Searchable Encryption for Healthcare Clouds: A Survey

Outsourcing medical data and their search services to a third party cloud have been a popular trend for many medical practices, because using healthcare cloud services can help cut down the cost of Electronic Health Records (EHR) systems in terms of front-end ownership cost and IT maintenance burdens. Healthcare cloud applications need searchable encryption with the following two capabilities for protecting data privacy and access privacy: (1) the healthcare providers need to share the encrypted data with authorized users and enable querying over encrypted data, and (2) they also need to keep the query keywords and associated search operations private such that healthcare data hosting service providers cannot gain access to unauthorized content or trace and infer sensitive data stored in the healthcare cloud. This survey paper describes the notion of searchable encryption (SE) in the context of healthcare applications and characterize the SE use cases into four scenarios in healthcare. Then we provide a comprehensive overview of the four representative SE techniques: searchable symmetric encryption (SSE), public key encryption with keyword search (PEKS), attribute-based encryption with keyword search (ABKS), and proxy re-encryption with keyword search (PRES) according to different EHR retrieving scenarios and requirements. We categorize and compare the different SE schemes in terms of their security, efficiency, and functionality. The survey is designed to benefit both experienced researchers in the computer science (CS) field and non-specialists who are domain scientists or healthcare professionals with limited CS and information security background. Thus, we are in favor of technological overview of the state of art searchable encryption models and the underlying key techniques, instead of detailed proofs and constructions of the respective SE algorithms. We describe how the existing SE schemes relate to and differ from one another, and point out the connections between the SE techniques and the security and privacy requirements of healthcare applications and the open research problems.

[1]  Dan Boneh,et al.  Function-Private Identity-Based Encryption: Hiding the Function in Functional Encryption , 2013, CRYPTO.

[2]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: improved definitions and efficient constructions , 2006, CCS '06.

[3]  Yiwei Thomas Hou,et al.  Protecting Your Right: Verifiable Attribute-Based Keyword Search with Fine-Grained Owner-Enforced Search Authorization in the Cloud , 2016, IEEE Transactions on Parallel and Distributed Systems.

[4]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[5]  Julien Bringer,et al.  Biometric Identification over Encrypted Data Made Feasible , 2009, ICISS.

[6]  Xu An Wang,et al.  Proxy Re-encryption with Keyword Search from Anonymous Conditional Proxy Re-encryption , 2011, 2011 Seventh International Conference on Computational Intelligence and Security.

[7]  Vincenzo Iovino,et al.  Predicate Encryption with Partial Public Keys , 2010, CANS.

[8]  Fangguo Zhang,et al.  Verifiable Searchable Symmetric Encryption from Indistinguishability Obfuscation , 2015, AsiaCCS.

[9]  Ting Yu,et al.  Dynamic and Efficient Private Keyword Search over Inverted Index--Based Encrypted Data , 2016, ACM Trans. Internet Techn..

[10]  Hideki Imai,et al.  Combining Public Key Encryption with Keyword Search and Public Key Encryption , 2009, IEICE Trans. Inf. Syst..

[11]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[12]  P. Vishvapathi,et al.  Privacy-Preserving Multi-keyword Ranked Search over Encrypted Cloud Data , 2022 .

[13]  János Komlós,et al.  Storing a sparse table with O(1) worst case access time , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[14]  Jonathan Katz,et al.  Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products , 2008, Journal of Cryptology.

[15]  Peishun Wang,et al.  Keyword Field-Free Conjunctive Keyword Searches on Encrypted Data and Extension for Dynamic Groups , 2008, CANS.

[16]  Charalampos Papamanthou,et al.  Parallel and Dynamic Searchable Symmetric Encryption , 2013, Financial Cryptography.

[17]  Kaoru Kurosawa,et al.  UC-Secure Searchable Symmetric Encryption , 2012, Financial Cryptography.

[18]  Hugo Krawczyk,et al.  Highly-Scalable Searchable Symmetric Encryption with Support for Boolean Queries , 2013, IACR Cryptol. ePrint Arch..

[19]  Jiguo Li,et al.  KSF-OABE: Outsourced Attribute-Based Encryption with Keyword Search Function for Cloud Storage , 2017, IEEE Transactions on Services Computing.

[20]  Rafail Ostrovsky,et al.  On the (in)security of hash-based oblivious RAM and a new balancing scheme , 2012, SODA.

[21]  Yuan Li,et al.  A Ciphertext-Policy Attribute-Based Encryption Scheme Supporting Keyword Search Function , 2013, CSS.

[22]  Xu An Wang,et al.  Further observation on proxy re-encryption with keyword search , 2012, J. Syst. Softw..

[23]  Pieter H. Hartel,et al.  Selective Document Retrieval from Encrypted Database , 2012, ISC.

[24]  Willy Susilo,et al.  Chosen-ciphertext secure anonymous conditional proxy re-encryption with keyword search , 2012, Theor. Comput. Sci..

[25]  Michel Krämer,et al.  Dynamic searchable symmetric encryption for storing geospatial data in the cloud , 2018, International Journal of Information Security.

