The paper introduces order-preserving symmetric encryption (OPE), a cryptographic primitive designed for efficient range queries on encrypted data. The authors first show that a straightforward relaxation of standard security notions for encryption, such as IND-CPA, is unachievable by practical OPE schemes. Instead, they propose a new security notion inspired by pseudorandom functions (PRFs) and related primitives, requiring that an OPE scheme appears "as-random-as-possible" while preserving the order of plaintexts. They design an efficient OPE scheme and prove its security under their proposed notion based on the pseudorandomness of an underlying block cipher. The construction leverages a natural relation between a random order-preserving function and the hypergeometric probability distribution, using an efficient sampling algorithm for the latter. The paper also discusses the limitations of the IND-OCPA notion and introduces the POPF-CCA notion, which is more suitable for OPE. The authors provide a detailed construction of an OPE scheme and analyze its security, showing that it achieves POPF-CCA security if the underlying block cipher is pseudorandom. The scheme is efficient and can be used as a tool to design more secure OPE schemes in future work.The paper introduces order-preserving symmetric encryption (OPE), a cryptographic primitive designed for efficient range queries on encrypted data. The authors first show that a straightforward relaxation of standard security notions for encryption, such as IND-CPA, is unachievable by practical OPE schemes. Instead, they propose a new security notion inspired by pseudorandom functions (PRFs) and related primitives, requiring that an OPE scheme appears "as-random-as-possible" while preserving the order of plaintexts. They design an efficient OPE scheme and prove its security under their proposed notion based on the pseudorandomness of an underlying block cipher. The construction leverages a natural relation between a random order-preserving function and the hypergeometric probability distribution, using an efficient sampling algorithm for the latter. The paper also discusses the limitations of the IND-OCPA notion and introduces the POPF-CCA notion, which is more suitable for OPE. The authors provide a detailed construction of an OPE scheme and analyze its security, showing that it achieves POPF-CCA security if the underlying block cipher is pseudorandom. The scheme is efficient and can be used as a tool to design more secure OPE schemes in future work.