Hardening Distributed and Encrypted Keyword Search via Blockchain

Distributed storage platforms draw much attention due to their high reliability and scalability for handling a massive amount of data. To protect user and data privacy, encryption is considered as a necessary feature for production systems like Storj. But it prohibits the nodes from performing content search. To preserve the functionality, we observe that a protocol of integration with searchable encryption and keyword search via distributed hash table allows the nodes in a network to search over encrypted and distributed data. However, this protocol does not address a practical threat in a fully distributed scenario. Malicious nodes would sabotage search results, and easily infiltrate the system as the network grows. Using primitives such as MAC and verifiable data structure may empower the users to verify the search result, but the robustness of the overall system can hardly be ensured. In this paper, we address this issue by proposing a protocol that is seamlessly incorporated to encrypted search in distributed network to attest and monitor nodes. From the moment a node joins the system, it will be attested and continuously monitored through verifiable search queries. The result of each attestation is determined via a standard quorum-based voting protocol, and then recorded on the blockchain as a consensus view of trusted nodes. Based on the proposed protocols, malicious nodes can be detected and removed by a majority of nodes in a self-determining manner. To demonstrate the security and efficiency, we conduct robustness analysis against several potential attacks, and perform performance and overhead evaluation on the proposed protocol.

[1]  Guillaume Pierre,et al.  A survey of DHT security techniques , 2011, CSUR.

[2]  Hugo Krawczyk,et al.  Dynamic Searchable Encryption in Very-Large Databases: Data Structures and Implementation , 2014, NDSS.

[3]  David Pointcheval,et al.  Verifiable Dynamic Symmetric Searchable Encryption: Optimality and Forward Security , 2016, IACR Cryptol. ePrint Arch..

[4]  Cong Wang,et al.  Towards trustworthy and private keyword search in encrypted decentralized storage , 2017, 2017 IEEE International Conference on Communications (ICC).

[5]  Gade Krishna,et al.  A scalable peer-to-peer lookup protocol for Internet applications , 2012 .

[6]  Alex Pentland,et al.  Enigma: Decentralized Computation Platform with Guaranteed Privacy , 2015, ArXiv.

[7]  Patrick Valduriez,et al.  Principles of Distributed Database Systems , 1990 .

[8]  Amin Vahdat,et al.  Peer-to-Peer Keyword Search: A Retrospective , 2013, Middleware.

[9]  Cong Wang,et al.  EncSIM: An encrypted similarity search service for distributed high-dimensional datasets , 2017, 2017 IEEE/ACM 25th International Symposium on Quality of Service (IWQoS).

[10]  Qian Wang,et al.  Searchable Encryption over Feature-Rich Data , 2018, IEEE Transactions on Dependable and Secure Computing.

[11]  Mahdi N. Al-Ameen,et al.  Design and evaluation of persea, a sybil-resistant DHT , 2014, AsiaCCS.

[12]  Charalampos Papamanthou,et al.  Dynamic searchable symmetric encryption , 2012, IACR Cryptol. ePrint Arch..

[13]  Shawn Wilkinson,et al.  Storj A Peer-to-Peer Cloud Storage Network , 2014 .

[14]  Muneeb Ali,et al.  Blockstack: A Global Naming and Storage System Secured by Blockchains , 2016, USENIX Annual Technical Conference.

[15]  Yu Guo,et al.  EncKV: An Encrypted Key-value Store with Rich Queries , 2017, AsiaCCS.

[16]  Fangguo Zhang,et al.  Verifiable Searchable Symmetric Encryption from Indistinguishability Obfuscation , 2015, AsiaCCS.

[17]  Murat Kantarcioglu,et al.  Distributed Search over Encrypted Big Data , 2015, CODASPY.

[18]  Kaoru Kurosawa,et al.  UC-Secure Searchable Symmetric Encryption , 2012, Financial Cryptography.

[19]  Pieter H. Hartel,et al.  Computationally Efficient Searchable Symmetric Encryption , 2010, Secure Data Management.

[20]  Cong Wang,et al.  Building an Encrypted, Distributed, and Searchable Key-value Store , 2016, AsiaCCS.

[21]  Wilson C. Hsieh,et al.  Spanner , 2012, OSDI.

[22]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: Improved definitions and efficient constructions , 2011, J. Comput. Secur..