Privacy-preserving conjunctive keyword search on encrypted data with enhanced fine-grained access control

Cloud storage over the internet gives opportunities for easy data sharing. To preserve the privacy of sharing data, the outsourced data is usually encrypted. The searchable encryption technique provides a solution to find the target data in the encrypted form. And the public-key encryption with keyword search is regarded as a major approach for the searchable encryption technique. However, there are still several privacy leakage challenges for the further adoption of these major schemes. One is how to resist the keyword guessing attack which still leaks data user’s keywords privacy. Another is how to construct the access control policy to prevent illegal access of outsourced data sharing since illegal access always leak the privacy of user’s attribute. In our paper, we firstly try to design a novel secure keyword index to resist the keyword guessing attack from access pattern and search pattern. Second, we propose an attribute-based encryption scheme which supports an enhanced fine-grained access control search. This allows the authenticated users to access different data although their searching request contains the same queried keywords, and meanwhile unauthenticated users cannot get any attribute privacy information. Third, we give security proofs to show that the construction of keyword index is against keyword guessing attack from the access pattern and search pattern, and our scheme is proved to be IND-CPA secure (the indistinguishability under chosen plaintext attack) under the standard model. Finally, theoretical analyses and a series of experiments are conducted to demonstrate the efficiency of our scheme.

[1]  Robert H. Deng,et al.  Expressive query over outsourced encrypted data , 2018, Inf. Sci..

[2]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.

[3]  Yiwei Thomas Hou,et al.  Catch you if you lie to me: Efficient verifiable conjunctive keyword search over large dynamic encrypted cloud data , 2015, 2015 IEEE Conference on Computer Communications (INFOCOM).

[4]  Pascal Paillier,et al.  Decryptable Searchable Encryption , 2007, ProvSec.

[5]  Xiaoping Wu,et al.  Multi-authority Attribute-Based Encryption Access Control Scheme with Hidden Policy and Constant Length Ciphertext for Cloud Storage , 2017, DSC.

[6]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[7]  Peng Jiang,et al.  Keyword Attacks and Privacy Preserving in Public-Key-Based Searchable Encryption , 2019, Encyclopedia of Big Data Technologies.

[8]  Seny Kamara,et al.  Boolean Searchable Symmetric Encryption with Worst-Case Sub-linear Complexity , 2017, EUROCRYPT.

[9]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[10]  Shouhuai Xu,et al.  VABKS: Verifiable attribute-based keyword search over outsourced encrypted data , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[11]  Yongjun Ren,et al.  Decryptable Public Key Encryption with Keyword Search Schemes , 2010, J. Digit. Content Technol. its Appl..

[12]  Toru Nakanishi,et al.  Designated-Senders Public-Key Searchable Encryption Secure against Keyword Guessing Attacks , 2017, 2017 Fifth International Symposium on Computing and Networking (CANDAR).

[13]  Liehuang Zhu,et al.  Search pattern leakage in searchable encryption: Attacks and new construction , 2014, Inf. Sci..

[14]  Jie Wu,et al.  Verifiable Ranked Search over dynamic encrypted data in cloud computing , 2017, 2017 IEEE/ACM 25th International Symposium on Quality of Service (IWQoS).

[15]  Jianfeng Ma,et al.  Attribute-Based Keyword Search over Hierarchical Data in Cloud Computing , 2020, IEEE Transactions on Services Computing.

[16]  Woo-Hwan Kim,et al.  Forward Secure Dynamic Searchable Symmetric Encryption with Efficient Updates , 2017, CCS.

[17]  Keith M. Martin,et al.  Multi-level Access in Searchable Symmetric Encryption , 2017, Financial Cryptography Workshops.

[18]  Jiwu Shu,et al.  Preferred search over encrypted data , 2018, Frontiers of Computer Science.

[19]  Qiong Huang,et al.  An efficient public-key searchable encryption scheme secure against inside keyword guessing attacks , 2017, Inf. Sci..

[20]  Gunho Lee,et al.  Clearing the clouds away from the true potential and obstacles posed by this computing capability. , 2010 .

[21]  Wu Xiaoping,et al.  Multi-authority Attribute-Based Encryption Access Control Scheme with Hidden Policy and Constant Length Ciphertext for Cloud Storage , 2017, 2017 IEEE Second International Conference on Data Science in Cyberspace (DSC).

[22]  Fagen Li,et al.  Ciphertext retrieval against insider attacks for cloud storage , 2016, 2016 2nd IEEE International Conference on Computer and Communications (ICCC).

[23]  D. Joseph Mook,et al.  An experimental study of nonlinear dynamic system identification , 1990 .

[24]  Yong Xiang,et al.  Achieving Secure and Efficient Dynamic Searchable Symmetric Encryption over Medical Cloud Data , 2020, IEEE Transactions on Cloud Computing.

[25]  Maode Ma,et al.  Conjunctive Keyword Search With Designated Tester and Timing Enabled Proxy Re-Encryption Function for E-Health Clouds , 2016, IEEE Transactions on Information Forensics and Security.

[26]  Chaochen Zhou,et al.  Recent advances in program verification through computer algebra , 2009, Frontiers of Computer Science in China.

[27]  Yiwei Thomas Hou,et al.  Protecting Your Right: Verifiable Attribute-Based Keyword Search with Fine-Grained Owner-Enforced Search Authorization in the Cloud , 2016, IEEE Transactions on Parallel and Distributed Systems.

[28]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[29]  Murat Kantarcioglu,et al.  Access Pattern disclosure on Searchable Encryption: Ramification, Attack and Mitigation , 2012, NDSS.

[30]  Carl A. Gunter,et al.  Dynamic Searchable Encryption via Blind Storage , 2014, 2014 IEEE Symposium on Security and Privacy.

[31]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[32]  Ziba Eslami,et al.  Comments on a chaos-based public key encryption with keyword search scheme , 2018, Nonlinear Dynamics.

[33]  Mingwu Zhang,et al.  Secure searchable public key encryption against insider keyword guessing attacks from indistinguishability obfuscation , 2017, Science China Information Sciences.

[34]  Kazuki Yoneyama,et al.  Attribute-Based Encryption with Partially Hidden Encryptor-Specified Access Structures , 2008, ACNS.

[35]  Ming Li,et al.  Authorized Private Keyword Search over Encrypted Data in Cloud Computing , 2011, 2011 31st International Conference on Distributed Computing Systems.

[36]  Taraneh Eghlidos,et al.  A secure attribute based keyword search scheme against keyword guessing attack , 2016, 2016 8th International Symposium on Telecommunications (IST).

[37]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.