VKSE-MO: verifiable keyword search over encrypted data in multi-owner settings

Searchable encryption (SE) techniques allow cloud clients to easily store data and search encrypted data in a privacy-preserving manner, where most of SE schemes treat the cloud server as honest-but-curious. However, in practice, the cloud server is a semi-honest-but-curious third-party, which only executes a fraction of search operations and returns a fraction of false search results to save its computational and bandwidth resources. Thus, it is important to provide a results verification method to guarantee the correctness of the search results. Existing SE schemes allow multiple data owners to upload different records to the cloud server, but these schemes have very high computational and storage overheads when applied in a different but more practical setting where each record is co-owned by multiple data owners. To address this problem, we develop a verifiable keyword search over encrypted data in multi-owner settings (VKSE-MO) scheme by exploiting the multisignatures technique. Thus, our scheme only requires a single index for each record and data users are assured of the correctness of the search results in challenging settings. Our formal security analysis proved that the VKSE-MO scheme is secure against a chosen-keyword attack under a random oracle model. In addition, our empirical study using a real-world dataset demonstrated the efficiency and feasibility of the proposed scheme in practice.摘要创新点可搜索加密是一种具有隐私保护的技术, 它允许云租户执行密文数据的存储和检索, 且在大部分的可搜索加密方案中, 云服务器被假定为是诚实但好奇的。但是, 在实际应用场景中, 云服务器是一个半诚实但好奇的第三方实体, 其可能为了节省计算和带宽资源而恶意地执行一部分搜索操作并返回一部分不正确的搜索结果。因此, 提供一种方法来确保搜索结果的正确性显得极其重要。已有的可搜索加密方案允许多个数据拥有者分别上传不同的文档到云服务器, 但是这些方案被应用到一个不同的实际应用场景中将会带来巨大的通信和存储开销, 即一个文档被多个数据拥有者共享。为此, 我们利用多重签名技术提出了支持挑战型的多数据拥有者场景的可验证密文检索方案, 所提方案仅需为同一个文档构建一个索引值, 同时能确保搜索结果的正确性。严格的安全分析表明文中方案在随机预言模型中是抵抗关键字选择攻击的。此外, 基于实际数据集的实验结果表明文中方案在实际应用场景中是高效的、可行的。

[1]  Xingming Sun,et al.  Enabling Personalized Search over Encrypted Outsourced Data with Efficiency Improvement , 2016, IEEE Transactions on Parallel and Distributed Systems.

[2]  Guang Gong,et al.  Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers , 2012, 2012 IEEE International Conference on Communications (ICC).

[3]  Xingming Sun,et al.  Toward Efficient Multi-Keyword Fuzzy Search Over Encrypted Outsourced Data With Accuracy Improvement , 2016, IEEE Transactions on Information Forensics and Security.

[4]  Yiwei Thomas Hou,et al.  Catch you if you lie to me: Efficient verifiable conjunctive keyword search over large dynamic encrypted cloud data , 2015, 2015 IEEE Conference on Computer Communications (INFOCOM).

[5]  Nuttapong Attrapadung,et al.  Expressive Key-Policy Attribute-Based Encryption with Constant-Size Ciphertexts , 2011, Public Key Cryptography.

[6]  Jie Wu,et al.  Privacy Preserving Ranked Multi-Keyword Search for Multiple Data Owners in Cloud Computing , 2016, IEEE Transactions on Computers.

[7]  Jianfeng Ma,et al.  Revocable and anonymous searchable encryption in multi‐user setting , 2016, Concurr. Comput. Pract. Exp..

[8]  Hui Li,et al.  Secure hybrid-indexed search for high efficiency over keyword searchable ciphertexts , 2016, Future Gener. Comput. Syst..

[9]  Qian Wang,et al.  A Secure and Dynamic Multi-Keyword Ranked Search Scheme over Encrypted Cloud Data , 2016, IEEE Transactions on Parallel and Distributed Systems.