[26]  Wei Wang,et al.  Public-Key Encryption with Fuzzy Keyword Search: A Provably Secure Scheme under Keyword Guessing Attack , 2013, IEEE Transactions on Computers.

[27]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[28]  Kaoru Kurosawa,et al.  Multi-recipient Public-Key Encryption with Shortened Ciphertext , 2002, Public Key Cryptography.

[29]  Kouichi Sakurai,et al.  Multi-User Keyword Search Scheme for Secure Data Sharing with Fine-Grained Access Control , 2011, ICISC.

[30]  Kaoru Kurosawa,et al.  k-Resilient Identity-Based Encryption in the Standard Model , 2004, CT-RSA.

[31]  Cong Wang,et al.  Efficient verifiable fuzzy keyword search over encrypted data in cloud computing , 2013, Comput. Sci. Inf. Syst..

[32]  Rui Zhang,et al.  Hidden policy ciphertext-policy attribute-based encryption with keyword search against keyword guessing attack , 2016, Science China Information Sciences.

[33]  Brent Waters,et al.  Anonymous Hierarchical Identity-Based Encryption (Without Random Oracles) , 2006, CRYPTO.

[34]  Andreas Peter,et al.  A Survey of Provably Secure Searchable Encryption , 2014, ACM Comput. Surv..

[35]  Pieter H. Hartel,et al.  Searching Keywords with Wildcards on Encrypted Data , 2010, SCN.

[36]  Yvo Desmedt,et al.  A New Paradigm of Hybrid Encryption Scheme , 2004, CRYPTO.

[37]  Aurore Guillevic,et al.  Comparing the Pairing Efficiency over Composite-Order and Prime-Order Elliptic Curves , 2013, ACNS.

[38]  Vishal Saraswat,et al.  Public Key Encryption with Searchable Keywords Based on Jacobi Symbols , 2007, INDOCRYPT.

[39]  Dong Hoon Lee,et al.  Off-Line Keyword Guessing Attacks on Recent Keyword Search Schemes over Encrypted Data , 2006, Secure Data Management.

[40]  Craig Gentry,et al.  Practical Identity-Based Encryption Without Random Oracles , 2006, EUROCRYPT.

[41]  Guang Gong,et al.  Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers , 2012, 2012 IEEE International Conference on Communications (ICC).

[42]  Yanfeng Shi,et al.  Attribute-Based Proxy Re-Encryption with Keyword Search , 2014, PloS one.

[43]  Dalia Khader,et al.  Public Key Encryption with Keyword Search Based on K-Resilient IBE , 2006, ICCSA.

[44]  Craig Gentry,et al.  A Simple BGN-Type Cryptosystem from LWE , 2010, EUROCRYPT.

[45]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[46]  Vinod Vaikuntanathan,et al.  Fully Homomorphic Encryption from Ring-LWE and Security for Key Dependent Messages , 2011, CRYPTO.

[47]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.

[48]  Benny Pinkas,et al.  Oblivious RAM Revisited , 2010, CRYPTO.

[49]  Khaled El Emam,et al.  Practicing Differential Privacy in Health Care: A Review , 2013, Trans. Data Priv..

[50]  Yiwei Thomas Hou,et al.  Catch you if you lie to me: Efficient verifiable conjunctive keyword search over large dynamic encrypted cloud data , 2015, 2015 IEEE Conference on Computer Communications (INFOCOM).

[51]  Joonsang Baek,et al.  On the Integration of Public Key Data Encryption and Public Key Encryption with Keyword Search , 2006, ISC.

[52]  Ting Yu,et al.  PVSAE: A Public Verifiable Searchable Encryption Service Framework for Outsourced Encrypted Data , 2016, 2016 IEEE International Conference on Web Services (ICWS).

[53]  Murat Kantarcioglu,et al.  Access Pattern disclosure on Searchable Encryption: Ramification, Attack and Mitigation , 2012, NDSS.

[54]  Carl A. Gunter,et al.  Dynamic Searchable Encryption via Blind Storage , 2014, 2014 IEEE Symposium on Security and Privacy.

[55]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[56]  Kaoru Kurosawa,et al.  How to Update Documents Verifiably in Searchable Symmetric Encryption , 2013, CANS.

[57]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[58]  Elaine Shi,et al.  Delegating Capabilities in Predicate Encryption Systems , 2008, ICALP.

[59]  Eu-Jin Goh,et al.  Secure Indexes , 2003, IACR Cryptol. ePrint Arch..

[60]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[61]  Joonsang Baek,et al.  Public Key Encryption with Keyword Search Revisited , 2008, ICCSA.

[62]  Shouhuai Xu,et al.  VABKS: Verifiable attribute-based keyword search over outsourced encrypted data , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[63]  Pieter H. Hartel,et al.  Computationally Efficient Searchable Symmetric Encryption , 2010, Secure Data Management.

[64]  Elaine Shi,et al.  Practical Dynamic Searchable Encryption with Small Leakage , 2014, NDSS.

[65]  Ming Li,et al.  Verifiable Privacy-Preserving Multi-Keyword Text Search in the Cloud Supporting Similarity-Based Ranking , 2013, IEEE Transactions on Parallel and Distributed Systems.

