa outra abordagem iremos utilizar ferramentas existentes para tentar resolver o problema em questão. Iremos também tentar unir dois esquemas criptográficos existentes, de forma a tentar combater este problema em específico. Foi também realizado um estudo a vários esquemas criptográficos de forma a perceber quais as soluções que existem hoje em dia para problemas relacionados com a delegação de dados para entidades externas, como também, tentar perceber que esquemas criptográficos que ainda são resultados meramente teóricos mas que possam vir, no futuro, a ser úteis para combater esta problemática. Os resultados desta dissertação mostram que resolver um problema relacionado com criptografia nem sempre é fácil, uma vez que, a má utilização destes esquemas poderá levar a uma falha grave de segurança. Por fim, concluímos que, resolver um problema desta natureza através de ferramentas existentes é bastante mais fácil do que tentar desenvolver esquemas criptográficos novos, mas que irá perder o poder de poder ser aplicado a outros problemas semelhantes.Crocker, Paul AndrewSousa, Simão Patricio Melo deuBibliorumPaiva, Rui David Teixeira2020-03-06T17:07:50Z2018-06-142018-04-232018-06-14T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisapplication/pdfhttp://hdl.handle.net/10400.6/9838urn:tid:202355950enginfo:eu-repo/semantics/openAccessreponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiainstacron:RCAAP2025-03-11T15:41:43Zoai:ubibliorum.ubi.pt:10400.6/9838Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireinfo@rcaap.ptopendoar:https://opendoar.ac.uk/repository/71602025-05-29T01:28:24.039125Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiafalse
dc.title.none.fl_str_mv Format and Order Revealing Encryption
title Format and Order Revealing Encryption
spellingShingle Format and Order Revealing Encryption
Paiva, Rui David Teixeira
Autenticação
Criptografia
Format Preserving Encryption
Nuvem
Order Revealing Encryption
Pesquisa Sobre Dados Cifrados
Privacidade
title_short Format and Order Revealing Encryption
title_full Format and Order Revealing Encryption
title_fullStr Format and Order Revealing Encryption
title_full_unstemmed Format and Order Revealing Encryption
title_sort Format and Order Revealing Encryption
author Paiva, Rui David Teixeira
author_facet Paiva, Rui David Teixeira
author_role author
dc.contributor.none.fl_str_mv Crocker, Paul Andrew
Sousa, Simão Patricio Melo de
uBibliorum
dc.contributor.author.fl_str_mv Paiva, Rui David Teixeira
dc.subject.por.fl_str_mv Autenticação
Criptografia
Format Preserving Encryption
Nuvem
Order Revealing Encryption
Pesquisa Sobre Dados Cifrados
Privacidade
topic Autenticação
Criptografia
Format Preserving Encryption
Nuvem
Order Revealing Encryption
Pesquisa Sobre Dados Cifrados
Privacidade
description As more and more cloud services emerge so does the need for new methods for securing the data these services consume, especially since data leaks have become the norm rather than the exception. Since most cloud services require some kind of access to our private data in order to perform searches and provide services, new ways of securing our data in the cloud is needed. This dissertation examines the current state of the cryptographic world in order to try to and understand and resume what solutions currently exist for this particular type of problem. This work is motivated by a particular problem of data delegation to a cloud infrastructure. This problem involves the protection of sensitive data whilst it’s analysed by a third party. While there is no simple approach to solve this particular problem, this dissertation discusses three main approaches to tackle this problem. One approach attempts to define a new cryptographic scheme with a leakage profile that would allow a third party to only have access to some information of the plaintext but, at the same time, keep the plaintext safe from attackers. Another approach attempts to use already existing cryptographic schemes, such as, Format Preserving Encryption and Order Revealing Encryption to solve this particular problem. A final approach tries to solve this problem by utilising cryptographic tools, such as hash-functions and hash-based message authentication codes. An extended study was also conducted in many cryptographic schemes, both current and old cryptographic schemes. This study allowed for a better view of the cryptographic world and how these schemes could help us achieve a solution. For this dissertation, a prototype was also implemented of some recent cryptographic schemes. These prototype implementations allowed for a deeper understanding of how these schemes work and also allowed us to conduct some experiments while trying to combine two cryptographic schemes. The results of this dissertation show that that trying to solve a problem via creating a new cryptographic scheme is not an easy feat especially when one wants to define correctly the strict security requirements and also the work needed to understand the mathematical workings of similar schemes. Lastly we conclude that solving the problem with the help of already existing tools may be the easiest solution, but, it may also only work for a specific scenario and hence is of no use in other similar situations. A solution to the particular problem studied in this thesis is also presented at the end of this dissertation, although, it only applies to this specific problem and does not solve the more general problem of privacy of data delegation to the cloud.
publishDate 2018
dc.date.none.fl_str_mv 2018-06-14
2018-04-23
2018-06-14T00:00:00Z
2020-03-06T17:07:50Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/masterThesis
format masterThesis
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/10400.6/9838
urn:tid:202355950
url http://hdl.handle.net/10400.6/9838
identifier_str_mv urn:tid:202355950
dc.language.iso.fl_str_mv eng
language eng
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.source.none.fl_str_mv reponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
instacron:RCAAP
instname_str FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
instacron_str RCAAP
institution RCAAP
reponame_str Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
collection Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
repository.name.fl_str_mv Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
repository.mail.fl_str_mv info@rcaap.pt
_version_ 1833600996576591872

Similar Items