Searching an Encrypted Cloud Meets Blockchain: A Decentralized, Reliable and Fair Realization

Enabling search directly over encrypted data is a desirable technique to allow users to effectively utilize encrypted data outsourced to a remote server like cloud service provider. So far, most existing solutions focus on an honest-but-curious server, while security designs against a malicious server have not drawn enough attention. It is not until recently that a few works address the issue of verifiable designs that enable the data owner to verify the integrity of search results. Unfortunately, these verification mechanisms are highly dependent on the specific encrypted search index structures, and fail to support complex queries. There is a lack of a general verification mechanism that can be applied to all search schemes. Moreover, no effective countermeasures (e.g., punishing the cheater) are available when an unfaithful server is detected. In this work, we explore the potential of smart contract in Ethereum, an emerging blockchain-based decentralized technology that provides a new paradigm for trusted and transparent computing. By replacing the central server with a carefully-designed smart contract, we construct a decentralized privacy-preserving search scheme where the data owner can receive correct search results with assurance and without worrying about potential wrongdoings of a malicious server. To better support practical applications, we introduce fairness to our scheme by designing a new smart contract for a financially-fair search construction, in which every participant (especially in the multiuser setting) is treated equally and incentivized to conform to correct computations. In this way, an honest party can always gain what he deserves while a malicious one gets nothing. Finally, we implement a prototype of our construction and deploy it to a locally simulated network and an official Ethereum test network, respectively. The extensive experiments and evaluations demonstrate the practicability of our decentralized search scheme over encrypted data.

[1]  Raphael Bost,et al.  ∑oφoς: Forward Secure Searchable Encryption , 2016, CCS.

[2]  George Kollios,et al.  GRECS: Graph Encryption for Approximate Shortest Distance Queries , 2015, IACR Cryptol. ePrint Arch..

[3]  Elaine Shi,et al.  Practical Dynamic Searchable Encryption with Small Leakage , 2014, NDSS.

[4]  Gilad Asharov,et al.  Towards Characterizing Complete Fairness in Secure Two-Party Computation , 2014, IACR Cryptol. ePrint Arch..

[5]  Elaine Shi,et al.  Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[6]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[7]  Aziz Mohaisen,et al.  SecGDB: Graph Encryption for Exact Shortest Distance Queries with Efficient Updates , 2017, Financial Cryptography.

[8]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[9]  Hugo Krawczyk,et al.  Outsourced symmetric private information retrieval , 2013, IACR Cryptol. ePrint Arch..

[10]  Qian Wang,et al.  Searchable Encryption over Feature-Rich Data , 2018, IEEE Transactions on Dependable and Secure Computing.

[11]  Aggelos Kiayias,et al.  Edinburgh Research Explorer Efficient Encrypted Keyword Search for Multi-user Data Sharing , 2016 .

[12]  Jason Teutsch,et al.  Demystifying Incentives in the Consensus Computer , 2015, CCS.

[13]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[14]  Zhetao Li,et al.  Consortium Blockchain for Secure Energy Trading in Industrial Internet of Things , 2018, IEEE Transactions on Industrial Informatics.

[15]  Hugo Krawczyk,et al.  Dynamic Searchable Encryption in Very-Large Databases: Data Structures and Implementation , 2014, NDSS.

[16]  David Pointcheval,et al.  Verifiable Dynamic Symmetric Searchable Encryption: Optimality and Forward Security , 2016, IACR Cryptol. ePrint Arch..