AKSER: Attribute-based keyword search with efficient revocation in cloud computing

Abstract With the advent of cloud computing, it is becoming increasingly popular for data owners to outsource their data to public cloud servers while allowing indented data users to retrieve these data stored in the cloud. For security and privacy reasons, data owners usually encrypt their data prior to outsourcing to the cloud server. At the same time, users often need to find data related to specific keywords of interest, this motivates research on the searchable encryption technique. In this paper, we focus on a different, yet more challenging, scenario where the outsourced dataset can have contribution from multiple owners and are searchable by multiple users. Based on our research of attribute-based encryption (ABE), we propose an attribute-based keyword search with efficient revocation scheme (AKSER). Our scheme is highly efficient in terms of user revocation and can achieve fine-grained authorization of the search under the distributed multiple-attribute authorized institution. Security analysis demonstrates that the proposed scheme AKSER can achieve keyword semantic security, keyword secrecy, trapdoor unlinkability, and collusion resistance.

[1]  Cheng-Chi Lee,et al.  Toward A Secure Single Sign-On Mechanism for Distributed Computer Networks , 2015, Comput. J..

[2]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[3]  Yiwei Thomas Hou,et al.  Protecting your right: Attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[4]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[5]  Dalia Khader,et al.  Attribute Based Search in Encrypted Data: ABSE , 2014, WISCS '14.

[6]  Cong Wang,et al.  Privacy-Preserving Multi-Keyword Ranked Search over Encrypted Cloud Data , 2014 .

[7]  Yao Zheng,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption , 2019, IEEE Transactions on Parallel and Distributed Systems.

[8]  Robert H. Deng,et al.  Private Query on Encrypted Data in Multi-user Settings , 2008, ISPEC.

[9]  Jung Hee Cheon,et al.  CRT-based fully homomorphic encryption over the integers , 2015, Inf. Sci..

[10]  Cong Wang,et al.  Attribute based data sharing with attribute revocation , 2010, ASIACCS '10.

[11]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[12]  Xiaodong Lin,et al.  Achieving authorized and ranked multi-keyword search over encrypted cloud data , 2015, 2015 IEEE International Conference on Communications (ICC).

[13]  Cheng-Chi Lee,et al.  A Study of Conjunctive Keyword Searchable Schemes , 2013, Int. J. Netw. Secur..

[14]  Cheng-Chi Lee,et al.  A New Public Key Encryption with Conjunctive Field Keyword Search Scheme , 2014, Inf. Technol. Control..

[15]  Jie Wu,et al.  Privacy Preserving Ranked Multi-Keyword Search for Multiple Data Owners in Cloud Computing , 2016, IEEE Transactions on Computers.

[16]  Pil Joong Lee,et al.  Public Key Encryption with Conjunctive Keyword Search and Its Extension to a Multi-user System , 2007, Pairing.

[17]  Willy Susilo,et al.  Public key encryption with keyword search secure against keyword guessing attacks without random oracle , 2013, Inf. Sci..

[18]  Ming Li,et al.  Authorized Private Keyword Search over Encrypted Data in Cloud Computing , 2011, 2011 31st International Conference on Distributed Computing Systems.

[19]  Yi Yang,et al.  Secure dynamic searchable symmetric encryption with constant document update cost , 2014, 2014 IEEE Global Communications Conference.

[20]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[21]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: Improved definitions and efficient constructions , 2011, J. Comput. Secur..

[22]  Cheng-Chi Lee,et al.  Time-bound key-aggregate encryption for cloud storage , 2016, Secur. Commun. Networks.

[23]  Daiyuan Peng,et al.  An SMDP-Based Service Model for Interdomain Resource Allocation in Mobile Cloud Networks , 2012, IEEE Transactions on Vehicular Technology.

[24]  Cheng-Chi Lee,et al.  A Searchable Hierarchical Conditional Proxy Re-encryption Scheme for Cloud Storage Services , 2016, Inf. Technol. Control..

[25]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[26]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[27]  Lucas Ballard,et al.  Achieving Efficient Conjunctive Keyword Searches over Encrypted Data , 2005, ICICS.

[28]  Eduardo Mena,et al.  QueryGen: Semantic interpretation of keyword queries over heterogeneous information systems , 2016, Inf. Sci..

[29]  Athanasios V. Vasilakos,et al.  Security in cloud computing: Opportunities and challenges , 2015, Inf. Sci..

[30]  Kristin E. Lauter,et al.  Cryptographic Cloud Storage , 2010, Financial Cryptography Workshops.

[31]  Brent Waters,et al.  Secure Conjunctive Keyword Search over Encrypted Data , 2004, ACNS.

[32]  Jonathan Katz,et al.  Faster Secure Two-Party Computation Using Garbled Circuits , 2011, USENIX Security Symposium.

[33]  Xiaolei Dong,et al.  Security and privacy for storage and computation in cloud computing , 2014, Inf. Sci..