PAORE: public-key authenticated order-revealing encryption
摘要
Recent years have witnessed growing research efforts toward performing secure operations such as range queries, sorting, filtering, and searching on encrypted data while preserving confidentiality. A key advancement in this domain came with the introduction of Order-Revealing Encryption (ORE) by Boneh et al. at Eurocrypt 2015. This cryptographic innovation enables direct comparison of encrypted data to determine their relative order while keeping the actual data contents concealed. Its unique functionality proves especially powerful for executing range queries—allowing systems to identify encrypted records falling within specific ranges without ever decrypting the underlying data. Beyond range queries, the scheme supports critical operations like secure sorting and filtering of ciphertexts, maintaining data confidentiality throughout these processes. The introduction of ORE has driven extensive research, with multiple studies focused on optimizing its performance and security. However, all existing ORE constructions to date have been limited to symmetric key settings. Implementing ORE in asymmetric key settings continues to be difficult, as adversaries with unrestricted access to the encryption algorithm can exploit encryption and order-revealing functions to decrypt ciphertexts via binary search, even without the secret key. In this paper, we address this gap by proposing an ORE scheme within asymmetric key settings, which we term as Public-Key Authenticated Order-Revealing Encryption (PAORE). We introduce and formalize the concept of PAORE and realize it through a lattice-based construction in the standard model that ensures quantum safety. This research paves the way for future studies on ORE in asymmetric key settings.