论文信息 - Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers

Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers

Outsourcing data to cloud servers, while increasing service availability and reducing users' burden of managing data, inevitably brings in new concerns such as data privacy, since the server may be honest-but-curious. To mediate the conflicts between data usability and data privacy in such a scenario, research of searchable encryption is of increasing interest. Motivated by the fact that a cloud server, besides its curiosity, may be selfish in order to save its computation and/or download bandwidth, in this paper, we investigate the searchable encryption problem in the presence of a semi-honest-but-curious server, which may execute only a fraction of search operations honestly and return a fraction of search outcome honestly. To fight against this strongest adversary ever, a verifiable SSE (VSSE) scheme is proposed to offer verifiable searchability in additional to the data privacy, both of which are further confirmed by our rigorous security analysis. Besides, we treat the practicality/efficiency as a central requirement of a searchable encryption scheme. To demonstrate the lightweightness of our scheme, we implemented and tested the proposed VSSE on a laptop (serving as the server) and a mobile phone running Android 2.3.4 (serving as the end user). The experimental results optimistically suggest that the proposed scheme satisfies all of our design goals.

Guang Gong | Qi Chai

[1] Brent Waters,et al. Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.

[2] Michael Mitzenmacher,et al. Privacy Preserving Keyword Searches on Remote Encrypted Data , 2005, ACNS.

[3] Yongdae Kim,et al. On protecting integrity and confidentiality of cryptographic file system for outsourced storage , 2009, CCSW '09.

[4] Rafail Ostrovsky,et al. Searchable symmetric encryption: improved definitions and efficient constructions , 2006, CCS '06.

[5] Rafail Ostrovsky,et al. Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[6] Cong Wang,et al. Efficient verifiable fuzzy keyword search over encrypted data in cloud computing , 2013, Comput. Sci. Inf. Syst..

[7] Rafail Ostrovsky,et al. Software protection and simulation on oblivious RAMs , 1996, JACM.

[8] Dawn Xiaodong Song,et al. Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[9] Adam O'Neill,et al. Deterministic Encryption: Definitional Equivalences and Constructions without Random Oracles , 2008, CRYPTO.

[10] Mihir Bellare,et al. Deterministic and Efficiently Searchable Encryption , 2007, CRYPTO.

[11] Tal Malkin,et al. Secure anonymous database search , 2009, CCSW '09.