PVSAE: A Public Verifiable Searchable Encryption Service Framework for Outsourced Encrypted Data

Outsource encrypted data is a popular trend for storing sensitive data in third party clouds. Many cloud applications need privacy preserving data encryption services with two capabilities: On one hand, they need querying over encrypted data in Web based data hosting services. On the other hand, they also need to keep the query keywords and associated search operations private such that data hosting service providers cannot gain access to unauthorized content or trace and infer sensitive data stored in the third party data hosting servers. In this paper we present a novel service oriented framework for verifiable searchable asymmetric encryption, called PVSAE. PVSAE offers strong support for outsourced encrypted data with two formal security properties in terms of IND-CKA security and search pattern privacy. Our framework supports two concrete PVSAE schemes. The first scheme l-PVSAE is based on the l-dimensional vectors and achieves strong security notions, namely statistical IND-CKA security and statistical search pattern privacy. The second scheme 3-PVSAE is a light-weight version based on 3-dimensional vectors. 3-PVSAE maintains the strong security properties and offers higher efficiency for search over encrypted data compared with existing verifiable searchable asymmetric encryption schemes. We experimentally evaluate the proposed PVSAE schemes and show that they not only offer strong security but also are practical and deployable.

[1]  Aurore Guillevic,et al.  Comparing the Pairing Efficiency over Composite-Order and Prime-Order Elliptic Curves , 2013, ACNS.

[2]  Mototsugu Nishioka,et al.  Perfect Keyword Privacy in PEKS Systems , 2012, ProvSec.

[3]  Shouhuai Xu,et al.  VABKS: Verifiable attribute-based keyword search over outsourced encrypted data , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[4]  Geong Sen Poh,et al.  Verifiable Structured Encryption , 2012, Inscrypt.

[5]  Dan Boneh,et al.  Function-Private Identity-Based Encryption: Hiding the Function in Functional Encryption , 2013, CRYPTO.

[6]  Peter Y. A. Ryan,et al.  Trapdoor Privacy in Asymmetric Searchable Encryption Schemes , 2014, AFRICACRYPT.

[7]  Elaine Shi,et al.  Predicate Privacy in Encryption Systems , 2009, IACR Cryptol. ePrint Arch..

[8]  Jianfeng Wang,et al.  Efficient Verifiable Public Key Encryption with Keyword Search Based on KP-ABE , 2014, 2014 Ninth International Conference on Broadband and Wireless Computing, Communication and Applications.

[9]  Kaoru Kurosawa,et al.  UC-Secure Searchable Symmetric Encryption , 2012, Financial Cryptography.

[10]  Vincenzo Iovino,et al.  Predicate Encryption with Partial Public Keys , 2010, CANS.

[11]  Vinod Vaikuntanathan,et al.  How to Delegate and Verify in Public: Verifiable Computation from Attribute-based Encryption , 2012, IACR Cryptol. ePrint Arch..

[12]  Qiang Tang,et al.  Efficient verifiable fuzzy keyword search over encrypted data in cloud computing , 2013, Comput. Sci. Inf. Syst..

[13]  Jan Camenisch,et al.  Blind and Anonymous Identity-Based Encryption and Authorised Private Searches on Public Key Encrypted Data , 2009, Public Key Cryptography.

[14]  Kaoru Kurosawa,et al.  How to Update Documents Verifiably in Searchable Symmetric Encryption , 2013, CANS.

[15]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[16]  Fangguo Zhang,et al.  Verifiable Searchable Symmetric Encryption from Indistinguishability Obfuscation , 2015, AsiaCCS.

[17]  Mihir Bellare,et al.  Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions , 2005, Journal of Cryptology.

[18]  Victor Shoup,et al.  OAEP Reconsidered , 2001, CRYPTO.

[19]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[20]  Refik Molva,et al.  Publicly verifiable conjunctive keyword search in outsourced databases , 2015, 2015 IEEE Conference on Communications and Network Security (CNS).

[21]  Guang Gong,et al.  Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers , 2012, 2012 IEEE International Conference on Communications (ICC).