Catch You if You Misbehave: Ranked Keyword Search Results Verification in Cloud Computing

With the advent of cloud computing, more and more people tend to outsource their data to the cloud. As a fundamental data utilization, secure keyword search over encrypted cloud data has attracted the interest of many researchers recently. However, most of existing researches are based on an ideal assumption that the cloud server is “curious but honest”, where the search results are not verified. In this paper, we consider a more challenging model, where the cloud server would probably behave dishonestly. Based on this model, we explore the problem of result verification for the secure ranked keyword search. Different from previous data verification schemes, we propose a novel deterrent-based scheme. With our carefully devised verification data, the cloud server cannot know which data owners, or how many data owners exchange anchor data which will be used for verifying the cloud server's misbehavior. With our systematically designed verification construction, the cloud server cannot know which data owners’ data are embedded in the verification data buffer, or how many data owners’ verification data are actually used for verification. All the cloud server knows is that, once he behaves dishonestly, he would be discovered with a high probability, and punished seriously once discovered. Furthermore, we propose to optimize the value of parameters used in the construction of the secret verification data buffer. Finally, with thorough analysis and extensive experiments, we confirm the efficacy and efficiency of our proposed schemes.

[1]  Cong Wang,et al.  Efficient verifiable fuzzy keyword search over encrypted data in cloud computing , 2013, Comput. Sci. Inf. Syst..

[2]  Kyriakos Mouratidis,et al.  Authenticating the query results of text search engines , 2008, Proc. VLDB Endow..

[3]  S. Green How Many Subjects Does It Take To Do A Regression Analysis. , 1991, Multivariate behavioral research.

[4]  Jianliang Xu,et al.  Authenticating location-based services without compromising location privacy , 2012, SIGMOD Conference.

[5]  Ming Li,et al.  Verifiable Privacy-Preserving Multi-Keyword Text Search in the Cloud Supporting Similarity-Based Ranking , 2013, IEEE Transactions on Parallel and Distributed Systems.

[6]  Feifei Li,et al.  Dynamic authenticated index structures for outsourced databases , 2006, SIGMOD Conference.

[7]  Yiwei Thomas Hou,et al.  Privacy-preserving multi-keyword fuzzy search over encrypted data in the cloud , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[8]  Victor C. M. Leung,et al.  A Review of Key Issues That Concern the Feasibility of Mobile Cloud Computing , 2013, 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber, Physical and Social Computing.

[9]  Hui Li,et al.  Oruta: Privacy-Preserving Public Auditing for Shared Data in the Cloud , 2012, 2012 IEEE Fifth International Conference on Cloud Computing.

[10]  M. Chuah,et al.  Privacy-Aware BedTree Based Solution for Fuzzy Multi-keyword Search over Encrypted Data , 2011, 2011 31st International Conference on Distributed Computing Systems Workshops.

[11]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[12]  Fatos Xhafa,et al.  OPoR: Enabling Proof of Retrievability in Cloud Computing with Resource-Constrained Devices , 2015, IEEE Transactions on Cloud Computing.

[13]  Cong Wang,et al.  Secure Ranked Keyword Search over Encrypted Cloud Data , 2010, 2010 IEEE 30th International Conference on Distributed Computing Systems.

[14]  Ruixuan Li,et al.  Efficient Multi-Keyword Ranked Query on Encrypted Data in the Cloud , 2012, 2012 IEEE 18th International Conference on Parallel and Distributed Systems.

[15]  Jie Wu,et al.  Privacy Preserving Ranked Multi-Keyword Search for Multiple Data Owners in Cloud Computing , 2016, IEEE Transactions on Computers.

[16]  Hai Jin,et al.  Secure Rank-Ordered Search of Multi-keyword Trapdoor over Encrypted Cloud Data , 2012, 2012 IEEE Asia-Pacific Services Computing Conference.

[17]  Donald E. Eastlake,et al.  US Secure Hash Algorithm 1 (SHA1) , 2001, RFC.

[18]  Shouhuai Xu,et al.  VABKS: Verifiable attribute-based keyword search over outsourced encrypted data , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[19]  Gene Tsudik,et al.  DSAC: integrity for outsourced databases with signature aggregation and chaining , 2005, CIKM '05.

[20]  Yiwei Thomas Hou,et al.  Protecting Your Right: Verifiable Attribute-Based Keyword Search with Fine-Grained Owner-Enforced Search Authorization in the Cloud , 2016, IEEE Transactions on Parallel and Distributed Systems.

[21]  Jianliang Xu,et al.  Authenticating Top-k Queries in Location-based Services with Confidentiality , 2013, Proc. VLDB Endow..

[22]  Yiwei Thomas Hou,et al.  Protecting your right: Attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[23]  Rafail Ostrovsky,et al.  Private Searching on Streaming Data , 2005, Journal of Cryptology.

[24]  Yaping Lin,et al.  Secure Ranked Multi-keyword Search for Multiple Data Owners in Cloud Computing , 2014, 2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks.

[25]  Kian-Lee Tan,et al.  Verifying completeness of relational query results in data publishing , 2005, SIGMOD '05.

[26]  Wei Wang,et al.  Public-Key Encryption with Fuzzy Keyword Search: A Provably Secure Scheme under Keyword Guessing Attack , 2013, IEEE Transactions on Computers.

[27]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[28]  Yin Yang,et al.  Authenticated indexing for outsourced spatial databases , 2009, The VLDB Journal.

[29]  Yaping Lin,et al.  Secure distributed keyword search in multiple clouds , 2014, 2014 IEEE 22nd International Symposium of Quality of Service (IWQoS).

[30]  Cong Wang,et al.  Achieving usable and privacy-assured similarity search over outsourced cloud data , 2012, 2012 Proceedings IEEE INFOCOM.

[31]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[32]  N. Cao,et al.  Privacy-preserving multi-keyword ranked search over encrypted cloud data , 2011, 2011 Proceedings IEEE INFOCOM.

[33]  Ee-Chien Chang,et al.  Indexing Encrypted Documents for Supporting Efficient Keyword Search , 2012, Secure Data Management.

[34]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[35]  Ming Li,et al.  Verifiable Privacy-Preserving Multi-Keyword Text Search in the Cloud Supporting Similarity-Based Ranking , 2014, IEEE Trans. Parallel Distributed Syst..