[10]  Shingo Okamura,et al.  Efficient Multi-authorizer Accredited Symmetrically Private Information Retrieval , 2008, ICICS.

[11]  Jin Wang,et al.  Mutual Verifiable Provable Data Auditing in Public Cloud Storage , 2015 .

[12]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[13]  Hongwei Li,et al.  Engineering searchable encryption of mobile cloud networks: when QoE meets QoP , 2015, IEEE Wireless Communications.

[14]  Rafail Ostrovsky,et al.  Sequential Aggregate Signatures, Multisignatures, and Verifiably Encrypted Signatures Without Random Oracles , 2013, Journal of Cryptology.

[15]  Xingming Sun,et al.  Smart cloud search services: verifiable keyword-based semantic search over encrypted cloud data , 2014, IEEE Transactions on Consumer Electronics.

[16]  Fuchun Guo,et al.  Dual-Server Public-Key Encryption With Keyword Search for Secure Cloud Storage , 2016, IEEE Transactions on Information Forensics and Security.

[17]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[18]  Zoe L. Jiang,et al.  Verifiable Searchable Encryption with Aggregate Keys for Data Sharing in Outsourcing Storage , 2016, ACISP.

[19]  Zhihua Xia,et al.  A Privacy-Preserving and Copy-Deterrence Content-Based Image Retrieval Scheme in Cloud Computing , 2016, IEEE Transactions on Information Forensics and Security.

[20]  Shouhuai Xu,et al.  VABKS: Verifiable attribute-based keyword search over outsourced encrypted data , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[21]  Zhihua Xia,et al.  A Secure and Dynamic Multi-Keyword Ranked Search Scheme over Encrypted Cloud Data , 2016, IEEE Transactions on Parallel and Distributed Systems.

[22]  Maode Ma,et al.  Conjunctive Keyword Search With Designated Tester and Timing Enabled Proxy Re-Encryption Function for E-Health Clouds , 2016, IEEE Transactions on Information Forensics and Security.

[23]  Jianfeng Ma,et al.  Secure, efficient and revocable multi-authority access control system in cloud storage , 2016, Comput. Secur..

[24]  Mi Wen,et al.  Secure and Verifiable Multi-owner Ranked-Keyword Search in Cloud Computing , 2015, WASA.

[25]  Yuan-Shun Dai,et al.  Personalized Search Over Encrypted Data With Efficient and Secure Updates in Mobile Clouds , 2018, IEEE Transactions on Emerging Topics in Computing.

[26]  Yiwei Thomas Hou,et al.  Protecting Your Right: Verifiable Attribute-Based Keyword Search with Fine-Grained Owner-Enforced Search Authorization in the Cloud , 2016, IEEE Transactions on Parallel and Distributed Systems.

[27]  Xingming Sun,et al.  Achieving Efficient Cloud Search Services: Multi-Keyword Ranked Search over Encrypted Cloud Data Supporting Parallel Computing , 2015, IEICE Trans. Commun..

[28]  Fenghua Li,et al.  Efficient public verification on the integrity of multi-owner data in the cloud , 2014, Journal of Communications and Networks.

[29]  Fangguo Zhang,et al.  Verifiable Searchable Symmetric Encryption from Indistinguishability Obfuscation , 2015, AsiaCCS.

[30]  Xuemin Shen,et al.  Enabling Efficient Multi-Keyword Ranked Search Over Encrypted Mobile Cloud Data Through Blind Storage , 2015, IEEE Transactions on Emerging Topics in Computing.

[31]  Sai Ji,et al.  Towards efficient content-aware search over encrypted outsourced data in cloud , 2016, IEEE INFOCOM 2016 - The 35th Annual IEEE International Conference on Computer Communications.

[32]  Yi Yang,et al.  Enabling Fine-Grained Multi-Keyword Search Supporting Classified Sub-Dictionaries over Encrypted Cloud Data , 2016, IEEE Transactions on Dependable and Secure Computing.