Abstract
Querying over encrypted data is gaining increasing popularity in cloud-based data hosting services. Security and efficiency are recognized as two important and yet conflicting requirements for querying over encrypted data. In this article, we propose an efficient private keyword search (EPKS) scheme that supports binary search and extend it to dynamic settings (called DEPKS) for inverted index--based encrypted data. First, we describe our approaches of constructing a searchable symmetric encryption (SSE) scheme that supports binary search. Second, we present a novel framework for EPKS and provide its formal security definitions in terms of plaintext privacy and predicate privacy by modifying Shen et al.’s security notions [Shen et al. 2009]. Third, built on the proposed framework, we design an EPKS scheme whose complexity is logarithmic in the number of keywords. The scheme is based on the groups of prime order and enjoys strong notions of security, namely statistical plaintext privacy and statistical predicate privacy. Fourth, we extend the EPKS scheme to support dynamic keyword and document updates. The extended scheme not only maintains the properties of logarithmic-time search efficiency and plaintext privacy and predicate privacy but also has fewer rounds of communications for updates compared to existing dynamic search encryption schemes. We experimentally evaluate the proposed EPKS and DEPKS schemes and show that they are significantly more efficient in terms of both keyword search complexity and communication complexity than existing randomized SSE schemes.
- Mihir Bellare, Alexandra Boldyreva, and Adam O’Neill. 2007. Deterministic and efficiently searchable encryption. In Advances in Cryptology—CRYPTO 2007. Lecture Notes in Computer Science, Vol. 4622. Springer, 535--552. Google ScholarDigital Library
- Dan Boneh, Giovanni Crescenzo, Rafail Ostrovsky, and Giuseppe Persiano. 2004. Public key encryption with keyword search. In Advances in Cryptology—EUROCRYPT 2004. Lecture Notes in Computer Science, Vol. 3027. Springer, 506--522.Google Scholar
- Ning Cao, Cong Wang, Ming Li, Kui Ren, and Wenjing Lou. 2011a. Privacy-preserving multi-keyword ranked search over encrypted cloud data. In Proceedings of the INFOCOM Conference (INFOCOM’11). 829--837.Google ScholarCross Ref
- Ning Cao, Zhenyu Yang, Cong Wang, Kui Ren, and Wenjing Lou. 2011b. Privacy-preserving query over encrypted graph-structured data in cloud computing. In Proceedings of the ICDCS Conference (ICDCS’11). 393--402. Google ScholarDigital Library
- David Cash, Joseph Jaeger, Stanislaw Jarecki, Charanjit Jutla, Hugo Krawczyk, Marcel-Cătălin Roşu, and Michael Steiner. 2014. Dynamic searchable encryption in very-large databases: Data structures and implementation. In Proceedings of the NDSS Conference (NDSS’14).Google ScholarCross Ref
- David Cash, Stanislaw Jarecki, Charanjit Jutla, Hugo Krawczyk, Marcel-Cătălin Roşu, and Michael Steiner. 2013a. Highly-scalable searchable symmetric encryption with support for Boolean queries. In Advances in Cryptology—CRYPTO 2013. Lecture Notes in Computer Science, Vol. 8042. Springer, 353--373.Google Scholar
- David Cash, Alptekin Küpçü, and Daniel Wichs. 2013b. Dynamic proofs of retrievability via oblivious RAM. In Advances in Cryptology—EUROCRYPT 2013. Lecture Notes in Computer Science, Vol. 7881. Springer, 279--295.Google Scholar
- Yan-Cheng Chang and Michael Mitzenmacher. 2005. Privacy preserving keyword searches on remote encrypted data. In Proceedings of the ACNS Conference (ACNS’05). Springer, 442--455. Google ScholarDigital Library
- Reza Curtmola, Juan Garay, Seny Kamara, and Rafail Ostrovsky. 2006. Searchable symmetric encryption: Improved definitions and efficient constructions. In Proceedings of the CCS Conference (CCS’06). ACM, New York, NY, 79--88. Google ScholarDigital Library
