We consider a data owner that outsources its dataset to an untrusted server . The owner wishes to enable the server to answer range queries on a single attribute, without compromising the privacy of the data and the queries. There are several schemes on “practical” private range search (mainly in database venues) that attempt to strike a trade-off between efficiency and security. Nevertheless, these methods either lack provable security guarantees or permit unacceptable privacy leakages. In this article, we take an interdisciplinary approach, which combines the rigor of security formulations and proofs with efficient data management techniques. We construct a wide set of novel schemes with realistic security/performance trade-offs, adopting the notion of Searchable Symmetric Encryption (SSE), primarily proposed for keyword search. We reduce range search to multi-keyword search using range-covering techniques with tree-like indexes, and formalize the problem as Range Searchable Symmetric Encryption (RSSE). We demonstrate that, given any secure SSE scheme, the challenge boils down to (i) formulating leakages that arise from the index structure and (ii) minimizing false positives incurred by some schemes under heavy data skew . We also explain an important concept in the recent SSE bibliography, namely locality , and design generic and specialized ways to attribute locality to our RSSE schemes. Moreover, we are the first to devise secure schemes for answering range aggregate queries, such as range sums and range min/max. We analytically detail the superiority of our proposals over prior work and experimentally confirm their practicality.

中文翻译：

---

深入的实用私人范围搜索

我们考虑一个数据所有者将其数据集外包给不受信任的服务器. 所有者希望使服务器能够回答范围查询单个属性，而不损害数据和查询的隐私。有几种方案“实际的”试图在效率和安全性之间进行权衡的私有范围搜索（主要在数据库场所）。然而，这些方法要么缺乏可证明的安全保证，要么允许不可接受的隐私泄露。在这篇文章中，我们采取了跨学科方法，它将严格的安全公式和证明与有效的数据管理技术相结合。我们构建了一系列具有现实安全/性能权衡的新颖方案，采用了可搜索的对称加密(SSE)，主要用于关键字搜索。我们将范围搜索减少到多关键字使用搜索范围覆盖具有树状索引的技术，并将问题形式化为范围可搜索的对称加密（RSSE）。我们证明，给定任何安全的 SSE 方案，挑战归结为 (i) 制定指数产生的泄漏结构体(ii) 最小化误报一些方案在大数据下招致偏斜. 我们还在最近的 SSE 参考书目中解释了一个重要概念，即地方性，并设计通用和专门的方法来将局部性归因于我们的 RSSE 方案。此外，我们是第一个设计用于回答的安全方案范围聚合查询，例如范围总和和范围最小值/最大值。我们分析性地详细说明了我们的建议相对于先前工作的优越性，并通过实验证实了它们的实用性。