Privacy-Preserving SQL Queries Using Order Preserving Encryption

We live in a 20th-century world of data, where data processing and storage are often done with little trust and little privacy. Increasingly, too, we are moving our data storage and processing into the cloud, and this is often done by external parties. So, how could we integrate a privacy-aware method into database queries that are conducted by a third-party database provider? Well, Order Preserving Encryption (OPE) is one way to do this [1]:

With this, we can encrypt values using a symmetric key, and able be to preserve the order of the values. We can now implement a simple use case.

Alice goes private

Let’s say that Alice uses Bob as an SQL database provider, and wants to search for students who have a range of marks. If the marks of her students are:

She could then use OPE, to encrypt the grade for each student: