Efficient and Provable Security Searchable Asymmetric Encryption in the Cloud

Cloud and remote storage, which has become the preferred method for reducing the security risk and safeguarding our data, is widely used for backups or outsourcing. Thus, for effective utilization of data, it is desirable to perform keyword queries directly over the encrypted data. In the single-data owner architecture, it is common to use symmetric encryption cryptography and allows only the holder who has the secret key to create searchable ciphertexts and trapdoors. In the multi-data owner (MDO) architecture, the scheme uses asymmetric encryption cryptography and allows anyone to create searchable ciphertexts under the public key, while the corresponding private key creates the trapdoors. In the real world, the data come from different providers. Thus, the MDO architecture may meet more applications. However, the existing solutions, in the MDO architecture, do not guarantee security for the trapdoors and provide only linear time search. In this paper, we present a comprehensive study of searching over encrypted data in the MDO architecture, and we propose a novel scheme that supports the inverted index structure, complex search, and dynamic update. After extensive analysis and several experiments, the results indicate that our proposed method is both efficient and secure. We believe that this is the first work that achieves trapdoor security and logarithmic time pairing free search over encrypted data in the MDO architecture.

[1]  Joonsang Baek,et al.  Public Key Encryption with Keyword Search Revisited , 2008, ICCSA.

[2]  Yiwei Thomas Hou,et al.  Protecting your right: Attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[3]  Cong Wang,et al.  Privacy-Preserving Query over Encrypted Graph-Structured Data in Cloud Computing , 2011, 2011 31st International Conference on Distributed Computing Systems.

[4]  Yiwei Thomas Hou,et al.  Inverted index based multi-keyword public-key searchable encryption with strong privacy guarantee , 2015, 2015 IEEE Conference on Computer Communications (INFOCOM).

[5]  Alexandra Boldyreva,et al.  Provably-Secure Schemes for Basic Query Support in Outsourced Databases , 2007, DBSec.

[6]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: Improved definitions and efficient constructions , 2011, J. Comput. Secur..

[7]  Sushil Jajodia,et al.  Balancing confidentiality and efficiency in untrusted relational DBMSs , 2003, CCS '03.

[8]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.

[9]  Lucas Ballard,et al.  Achieving Efficient Conjunctive Keyword Searches over Encrypted Data , 2005, ICICS.

[10]  Gil Segev,et al.  Deterministic Public-Key Encryption for Adaptively Chosen Plaintext Distributions , 2013, EUROCRYPT.

[11]  Dong Hoon Lee,et al.  Trapdoor security in a searchable public-key encryption scheme with a designated tester , 2010, J. Syst. Softw..

[12]  Mihir Bellare,et al.  Deterministic and Efficiently Searchable Encryption , 2007, CRYPTO.

[13]  Hugo Krawczyk,et al.  Outsourced symmetric private information retrieval , 2013, IACR Cryptol. ePrint Arch..

[14]  Hugo Krawczyk,et al.  Dynamic Searchable Encryption in Very-Large Databases: Data Structures and Implementation , 2014, NDSS.

[15]  Zvika Brakerski,et al.  Better Security for Deterministic Public-Key Encryption: The Auxiliary-Input Setting , 2011, CRYPTO.

[16]  Sabrina De Capitani di Vimercati,et al.  Practical Techniques Building on Encryption for Protecting and Managing Data in the Cloud , 2015, The New Codebreakers.

[17]  Charalampos Papamanthou,et al.  Dynamic searchable symmetric encryption , 2012, IACR Cryptol. ePrint Arch..

[18]  Leonid Reyzin,et al.  A Unified Approach to Deterministic Encryption: New Constructions and a Connection to Computational Entropy , 2012, TCC.

[19]  Rui Jiang,et al.  The Attack on Mona: Secure Multi-owner Data Sharing for Dynamic Groups in the Cloud , 2013, 2013 International Conference on Information Science and Cloud Computing Companion.

[20]  Yiwei Thomas Hou,et al.  Privacy-preserving multi-keyword fuzzy search over encrypted data in the cloud , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[21]  Dan Boneh,et al.  Function-Private Identity-Based Encryption: Hiding the Function in Functional Encryption , 2013, CRYPTO.

[22]  Michael Mitzenmacher,et al.  Privacy Preserving Keyword Searches on Remote Encrypted Data , 2005, ACNS.

[23]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[24]  Pil Joong Lee,et al.  Public Key Encryption with Conjunctive Keyword Search and Its Extension to a Multi-user System , 2007, Pairing.

[25]  Omer Reingold,et al.  Incremental Deterministic Public-Key Encryption , 2012, EUROCRYPT.

[26]  Yuqing Zhang,et al.  Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the Cloud , 2013, IEEE Transactions on Parallel and Distributed Systems.

[27]  Brent Waters,et al.  Anonymous Hierarchical Identity-Based Encryption (Without Random Oracles) , 2006, CRYPTO.

[28]  Carl A. Gunter,et al.  Dynamic Searchable Encryption via Blind Storage , 2014, 2014 IEEE Symposium on Security and Privacy.

[29]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[30]  Tal Malkin,et al.  Secure anonymous database search , 2009, CCSW '09.

[31]  Robert H. Deng,et al.  Anonymous Privacy-Preserving Task Matching in Crowdsourcing , 2018, IEEE Internet of Things Journal.

[32]  M. Bellare,et al.  Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions , 2008, Journal of Cryptology.

[33]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[34]  Eu-Jin Goh,et al.  Secure Indexes , 2003, IACR Cryptol. ePrint Arch..

[35]  Aggelos Kiayias,et al.  Edinburgh Research Explorer Efficient Encrypted Keyword Search for Multi-user Data Sharing , 2016 .