TKSE: Trustworthy Keyword Search Over Encrypted Data With Two-Side Verifiability via Blockchain

As a very attractive computing paradigm, cloud computing makes it possible for resource-constrained users to enjoy cost-effective and flexible resources of diversity. Considering the untrustworthiness of cloud servers and the data privacy of users, it is necessary to encrypt the data before outsourcing it to the cloud. However, the form of encrypted storage also poses a series of problems, such as: How can users search over the outsourced data? How to realize user-side verifiability of search results to resist malicious cloud servers? How to enable server-side verifiability of outsourced data to check malicious data owners? How to achieve payment fairness between the user and the cloud without introducing any third party? Towards addressing these challenging issues, in this paper, we introduce TKSE, a trustworthy keyword search scheme over encrypted data without any third party, trusted or not. In TKSE, the encrypted data index based on digital signature allows a user to search over the outsourced encrypted data and check whether the search result returned by the cloud fulfills the pre-specified search requirements. In particular, for the first time, TKSE realizes server-side verifiability which protects honest cloud servers from being framed by malicious data owners in the data storage phase. Furthermore, blockchain technologies and hash functions are used to enable payment fairness of search fees without introducing any third party even if the user or the cloud is malicious. Our security analysis and performance evaluation indicate that TKSE is secure and efficient and it is suitable for cloud computing.

[1]  Jian Shen,et al.  Anonymous and Traceable Group Data Sharing in Cloud Computing , 2018, IEEE Transactions on Information Forensics and Security.

[2]  Rui Guo,et al.  Secure Attribute-Based Signature Scheme With Multiple Authorities for Blockchain in Electronic Health Records Systems , 2018, IEEE Access.

[3]  Yinghui Zhang,et al.  Efficient and privacy-aware attribute-based data sharing in mobile cloud computing , 2017, Journal of Ambient Intelligence and Humanized Computing.

[4]  Qiang Tang,et al.  Efficient verifiable fuzzy keyword search over encrypted data in cloud computing , 2013, Comput. Sci. Inf. Syst..

[5]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[6]  Iddo Bentov,et al.  How to Use Bitcoin to Design Fair Protocols , 2014, CRYPTO.

[7]  Jianfeng Ma,et al.  Verifiable Computation over Large Database with Incremental Updates , 2014, IEEE Transactions on Computers.

[8]  Jin Li,et al.  Ensuring attribute privacy protection and fast decryption for outsourced data security in mobile cloud computing , 2017, Inf. Sci..

[9]  Jianfeng Ma,et al.  New Publicly Verifiable Databases with Efficient Updates , 2015, IEEE Transactions on Dependable and Secure Computing.

[10]  Athanasios V. Vasilakos,et al.  Security in cloud computing: Opportunities and challenges , 2015, Inf. Sci..

[11]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[12]  Michael T. Goodrich,et al.  Accountable Storage , 2014, ACNS.

[13]  Vitalik Buterin A NEXT GENERATION SMART CONTRACT & DECENTRALIZED APPLICATION PLATFORM , 2015 .

[14]  Jin Li,et al.  Differentially private Naive Bayes learning over multiple data sources , 2018, Inf. Sci..

[15]  Cong Wang,et al.  Efficient verifiable fuzzy keyword search over encrypted data in cloud computing , 2013, Comput. Sci. Inf. Syst..

[16]  Robert H. Deng,et al.  Security and Privacy in Smart Health: Efficient Policy-Hiding Attribute-Based Access Control , 2018, IEEE Internet of Things Journal.

[17]  Robert H. Deng,et al.  HASBE: A Hierarchical Attribute-Based Solution for Flexible and Scalable Access Control in Cloud Computing , 2012, IEEE Transactions on Information Forensics and Security.

[18]  G. Lakpathi,et al.  Identity-Based Encryption with Outsourced Revocation in Cloud Computing , 2016 .

[19]  Fuchun Guo,et al.  Searchain: Blockchain-based private keyword search in decentralized storage , 2017, Future Gener. Comput. Syst..

[20]  Yuanzhang Li,et al.  A Covert Channel Over VoLTE via Adjusting Silence Periods , 2018, IEEE Access.

[21]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: Improved definitions and efficient constructions , 2011, J. Comput. Secur..

[22]  Jian Shen,et al.  Bitcoin-based fair payments for outsourcing computations of fog devices , 2018, Future Gener. Comput. Syst..

[23]  Jian Shen,et al.  An ID-Based Linearly Homomorphic Signature Scheme and Its Application in Blockchain , 2018, IEEE Access.

[24]  Kaoru Kurosawa,et al.  UC-Secure Searchable Symmetric Encryption , 2012, Financial Cryptography.

[25]  Fangguo Zhang,et al.  A Searchable Symmetric Encryption Scheme using BlockChain , 2017, ArXiv.

[26]  Marcin Andrychowicz,et al.  Fair Two-Party Computations via Bitcoin Deposits , 2014, Financial Cryptography Workshops.

[27]  Cong Wang,et al.  Towards trustworthy and private keyword search in encrypted decentralized storage , 2017, 2017 IEEE International Conference on Communications (ICC).

[28]  Shouhuai Xu,et al.  VABKS: Verifiable attribute-based keyword search over outsourced encrypted data , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[29]  Wee Keong Ng,et al.  Blockchain-Based System for Secure Data Storage with Private Keyword Search , 2017, 2017 IEEE World Congress on Services (SERVICES).

[30]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[31]  Jin Li,et al.  Secure attribute-based data sharing for resource-limited users in cloud computing , 2018, Comput. Secur..

[32]  Jin Li,et al.  Secure Deduplication with Efficient and Reliable Convergent Key Management , 2014, IEEE Transactions on Parallel and Distributed Systems.

[33]  Fatos Xhafa,et al.  L-EncDB: A lightweight framework for privacy-preserving data queries in cloud computing , 2015, Knowl. Based Syst..

[34]  Jin Li,et al.  Efficient Fair Conditional Payments for Outsourcing Computations , 2012, IEEE Transactions on Information Forensics and Security.

[35]  Marcin Andrychowicz,et al.  Secure Multiparty Computations on Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[36]  Zhou Su,et al.  An Efficient and Fine-Grained Big Data Access Control Scheme With Privacy-Preserving Policy , 2017, IEEE Internet of Things Journal.

[37]  Jian Shen,et al.  Cloud-aided lightweight certificateless authentication protocol with anonymity for wireless body area networks , 2018, J. Netw. Comput. Appl..

[38]  Zhaoquan Cai,et al.  Towards secure and flexible EHR sharing in mobile health cloud under static assumptions , 2017, Cluster Computing.

[39]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[40]  Guang Gong,et al.  Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers , 2012, 2012 IEEE International Conference on Communications (ICC).

[41]  Jin Li,et al.  A Hybrid Cloud Approach for Secure Authorized Deduplication , 2015, IEEE Transactions on Parallel and Distributed Systems.

[42]  Jian Shen,et al.  Secure data uploading scheme for a smart home system , 2018, Inf. Sci..

[43]  Jin Li,et al.  DivORAM: Towards a practical oblivious RAM with variable block size , 2018, Inf. Sci..

[44]  Cong Wang,et al.  Hardening Distributed and Encrypted Keyword Search via Blockchain , 2017, 2017 IEEE Symposium on Privacy-Aware Computing (PAC).