Enabling efficient and secure data sharing in cloud computing

With the rapid development of cloud computing, more and more data are being centralized into remote cloud server for sharing, which raises a challenge on how to keep them both private and accessible. Although searchable encryption provides an efficient solution to support keyword‐based search directly on encrypted data, considering its application in file sharing, existing work depends on key sharing among authorized users, which inevitably causes the risks of key exposure and abuse. In this paper, aiming at enabling efficient and secure data sharing in cloud computing, we provide a generic construction for this purpose. The proposed construction is full‐featured: (i) It enables authorized users to perform keyword‐based search directly on encrypted data without sharing the unique secret key; and (ii) it provides two‐layered access control to limit unauthorized user's access to the shared data. On the basis of the proposed generic construction, we utilize the existing techniques on identity‐based broadcast encryption and public key searchable encryption to instantiate a concrete construction. Copyright © 2013 John Wiley & Sons, Ltd.

[1]  Joonsang Baek,et al.  Public Key Encryption with Keyword Search Revisited , 2008, ICCSA.

[2]  Yanli Ren,et al.  Fully CCA2 secure identity based broadcast encryption without random oracles , 2009, Inf. Process. Lett..

[3]  Qing Wu,et al.  Adaptively secure identity-based broadcast encryption with constant size private keys and ciphertexts from the subgroups , 2012, Math. Comput. Model..

[4]  Jin Li,et al.  A Novel Framework for Outsourcing and Sharing Searchable Encrypted Data on Hybrid Cloud , 2012, 2012 Fourth International Conference on Intelligent Networking and Collaborative Systems.

[5]  Pieter H. Hartel,et al.  Computationally Efficient Searchable Symmetric Encryption , 2010, Secure Data Management.

[6]  Dong Hoon Lee,et al.  Improved searchable public key encryption with designated tester , 2009, ASIACCS '09.

[7]  Ming Li,et al.  Authorized Private Keyword Search over Encrypted Data in Cloud Computing , 2011, 2011 31st International Conference on Distributed Computing Systems.

[8]  Dong Hoon Lee,et al.  Constructing PEKS schemes secure against keyword guessing attacks is possible? , 2009, Comput. Commun..

[9]  Mihir Bellare,et al.  Deterministic and Efficiently Searchable Encryption , 2007, CRYPTO.

[10]  Bok-Min Goi,et al.  Off-Line Keyword Guessing Attacks on Recent Public Key Encryption with Keyword Search Schemes , 2008, ATC.

[11]  Charalampos Papamanthou,et al.  Dynamic searchable symmetric encryption , 2012, IACR Cryptol. ePrint Arch..

[12]  Alexandra Boldyreva,et al.  Provably-Secure Schemes for Basic Query Support in Outsourced Databases , 2007, DBSec.

[13]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[14]  Philip Hawkes,et al.  A Mode of Operation with Partial Encryption and Message Integrity , 2003, IACR Cryptol. ePrint Arch..

[15]  Jalel Ben-Othman,et al.  IBC‐HWMP: a novel secure identity‐based cryptography‐based scheme for Hybrid Wireless Mesh Protocol for IEEE 802.11s , 2013, Concurr. Comput. Pract. Exp..

[16]  Dong Hoon Lee,et al.  Generic construction of designated tester public-key encryption with keyword search , 2012, Inf. Sci..

[17]  Dalia Khader,et al.  Public Key Encryption with Keyword Search Based on K-Resilient IBE , 2006, ICCSA.

[18]  Cécile Delerablée,et al.  Identity-Based Broadcast Encryption with Constant Size Ciphertexts and Private Keys , 2007, ASIACRYPT.

[19]  Xinpeng Zhang,et al.  Non-interactive Dynamic Identity-Based Broadcast Encryption without Random Oracles , 2012, ICICS.

[20]  Kaoru Kurosawa,et al.  UC-Secure Searchable Symmetric Encryption , 2012, Financial Cryptography.

[21]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.

[22]  Jie Wu,et al.  Achieving fine‐grained access control for secure data sharing on cloud servers , 2011, Concurr. Comput. Pract. Exp..

[23]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[24]  Ronald Cramer,et al.  Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack , 2003, SIAM J. Comput..

[25]  Cong Wang,et al.  Efficient verifiable fuzzy keyword search over encrypted data in cloud computing , 2013, Comput. Sci. Inf. Syst..

[26]  Chanil Park,et al.  Privacy-preserving identity-based broadcast encryption , 2012, Inf. Fusion.

[27]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: improved definitions and efficient constructions , 2006, CCS '06.

[28]  Pil Joong Lee,et al.  Public Key Encryption with Conjunctive Keyword Search and Its Extension to a Multi-user System , 2007, Pairing.

[29]  Fangguo Zhang,et al.  Fully CCA2 secure identity-based broadcast encryption with black-box accountable authority , 2012, J. Syst. Softw..

[30]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[31]  Kihyun Kim,et al.  Public Key Encryption with Conjunctive Field Keyword Search , 2004, WISA.

[32]  Naranker Dulay,et al.  Shared and Searchable Encrypted Data for Untrusted Servers , 2008, DBSec.

[33]  Michael Mitzenmacher,et al.  Privacy Preserving Keyword Searches on Remote Encrypted Data , 2005, ACNS.

[34]  Hui Li,et al.  A fine‐grained access control and revocation scheme on clouds , 2016, Concurr. Comput. Pract. Exp..

[35]  Willy Susilo,et al.  A Secure Channel Free Public Key Encryption with Keyword Search Scheme without Random Oracle , 2009, CANS.

[36]  Jin Li,et al.  Efficient Keyword Search over Encrypted Data with Fine-Grained Access Control in Hybrid Cloud , 2012, NSS.

[37]  Eu-Jin Goh,et al.  Secure Indexes , 2003, IACR Cryptol. ePrint Arch..

[38]  WuJie,et al.  Achieving fine-grained access control for secure data sharing on cloud servers , 2011 .

[39]  Vishal Saraswat,et al.  Public Key Encryption with Searchable Keywords Based on Jacobi Symbols , 2007, INDOCRYPT.

[40]  Dong Hoon Lee,et al.  Off-Line Keyword Guessing Attacks on Recent Keyword Search Schemes over Encrypted Data , 2006, Secure Data Management.