Universally Composable Forward Secure Dynamic Searchable Symmetric Encryption

Kurosawa et al. formulate a universally composable (UC) security definition of dynamic searchable symmetric encryption (DSSE). They also show (weak) equivalence between the UC and the game-based definition, and introduce a UC secure DSSE scheme (KSOY scheme). However, there is a problem in their update protocol such that just documents containing the same keyword can be modified. Hence, the KSOY scheme does not satisfy forward security which guarantees that the server cannot know any relationship between an added or modified document and past search queries. In this paper, we introduce a new DSSE scheme such that documents containing different keywords can be modified, by extending the KSOY scheme. In addition, since Kurosawa et al.'s UC definition does not guarantee forward security, we extend their UC definition to guarantee forward security, and prove (weak) equivalence between the game-based definition of forward security and our UC definition. We also show that the proposed scheme satisfies UC security by proving the game-based definition.

[1]  Mihir Bellare,et al.  A concrete security treatment of symmetric encryption , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[2]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: improved definitions and efficient constructions , 2006, CCS '06.

[3]  Alptekin Küpçü,et al.  Efficient Dynamic Searchable Encryption with Forward Privacy , 2017, Proc. Priv. Enhancing Technol..

[4]  Charalampos Papamanthou,et al.  Dynamic searchable symmetric encryption , 2012, IACR Cryptol. ePrint Arch..

[5]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[6]  Raphael Bost,et al.  ∑oφoς: Forward Secure Searchable Encryption , 2016, CCS.

[7]  Kaoru Kurosawa,et al.  How to Update Documents Verifiably in Searchable Symmetric Encryption , 2013, CANS.

[8]  Kazuki Yoneyama,et al.  UC-Secure Dynamic Searchable Symmetric Encryption Scheme , 2016, IWSEC.

[9]  David Pointcheval,et al.  Verifiable Dynamic Symmetric Searchable Encryption: Optimality and Forward Security , 2016, IACR Cryptol. ePrint Arch..

[10]  Elaine Shi,et al.  Practical Dynamic Searchable Encryption with Small Leakage , 2014, NDSS.

[11]  Jonathan Katz,et al.  All Your Queries Are Belong to Us: The Power of File-Injection Attacks on Searchable Encryption , 2016, USENIX Security Symposium.

[12]  Josh Benaloh,et al.  One-Way Accumulators: A Decentralized Alternative to Digital Sinatures (Extended Abstract) , 1994, EUROCRYPT.

[13]  Murat Kantarcioglu,et al.  Access Pattern disclosure on Searchable Encryption: Ramification, Attack and Mitigation , 2012, NDSS.

[14]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[15]  Woo-Hwan Kim,et al.  Forward Secure Dynamic Searchable Symmetric Encryption with Efficient Updates , 2017, CCS.

[16]  Birgit Pfitzmann,et al.  Collision-Free Accumulators and Fail-Stop Signature Schemes Without Trees , 1997, EUROCRYPT.

[17]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[18]  Mihir Bellare,et al.  XOR MACs: New Methods for Message Authentication Using Finite Pseudorandom Functions , 1995, CRYPTO.

[19]  Jan Camenisch,et al.  Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials , 2002, CRYPTO.

[20]  Ioannis Demertzis,et al.  Dynamic Searchable Encryption with Small Client Storage , 2019, IACR Cryptol. ePrint Arch..

[21]  Michael Mitzenmacher,et al.  Privacy Preserving Keyword Searches on Remote Encrypted Data , 2005, ACNS.