Secure access of multiple keywords over encrypted data in cloud environment using ECC-PKI and ECC ElGamal

Data owners find it more comfortable and cost-effective to outsource the data set over the cloud server. Which in fact provides the more dynamic set of quality services with pay per use cost. And also reduces computing complexity at data owner and user side. While using this privilege we assume the nature of cloud server as honest but curious. Outsourced sensitive data over third-party server increases grave privacy anxieties, which leads to the common solution like, encryption of dataset with confidentiality of searchable indexes. Operating over encrypted data along with maintenance of query privacy has some serious concerns. The modern data user concerns are wide, ranging from privacy, search efficiency to least computational and memory load. In this paper, ECC based PKI is used for key management between multiple data owners and authorize users. Elliptic Curve ElGamal (ECEG) is first time used over searchable indexes, which allows efficient ranking of documents due to its additive homomorphic nature. Apart from security, Elliptic Curve Cryptography (ECC) is also known for its suitability for better PKI compatibility and support for easiness while encryption and decryption. Additional concerns of the least computational load at user side are taken care by keeping most of the operations at cloud server side. The analysis shows the proposed ECC based scheme supports multi-keyword search, the correctness of the scheme and flexibility towards data set modification. In future, this approach can be beneficiary to the user for maintenance of privacy and security of data on the cloud environment.

[1]  Ming Li,et al.  Verifiable Privacy-Preserving Multi-Keyword Text Search in the Cloud Supporting Similarity-Based Ranking , 2013, IEEE Transactions on Parallel and Distributed Systems.

[2]  Gerard Salton,et al.  A vector space model for automatic indexing , 1975, CACM.

[3]  Kazumaro Aoki,et al.  SEC X.2: Recommended Elliptic Curve Domain Parameters , 2008 .

[4]  Helmut Knebl,et al.  Introduction to Cryptography , 2002, Information Security and Cryptography.

[5]  Robert H. Deng,et al.  Private Query on Encrypted Data in Multi-user Settings , 2008, ISPEC.

[6]  Victor S. Miller,et al.  Use of Elliptic Curves in Cryptography , 1985, CRYPTO.

[7]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[8]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[9]  Nathan Chenette,et al.  Order-Preserving Symmetric Encryption , 2009, IACR Cryptol. ePrint Arch..

[10]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[11]  Yiwei Thomas Hou,et al.  Privacy-preserving multi-keyword fuzzy search over encrypted data in the cloud , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[12]  Brent Waters,et al.  Building an Encrypted and Searchable Audit Log , 2004, NDSS.

[13]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: Improved definitions and efficient constructions , 2011, J. Comput. Secur..

[14]  Shinsaku Kiyomoto,et al.  Towards Secure Cloud Computing Architecture - A Solution Based on Software Protection Mechanism , 2011, J. Internet Serv. Inf. Secur..

[15]  Chris Fox Attacking the Elliptic Curve Discrete Logarithm Problem , 2010 .

[16]  Ian H. Witten,et al.  Managing Gigabytes: Compressing and Indexing Documents and Images , 1999 .

[17]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[18]  Vladimir A. Oleshchuk,et al.  Analysis of key management protocols for social networks , 2015, Social Network Analysis and Mining.

[19]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[20]  Michael Mitzenmacher,et al.  Privacy Preserving Keyword Searches on Remote Encrypted Data , 2005, ACNS.

[21]  Daniel Grosu,et al.  A secure and anonymous voter-controlled election scheme , 2009, J. Netw. Comput. Appl..

[22]  Yi Yang,et al.  Enabling Fine-Grained Multi-Keyword Search Supporting Classified Sub-Dictionaries over Encrypted Cloud Data , 2016, IEEE Transactions on Dependable and Secure Computing.

[23]  Jianliang Xu,et al.  Processing private queries over untrusted data cloud through privacy homomorphism , 2011, 2011 IEEE 27th International Conference on Data Engineering.

[24]  H. W. Lenstra,et al.  Factoring integers with elliptic curves , 1987 .

[25]  Cong Wang,et al.  Achieving usable and privacy-assured similarity search over outsourced cloud data , 2012, 2012 Proceedings IEEE INFOCOM.

[26]  Minglu Li,et al.  Toward Secure Multikeyword Top-k Retrieval over Encrypted Cloud Data , 2013, IEEE Transactions on Dependable and Secure Computing.

[27]  Cong Wang,et al.  Privacy-Preserving Multi-Keyword Ranked Search over Encrypted Cloud Data , 2014 .

[28]  Eu-Jin Goh,et al.  Secure Indexes , 2003, IACR Cryptol. ePrint Arch..

[29]  Guan-Ming Su,et al.  Confidentiality-preserving rank-ordered search , 2007, StorageSS '07.

[30]  Kakali Chatterjee,et al.  Cloud security issues and challenges: A survey , 2017, J. Netw. Comput. Appl..

[31]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[32]  Wolfgang Nejdl,et al.  Zerber+R: top-k retrieval from a confidential index , 2009, EDBT '09.

[33]  Mihir Bellare,et al.  Deterministic and Efficiently Searchable Encryption , 2007, CRYPTO.

[34]  Syed Adeel Ali Shah,et al.  A Study on the Critical Analysis of Computational Offloading Frameworks for Mobile Cloud Computing , 2015, J. Netw. Comput. Appl..