OS2: Oblivious similarity based searching for encrypted data outsourced to an untrusted domain

Public cloud storage services are becoming prevalent and myriad data sharing, archiving and collaborative services have emerged which harness the pay-as-you-go business model of public cloud. To ensure privacy and confidentiality often encrypted data is outsourced to such services, which further complicates the process of accessing relevant data by using search queries. Search over encrypted data schemes solve this problem by exploiting cryptographic primitives and secure indexing to identify outsourced data that satisfy the search criteria. Almost all of these schemes rely on exact matching between the encrypted data and search criteria. A few schemes which extend the notion of exact matching to similarity based search, lack realism as those schemes rely on trusted third parties or due to increase storage and computational complexity. In this paper we propose Oblivious Similarity based Search (OS2) for encrypted data. It enables authorized users to model their own encrypted search queries which are resilient to typographical errors. Unlike conventional methodologies, OS2 ranks the search results by using similarity measure offering a better search experience than exact matching. It utilizes encrypted bloom filter and probabilistic homomorphic encryption to enable authorized users to access relevant data without revealing results of search query evaluation process to the untrusted cloud service provider. Encrypted bloom filter based search enables OS2 to reduce search space to potentially relevant encrypted data avoiding unnecessary computation on public cloud. The efficacy of OS2 is evaluated on Google App Engine for various bloom filter lengths on different cloud configurations.

[1]  Kyle Roche,et al.  Beginning Google App Engine for Java , 2009 .

[2]  Florian Kerschbaum,et al.  Searchable Encryption with Secure and Efficient Updates , 2014, CCS.

[3]  Ki-Woong Park,et al.  THEMIS: A Mutually Verifiable Billing System for the Cloud Computing Environment , 2013, IEEE Transactions on Services Computing.

[4]  Cong Wang,et al.  Efficient verifiable fuzzy keyword search over encrypted data in cloud computing , 2013, Comput. Sci. Inf. Syst..

[5]  Piotr Indyk,et al.  Approximate nearest neighbors: towards removing the curse of dimensionality , 1998, STOC '98.

[6]  Moni Naor,et al.  Searchable symmetric encryption: optimal locality in linear space via two-dimensional balanced allocations , 2016, STOC.

[7]  Rafail Ostrovsky,et al.  Private Large-Scale Databases with Distributed Searchable Symmetric Encryption , 2016, CT-RSA.

[8]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[9]  Vipin Kumar,et al.  Trends in big data analytics , 2014, J. Parallel Distributed Comput..

[10]  Minglu Li,et al.  Achieving an effective, scalable and privacy-preserving data sharing service in cloud computing , 2014, Comput. Secur..

[11]  Jin Li,et al.  Privacy-preserving data utilization in hybrid clouds , 2014, Future Gener. Comput. Syst..

[12]  Balachandra Reddy Kandukuri,et al.  Cloud Security Issues , 2009, 2009 IEEE International Conference on Services Computing.

[13]  Murat Kantarcioglu,et al.  Efficient Similarity Search over Encrypted Data , 2012, 2012 IEEE 28th International Conference on Data Engineering.

[14]  Qiang Tang Search in Encrypted Data: Theoretical Models and Practical Applications , 2012, IACR Cryptol. ePrint Arch..

[15]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[16]  Cong Wang,et al.  Privacy-Preserving Multi-Keyword Ranked Search over Encrypted Cloud Data , 2014 .

[17]  Eu-Jin Goh,et al.  Secure Indexes , 2003, IACR Cryptol. ePrint Arch..

[18]  Michael Mitzenmacher,et al.  Privacy Preserving Keyword Searches on Remote Encrypted Data , 2005, ACNS.

[19]  Christian Esposito,et al.  A knowledge-based platform for Big Data analytics based on publish/subscribe services and stream processing , 2015, Knowl. Based Syst..

[20]  Cong Wang,et al.  Secure Ranked Keyword Search over Encrypted Cloud Data , 2010, 2010 IEEE 30th International Conference on Distributed Computing Systems.

[21]  Xiaolei Dong,et al.  Security and privacy for storage and computation in cloud computing , 2014, Inf. Sci..

[22]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[23]  Ming Li,et al.  Authorized Private Keyword Search over Encrypted Data in Cloud Computing , 2011, 2011 31st International Conference on Distributed Computing Systems.

[24]  Hugo Krawczyk,et al.  Highly-Scalable Searchable Symmetric Encryption with Support for Boolean Queries , 2013, IACR Cryptol. ePrint Arch..

[25]  Robert J. Kauffman,et al.  Understanding the paradigm shift to computational social science in the presence of big data , 2014, Decis. Support Syst..

[26]  Sungyoung Lee,et al.  Privacy-aware searching with oblivious term matching for cloud storage , 2012, The Journal of Supercomputing.

[27]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: improved definitions and efficient constructions , 2006, CCS '06.

[28]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[29]  Siani Pearson,et al.  Privacy, Security and Trust Issues Arising from Cloud Computing , 2010, 2010 IEEE Second International Conference on Cloud Computing Technology and Science.

[30]  J. Manyika Big data: The next frontier for innovation, competition, and productivity , 2011 .

[31]  Sheng Zhong,et al.  Privacy-Preserving Queries on Encrypted Data , 2006, ESORICS.

[32]  Fangguo Zhang,et al.  Verifiable Searchable Symmetric Encryption from Indistinguishability Obfuscation , 2015, AsiaCCS.

[33]  Mudhakar Srivatsa,et al.  Search-as-a-service: Outsourced search over outsourced storage , 2009, TWEB.

[34]  Ming Li,et al.  Verifiable Privacy-Preserving Multi-Keyword Text Search in the Cloud Supporting Similarity-Based Ranking , 2014, IEEE Trans. Parallel Distributed Syst..

[35]  S. Rajsbaum Foundations of Cryptography , 2014 .

[36]  Kyle Roche,et al.  Beginning Java Google App Engine , 2009 .

[37]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[38]  Kristin E. Lauter,et al.  Cryptographic Cloud Storage , 2010, Financial Cryptography Workshops.

[39]  Sherif Sakr,et al.  SLA-Based and Consumer-centric Dynamic Provisioning for Cloud Databases , 2012, 2012 IEEE Fifth International Conference on Cloud Computing.

[40]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[41]  Nathan Chenette,et al.  Efficient Fuzzy Search on Encrypted Data , 2014, FSE.