[66]  Elaine Shi,et al.  Multi-Dimensional Range Query over Encrypted Data , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[67]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[68]  Bo Zhu,et al.  PEKSrand: Providing Predicate Privacy in Public-Key Encryption with Keyword Search , 2011, 2011 IEEE International Conference on Communications (ICC).

[69]  Pil Joong Lee,et al.  Public Key Encryption with Conjunctive Keyword Search and Its Extension to a Multi-user System , 2007, Pairing.

[70]  Ling Ren,et al.  Path ORAM , 2012, J. ACM.

[71]  Qiang Tang,et al.  Efficient verifiable fuzzy keyword search over encrypted data in cloud computing , 2013, Comput. Sci. Inf. Syst..

[72]  M. Bellare,et al.  Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions , 2008, Journal of Cryptology.

[73]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[74]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[75]  Qiang Tang,et al.  Public-Key Encryption with Registered Keyword Search , 2009, EuroPKI.

[76]  Elaine Shi,et al.  Oblivious RAM with O((logN)3) Worst-Case Cost , 2011, ASIACRYPT.

[77]  Peter Y. A. Ryan,et al.  Trapdoor Privacy in Asymmetric Searchable Encryption Schemes , 2014, AFRICACRYPT.

[78]  Elaine Shi,et al.  Predicate Privacy in Encryption Systems , 2009, IACR Cryptol. ePrint Arch..

[79]  Dong Hoon Lee,et al.  Secure Similarity Search , 2007, 2007 IEEE International Conference on Granular Computing (GRC 2007).

[80]  Dong Hoon Lee,et al.  Improved searchable public key encryption with designated tester , 2009, ASIACCS '09.

[81]  Oded Goldreich,et al.  Towards a theory of software protection and simulation by oblivious RAMs , 1987, STOC.

[82]  Yang Yang Attribute-based data retrieval with semantic keyword search for e-health cloud , 2015, Journal of Cloud Computing.

[83]  David Cash,et al.  Dynamic Proofs of Retrievability Via Oblivious RAM , 2013, Journal of Cryptology.

[84]  Cynthia Dwork,et al.  Differential Privacy: A Survey of Results , 2008, TAMC.

[85]  Julien Bringer,et al.  Error-Tolerant Searchable Encryption , 2009, 2009 IEEE International Conference on Communications.

[86]  Hugo Krawczyk,et al.  Dynamic Searchable Encryption in Very-Large Databases: Data Structures and Implementation , 2014, NDSS.

[87]  Kihyun Kim,et al.  Public Key Encryption with Conjunctive Field Keyword Search , 2004, WISA.

[88]  Rafail Ostrovsky,et al.  Public Key Encryption That Allows PIR Queries , 2007, CRYPTO.

[89]  Hisayoshi Sato,et al.  Symmetric Inner-Product Predicate Encryption Based on Three Groups , 2012, ProvSec.

[90]  Xiaohui Liang,et al.  Proxy re-encryption with keyword search , 2010, Inf. Sci..

[91]  Jianfeng Wang,et al.  Efficient Verifiable Public Key Encryption with Keyword Search Based on KP-ABE , 2014, 2014 Ninth International Conference on Broadband and Wireless Computing, Communication and Applications.

[92]  薛锐,et al.  Efficient Keyword Search for Public-Key Setting , 2015 .

[93]  Ivan Damgård,et al.  Perfectly Secure Oblivious RAM Without Random Oracles , 2011, IACR Cryptol. ePrint Arch..

[94]  Craig Gentry,et al.  Computing arbitrary functions of encrypted data , 2010, CACM.

[95]  Murat Kantarcioglu,et al.  Efficient Similarity Search over Encrypted Data , 2012, 2012 IEEE 28th International Conference on Data Engineering.

[96]  Raphael C.-W. Phan,et al.  Proxy Re-encryption with Keyword Search: New Definitions and Algorithms , 2010, FGIT-SecTech/DRBC.

[97]  Brent Waters,et al.  Secure Conjunctive Keyword Search over Encrypted Data , 2004, ACNS.

[98]  Michael Mitzenmacher,et al.  Privacy Preserving Keyword Searches on Remote Encrypted Data , 2005, ACNS.

[99]  Jan Camenisch,et al.  Blind and Anonymous Identity-Based Encryption and Authorised Private Searches on Public Key Encrypted Data , 2009, Public Key Cryptography.

[100]  Robert H. Deng,et al.  Expressive CP-ABE with partially hidden access structures , 2012, ASIACCS '12.

[101]  Elaine Shi,et al.  ObliviStore: High Performance Oblivious Cloud Storage , 2013, 2013 IEEE Symposium on Security and Privacy.

[102]  Clifford C. Cocks An Identity Based Encryption Scheme Based on Quadratic Residues , 2001, IMACC.

[103]  Mototsugu Nishioka,et al.  Perfect Keyword Privacy in PEKS Systems , 2012, ProvSec.

[104]  Melissa Chase,et al.  Structured Encryption and Controlled Disclosure , 2010, IACR Cryptol. ePrint Arch..

[105]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.