Structured encryption

Structured encryption (STE) is a form of encryption that encrypts a data structure so that it can be privately queried. Structured encryption can be used as a building block to design end-to-end encrypted databases, efficient searchable symmetric encryption (SSE) and other algorithms that can be efficiently executed on encrypted data.

Description
A structured encryption scheme is a symmetric-key encryption scheme that encrypts a data structure in such a way that, given the key $$K$$ and a query $$q$$, one can generate a query token $$qtk$$ with which the encrypted data structure can be queried. If the STE scheme is dynamic then it also supports update operations like inserts and deletes. There are several forms of STE including response-revealing STE where the response to the query is output in plaintext and response-hiding where the response to the query is output in encrypted form. STE schemes guarantee that no information about the data or queries can be recovered from the encrypted data structure and tokens beyond a well-specified and "reasonable" leakage profile.

STE schemes with a variety of leakage profiles have been designed for a wide array of abstract data types and data structures including arrays, multi-maps, dictionaries and graphs.

STE is closely related to but different than searchable symmetric encryption. The purpose of SSE is to encrypt document collections in such a way that keyword search can still be executed on the encrypted documents whereas the purpose of STE is to encrypt data structures in such a way that queries can still be executed over the encrypted structure. Certain types of STE schemes like multi-map encryption schemes can be used to design sub-linear and optimal SSE schemes.