- Ivan Damgård, Sigurd Meldgaard, and JesperBuus Nielsen. 2011. Perfectly secure oblivious RAM without random oracles. In Theory of Cryptography. Lecture Notes in Computer Science, Vol. 6597. Springer, 144--163. Google ScholarDigital Library
- David Mandell Freeman. 2010. Converting pairing-based cryptosystems from composite-order groups to prime-order groups. In Advances in Cryptology—EUROCRYPT 2010. Lecture Notes in Computer Science, Vol. 6110. Springer, 44--61. Google ScholarDigital Library
- Eu-Jin Goh. 2003. Cryptology ePrint Archive: Report 2003/216. Secure Indexes. Retrieved July 14, 2016, from http://eprint.iacr.org/2003/216/.Google Scholar
- O. Goldreich. 1987. Towards a theory of software protection and simulation by oblivious RAMs. In Proceedings of the STOC Conference (STOC’87). ACM, New York, NY, 182--194. Google ScholarDigital Library
- Oded Goldreich and Rafail Ostrovsky. 1996. Software protection and simulation on oblivious RAMs. Journal of the ACM 43, 3, 431--473. Google ScholarDigital Library
- Aurore Guillevic. 2013. Comparing the pairing efficiency over composite-order and prime-order elliptic curves. In Applied Cryptography and Network Security. Lecture Notes in Computer Science, Vol. 7954. Springer, 357--372. Google ScholarDigital Library
- Mohammad Saiful Islam, Mehmet Kuzu, and Murat Kantarcioglu. 2012. Access pattern disclosure on searchable encryption: Ramification, attack and mitigation. In Proceedings of the NDSS Conference (NDSS’12).Google Scholar
- Stanislaw Jarecki, Charanjit Jutla, Hugo Krawczyk, Marcel Rosu, and Michael Steiner. 2013. Outsourced symmetric private information retrieval. In Proceedings of the CCS Conference (CCS’13). ACM, New York, NY, 875--888. Google ScholarDigital Library
- JPBC Library. 2013. The Java Pairing Based Cryptography Library (JPBC). Retrieved July 14, 2016, from http://gas.dia.unisa.it/projects/jpbc Seny Kamara and Charalampos Papamanthou. 2013. Parallel and dynamic searchable symmetric encryption. In FC 2013. LNCS, Vol. 7859. Springer Berlin Heidelberg, 258--274.Google Scholar
- Seny Kamara, Charalampos Papamanthou, and Tom Roeder. 2012. Dynamic searchable symmetric encryption. In Proceedings of the CCS Conference (CCS’12). ACM, New York, NY, 965--976. Google ScholarDigital Library
- Jonathan Katz, Amit Sahai, and Brent Waters. 2008. Predicate encryption supporting disjunctions, polynomial equations, and inner products. In Advances in Cryptology—EUROCRYPT 2008. Lecture Notes in Computer Science, Vol. 4965. Springer, 146--162. Google ScholarDigital Library
- Kaoru Kurosawa and Yasuhiro Ohtaki. 2012. UC-secure searchable symmetric encryption. In Financial Cryptography and Data Security. Lecture Notes in Computer Science, Vol. 7397. Springer, 285--298.Google Scholar
- Eyal Kushilevitz, Steve Lu, and Rafail Ostrovsky. 2012. On the (in)security of hash-based oblivious RAM and a new balancing scheme. In Proceedings of the SODA Conference (SODA’12). 143--156. Google ScholarDigital Library
- Allison Lewko. 2012. Tools for simulating features of composite order bilinear groups in the prime order setting. In Advances in Cryptography—EUROCRYPT 2012. Lecture Notes in Computer Science, Vol. 7237. Springer, 318--335. Google ScholarDigital Library
- Peter Liesdonk, Saeed Sedghi, Jeroen Doumen, Pieter Hartel, and Willem Jonker. 2010. Computationally efficient searchable symmetric encryption. In Secure Data Management. Lecture Notes in Computer Science, Vol. 6358. Springer, 87--100. Google ScholarDigital Library
- Yanbin Lu. 2012. Privacy-preserving logarithmic-time search on encrypted data in cloud. In Proceedings of the NDSS Conference (NDSS’12).Google Scholar
- Benny Pinkas and Tzachy Reinman. 2010. Oblivious RAM revisited. In Advances in Cryptology—CRYPTO 2010. Lecture Notes in Computer Science, Vol. 6223. Springer, 502--519. Google ScholarDigital Library
- Emily Shen, Elaine Shi, and Brent Waters. 2009. Predicate privacy in encryption systems. In Proceedings of the TCC Conference (TCC’09). Springer, 457--473. Google ScholarDigital Library
- Elaine Shi, T.-H. Hubert Chan, Emil Stefanov, and Mingfei Li. 2011. Oblivious RAM with O((logN)3) worst-case cost. In Advances in Cryptology—ASIACRYPT 2011. Lecture Notes in Computer Science, Vol. 7073. Springer, 197--214. Google ScholarDigital Library
- Elaine Shi and Brent Waters. 2008. Delegating capabilities in predicate encryption systems. In Proceedings of the ICALP Conference (ICALP’08). Springer, 560--578. Google ScholarDigital Library
- D. X. Song, D. Wagner, and A. Perrig. 2000. Practical techniques for searches on encrypted data. In Proceedings of the SP Conference (SP’00). 44--55. Google ScholarDigital Library
- Emil Stefanov, Charalampos Papamanthou, and Elaine Shi. 2014. Practical dynamic searchable encryption with small leakage. In Proceedings of the NDSS Conference (NDSS’14).Google ScholarCross Ref
- E. Stefanov and E. Shi. 2013. ObliviStore: High performance oblivious cloud storage. In Proceedings of the SP Conference (SP’13). 253--267. Google ScholarDigital Library
- Emil Stefanov, Marten van Dijk, Elaine Shi, Christopher Fletcher, Ling Ren, Xiangyao Yu, and Srinivas Devadas. 2013. Path ORAM: An extremely simple oblivious RAM protocol. In Proceedings of the CCS Conference (CCS’13). ACM, New York, NY, 299--310. Google ScholarDigital Library
- Wenhai Sun, Bing Wang, Ning Cao, Ming Li, Wenjing Lou, Y. Thomas Hou, and Hui Li. 2013. Privacy-preserving multi-keyword text search in the cloud supporting similarity-based ranking. In Proceedings of the ASIA CCS Conference (ASIA CCS’13). ACM, New York, NY, 71--82. Google ScholarDigital Library
- Cong Wang, Ning Cao, Kui Ren, and Wenjing Lou. 2012. Enabling secure and efficient ranked keyword search over outsourced cloud data. IEEE Transactions on Parallel and Distributed Systems 23, 8, 1467--1479. Google ScholarDigital Library
- C. Wang, K. Ren, S. Yu, and K. Urs. 2012. Achieving usable and privacy-assured similarity search over outsourced cloud data. In Proceedings of the INFOCOM Conference (INFOCOM’12). 451--459.Google Scholar
- Qian Wang, Shengshan Hu, Kui Ren, Meiqi He, Minxin Du, and Zhibo Wang. 2015. CloudBI: Practical privacy-preserving outsourcing of biometric identification in the cloud. In Computer Security—ESORICS 2015. Lecture Notes in Computer Science, Vol. 9327. Springer, 186--205.Google Scholar
- Masayuki Yoshino, Noboru Kunihiro, Ken Naganuma, and Hisayoshi Sato. 2012. Symmetric inner-product predicate encryption based on three groups. In Provable Security. Lecture Notes in Computer Science, Vol. 7496. Springer, 215--234. Google ScholarDigital Library
Index Terms
- Dynamic and Efficient Private Keyword Search over Inverted Index--Based Encrypted Data
Recommendations
Efficient and dynamic verifiable multi-keyword searchable symmetric encryption with full security
AbstractIncreasing the popularity of cloud computing raises the importance of efforts to improve the services of this paradigm. Searching over encrypted data is a requirement for cloud storage to provide, in addition to privacy-preserving, convenient and ...
Dynamic Verifiable Encrypted Keyword Search
Outsourcing data storage to the cloud securely and retrieving the remote data in an efficient way is a very significant research topic, with high relevance to secure cloud deployment. With the ever growing security and privacy concerns, encrypting the ...
Efficient wildcard search over encrypted data
Searchable encryption is an important technique that allows the data owners to store their encrypted data in the cloud. It also maintains the ability to search a keyword over encrypted data. In practice, searchable encryption scheme supporting wildcard ...
Comments