Improved Secure Searchable Asymmetric Encryption for Cloud Storage Services

A B S T R A C T The rapid growth of information in IT context causes the IT companies outsource their information to data centers out of them. Since data security and privacy are among the main issues of outsourcing, IT admins should use cryptographic techniques to address these problems. Searchable encryption plays an important role in the context of outsourcing a company’s information. In this paper we propose a secure communication scheme for cloud storage. We use a built-in mechanism to check the message integrity without using message digest, this will decrease the overhead of network trac signicantly. At rst, we describe an attack to the SPKS (state of the art searchable cryptographic schemes for cloud storage networks) and show that the lack of client signature in SPKS helps intruders to forge the encrypted data. Then we propose a modied version of this scheme and prove its security against the forgery attack.

[1]  V. Kavitha,et al.  A survey on security issues in service delivery models of cloud computing , 2011, J. Netw. Comput. Appl..

[2]  Muttukrishnan Rajarajan,et al.  A survey on security issues and solutions at different layers of Cloud computing , 2013, The Journal of Supercomputing.

[3]  Muttukrishnan Rajarajan,et al.  A survey of intrusion detection techniques in Cloud , 2013, J. Netw. Comput. Appl..

[4]  Melissa Chase,et al.  Structured Encryption and Controlled Disclosure , 2010, IACR Cryptol. ePrint Arch..

[5]  Randy H. Katz,et al.  Above the Clouds: A Berkeley View of Cloud Computing , 2009 .

[6]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[7]  Dalia Khader,et al.  Introduction to Attribute Based Searchable Encryption , 2014, Communications and Multimedia Security.

[8]  Mohammad Ali Akhaee,et al.  Secure and privacy preserving keyword searching cryptography , 2014, 2014 11th International ISC Conference on Information Security and Cryptology.

[9]  Susan V. Vrbsky Security Attacks and Solutions in Clouds Kazi Zunnurhain , 2010 .

[10]  Florian Kerschbaum,et al.  Searchable Encryption for Outsourced Data Analytics , 2010, EuroPKI.

[11]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[12]  Jie Wu,et al.  Secure and privacy preserving keyword searching for cloud storage services , 2012, J. Netw. Comput. Appl..

[13]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[14]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[15]  Jie Wu,et al.  An Efficient Privacy Preserving Keyword Search Scheme in Cloud Computing , 2009, 2009 International Conference on Computational Science and Engineering.

[16]  Charalampos Papamanthou,et al.  CS2: A Searchable Cryptographic Cloud Storage System , 2011 .

[17]  Roberto Di Pietro,et al.  Secure virtualization for cloud computing , 2011, J. Netw. Comput. Appl..

[18]  Archana Ganapathi,et al.  Towards Understanding Cloud Performance Tradeoffs Using Statistical Workload Analysis and Replay , 2010 .

[19]  Cong Wang,et al.  Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing , 2011, IEEE Transactions on Parallel and Distributed Systems.

[20]  Sandeep K. Sood,et al.  A combined approach to ensure data security in cloud computing , 2012, J. Netw. Comput. Appl..

[21]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: Improved definitions and efficient constructions , 2011, J. Comput. Secur..

[22]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[23]  Yanpei Chen,et al.  What's New About Cloud Computing Security? , 2010 .

[24]  Cong Wang,et al.  Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing , 2009, ESORICS.