Generic Multi-keyword Ranked Search on Encrypted Cloud Data

Although searchable encryption schemes allow secure search over the encrypted data, they mostly support conventional Boolean keyword search, without capturing any relevance of the search results. This leads to a large amount of post-processing overhead to find the most matching documents and causes an unnecessary communication cost between the servers and end-users. Such problems can be addressed efficiently using a ranked search system that retrieves the most relevant documents. However, existing state-of-the-art solutions in the context of Searchable Symmetric Encryption (SSE) suffer from either (a) security and privacy breaches due to the use of Order Preserving Encryption (OPE) or (b) non-practical solutions like using the two non-colluding servers. In this paper, we present a generic solution for multi-keyword ranked search over the encrypted cloud data. The proposed solution can be applied over different symmetric searchable encryption schemes. To demonstrate the practicality of our technique, in this paper we leverage the Oblivious Cross Tags (OXT) protocol of Cash et al. (2013) due to its scalability and remarkable flexibility to support different settings. Our proposed scheme supports the multi-keyword search on Boolean, ranked and limited range queries while keeping all of the OXT’s properties intact. The key contribution of this paper is that our scheme is resilience against all common attacks that take advantage of OPE leakage while only a single cloud server is used. Moreover, the results indicate that using the proposed solution the communication overhead decreases drastically when the number of matching results is large.

[1]  Jung Hee Cheon,et al.  Optimized Search-and-Compute Circuits and Their Application to Query Evaluation on Encrypted Data , 2016, IEEE Transactions on Information Forensics and Security.

[2]  Cong Wang,et al.  Privacy-preserving multi-keyword ranked search over encrypted cloud data , 2011, 2011 Proceedings IEEE INFOCOM.

[3]  Olga Ohrimenko,et al.  Sorting and Searching Behind the Curtain , 2015, Financial Cryptography.

[4]  Michael T. Goodrich,et al.  Privacy-Preserving Access of Outsourced Data via Oblivious RAM Simulation , 2010, ICALP.

[5]  Moni Naor,et al.  Optimal aggregation algorithms for middleware , 2001, PODS.

[6]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[7]  Peng Zhang,et al.  Ranked Searchable Symmetric Encryption Supporting Conjunctive Queries , 2017, ISPEC.

[8]  Jia Yu,et al.  Enabling efficient and verifiable multi-keyword ranked search over encrypted cloud data , 2017, Inf. Sci..

[9]  Ronald Fagin,et al.  Combining Fuzzy Information from Multiple Systems , 1999, J. Comput. Syst. Sci..

[10]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[11]  Jun Yu,et al.  Capacity Limits of Pseudorandom Channels in Deception Problems , 2015, IEEE Transactions on Information Forensics and Security.

[12]  Dan Boneh,et al.  Remote Oblivious Storage: Making Oblivious RAM Practical , 2011 .

[13]  Haitao Wang,et al.  Geometric Range Search on Encrypted Spatial Data , 2016, IEEE Transactions on Information Forensics and Security.

[14]  Brent Waters,et al.  Homomorphic Encryption from Learning with Errors: Conceptually-Simpler, Asymptotically-Faster, Attribute-Based , 2013, CRYPTO.

[15]  Ivan Damgård,et al.  Perfectly Secure Oblivious RAM Without Random Oracles , 2011, IACR Cryptol. ePrint Arch..

[16]  Cong Wang,et al.  Enabling Secure and Efficient Ranked Keyword Search over Outsourced Cloud Data , 2012, IEEE Transactions on Parallel and Distributed Systems.

[17]  Charles V. Wright,et al.  Inference Attacks on Property-Preserving Encrypted Databases , 2015, CCS.

[18]  Nicolas Gama,et al.  TFHE: Fast Fully Homomorphic Encryption Over the Torus , 2019, Journal of Cryptology.

[19]  Weiming Zhang,et al.  Security Analysis on One-to-Many Order Preserving Encryption-Based Cloud Data Search , 2015, IEEE Transactions on Information Forensics and Security.

[20]  Hugo Krawczyk,et al.  Highly-Scalable Searchable Symmetric Encryption with Support for Boolean Queries , 2013, IACR Cryptol. ePrint Arch..

[21]  Craig Gentry,et al.  (Leveled) Fully Homomorphic Encryption without Bootstrapping , 2014, ACM Trans. Comput. Theory.

[22]  Martin R. Albrecht,et al.  On the concrete hardness of Learning with Errors , 2015, J. Math. Cryptol..

[23]  Peter Williams,et al.  Single round access privacy on outsourced storage , 2012, CCS '12.

[24]  David Cash,et al.  What Else is Revealed by Order-Revealing Encryption? , 2016, IACR Cryptol. ePrint Arch..

[25]  Chris Clifton,et al.  Privacy - preserving top-k queries , 2005, 21st International Conference on Data Engineering (ICDE'05).

[26]  Ian H. Witten,et al.  Managing Gigabytes: Compressing and Indexing Documents and Images , 1999 .

[27]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .