Kui Ren,Cong Wang,Qian Wang

DOI: https://doi.org/10.1109/mnet.2012.6375896

IF: 10.294

2012-01-01

IEEE Network

Abstract:Cloud computing enables a promising paradigm of data service outsourcing, where data owners can avoid committing large capital outlays by economically storing their data to public data centers for the convenient management of data storage and utilization. Despite the tremendous benefits, outsourcing data to the commercial public cloud also opens the door for unsolicited data access in the cloud and beyond. Thus, enabling a secure and effective cloud data utilization service is of paramount importance. Given the large number of data users and huge amount of outsourced cloud data, this problem is particularly challenging as it is extremely difficult to also meet the practical requirements of performance, system usability, and high-level user searching experiences. This article investigates these challenges and in particular defines the problem of fuzzy keyword search over encrypted cloud data, which aims at accommodating various typos and representation inconsistencies in different user searching input for acceptable system usability and overall user searching experience, while protecting keyword privacy. In order to further enrich the application spectrum, we also demonstrate how the notion of fuzzy search naturally supports similarity search, a fundamental and powerful tool that is widely used in information retrieval. We describe the challenges that are not yet met by existing techniques, and discuss the research directions and possible technical approaches for these new search functionalities to become a reality.

Ming Li,Shucheng Yu,Kui Ren,Wenjing Lou,Y. Thomas Hou

DOI: https://doi.org/10.1109/mnet.2013.6574666

IF: 10.294

2013-01-01

IEEE Network

Abstract:Cloud computing is envisioned as the next generation architecture of IT enterprises, providing convenient remote access to massively scalable data storage and application services. While this outsourced storage and computing paradigm can potentially bring great economical savings for data owners and users, its benefits may not be fully realized due to wide concerns of data owners that their private data may be involuntarily exposed or handled by cloud providers. Although end-to-end encryption techniques have been proposed as promising solutions for secure cloud data storage, a primary challenge toward building a full-fledged cloud data service remains: how to effectively support flexible data utilization services such as search over the data in a privacy-preserving manner. In this article, we identify the system requirements and challenges toward achieving privacy-assured searchable outsourced cloud data services, especially, how to design usable and practically efficient search schemes for encrypted cloud storage. We present a general methodology for this using searchable encryption techniques, which allows encrypted data to be searched by users without leaking information about the data itself and users' queries. In particular, we discuss three desirable functionalities of usable search operations: supporting result ranking, similarity search, and search over structured data. For each of them, we describe approaches to design efficient privacy-assured searchable encryption schemes, which are based on several recent symmetric-key encryption primitives. We analyze their advantages and limitations, and outline the future challenges that need to be solved to make such secure searchable cloud data service a reality.

Cong Wang,Qian Wang,Kui Ren

DOI: https://doi.org/10.1109/icdcsw.2011.16

2011-01-01

Abstract:Cloud computing enables an economic paradigm of data service outsourcing, where individuals and enterprise customers can avoid committing large capital outlays in the purchase and management of both software and hardware and the operational overhead therein. Despite the tremendous benefits, outsourcing data management to the commercial public cloud is also depriving customers' direct control over the systems that manage their data, raising security and privacy as the primary obstacles to the adoption of cloud. Although data encryption helps protecting data confidentiality, it also obsoletes the traditional data utilization service based on plain text keyword search. Thus, enabling an encrypted cloud data search service with privacy-assurance is of paramount importance. Considering the large number of data users and huge amount of outsourced data files in cloud, this problem is particularly challenging as it is extremely difficult to meet also the practical requirements of performance, system usability, and high-level user searching experiences. This paper investigates these challenges and defines the problem of fuzzy keyword search over encrypted cloud data, which should be explored for effective data utilization in Cloud Computing. Fuzzy keyword search aims at accommodating various typos and representation inconsistencies in different user searching input for acceptable system usability and overall user searching experience, while protecting keyword privacy. In order to further enrich the spectrum of secure cloud data utilization services, we also study how the notion of fuzzy search naturally supports similarity search, a fundamental and powerful tool that is widely used in information retrieval. We describe the challenges that are not yet met by existing searchable encryption techniques and discuss the research directions and possible technical approaches for these new search functionalities to become a reality. The investigation of the proposed research can bec- - ome the key for cloud service providers to securely and effectively deliver value from the cloud infrastructure to their enterprise and individual customers, and thus significantly encourage the adoption of Cloud Computing in a large scale.

Zeeshan Pervez,Mahmood Ahmad,Asad Masood Khattak,Naeem Ramzan,Wajahat Ali Khan

DOI: https://doi.org/10.1371/journal.pone.0179720

IF: 3.7

2017-07-10

PLoS ONE

Abstract:Public cloud storage services are becoming prevalent and myriad data sharing, archiving and collaborative services have emerged which harness the pay-as-you-go business model of public cloud. To ensure privacy and confidentiality often encrypted data is outsourced to such services, which further complicates the process of accessing relevant data by using search queries. Search over encrypted data schemes solve this problem by exploiting cryptographic primitives and secure indexing to identify outsourced data that satisfy the search criteria. Almost all of these schemes rely on exact matching between the encrypted data and search criteria. A few schemes which extend the notion of exact matching to similarity based search, lack realism as those schemes rely on trusted third parties or due to increase storage and computational complexity. In this paper we propose Oblivious Similarity based Search ([Formula: see text]) for encrypted data. It enables authorized users to model their own encrypted search queries which are resilient to typographical errors. Unlike conventional methodologies, [Formula: see text] ranks the search results by using similarity measure offering a better search experience than exact matching. It utilizes encrypted bloom filter and probabilistic homomorphic encryption to enable authorized users to access relevant data without revealing results of search query evaluation process to the untrusted cloud service provider. Encrypted bloom filter based search enables [Formula: see text] to reduce search space to potentially relevant encrypted data avoiding unnecessary computation on public cloud. The efficacy of [Formula: see text] is evaluated on Google App Engine for various bloom filter lengths on different cloud configurations.

Cong Wang,Ning Cao,Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1109/tpds.2011.282

IF: 5.3

2012-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Cloud computing economically enables the paradigm of data service outsourcing. However, to protect data privacy, sensitive cloud data have to be encrypted before outsourced to the commercial public cloud, which makes effective data utilization service a very challenging task. Although traditional searchable encryption techniques allow users to securely search over encrypted data through keywords, they support only Boolean search and are not yet sufficient to meet the effective data utilization need that is inherently demanded by large number of users and huge amount of data files in cloud. In this paper, we define and solve the problem of secure ranked keyword search over encrypted cloud data. Ranked search greatly enhances system usability by enabling search result relevance ranking instead of sending undifferentiated results, and further ensures the file retrieval accuracy. Specifically, we explore the statistical measure approach, i.e., relevance score, from information retrieval to build a secure searchable index, and develop a one-to-many order-preserving mapping technique to properly protect those sensitive score information. The resulting design is able to facilitate efficient server-side ranking without losing keyword privacy. Thorough analysis shows that our proposed solution enjoys “as-strong-as-possible” security guarantee compared to previous searchable encryption schemes, while correctly realizing the goal of ranked keyword search. Extensive experimental results demonstrate the efficiency of the proposed solution.

Jin Li,Qian Wang,Cong Wang,Ning Cao,Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1109/infcom.2010.5462196

2010-01-01

Abstract:As Cloud Computing becomes prevalent, more and more sensitive information are being centralized into the cloud. For the protection of data privacy, sensitive data usually have to be encrypted before outsourcing, which makes effective data utilization a very challenging task. Although traditional searchable encryption schemes allow a user to securely search over encrypted data through keywords and selectively retrieve files of interest, these techniques support only exact keyword search. That is, there is no tolerance of minor typos and format inconsistencies which, on the other hand, are typical user searching behavior and happen very frequently. This significant drawback makes existing techniques unsuitable in Cloud Computing as it greatly affects system usability, rendering user searching experiences very frustrating and system efficacy very low. In this paper, for the first time we formalize and solve the problem of effective fuzzy keyword search over encrypted cloud data while maintaining keyword privacy. Fuzzy keyword search greatly enhances system usability by returning the matching files when users' searching inputs exactly match the predefined keywords or the closest possible matching files based on keyword similarity semantics, when exact match fails. In our solution, we exploit edit distance to quantify keywords similarity and develop an advanced technique on constructing fuzzy keyword sets, which greatly reduces the storage and representation overheads. Through rigorous security analysis, we show that our proposed solution is secure and privacy-preserving, while correctly realizing the goal of fuzzy keyword search.

Huanglin Shen,Linlin Xue,Haijiang Wang,Lei Zhang,Jinying Zhang

DOI: https://doi.org/10.1109/access.2021.3125729

IF: 3.9

2021-01-01

IEEE Access

Abstract:With the sustained evolution and expeditious popularization of cloud computing, an ever-increasing number of individuals and enterprises are encouraged to outsource data to cloud servers for reducing management overhead and ease of access. Privacy requirements demand encryption of sensitive information before outsourcing, which, on the other hand, diminishes the usability of data and makes considerable efficient keyword search techniques used on plaintext inapplicable. In this paper, we propose a secure multi-keyword ranked search scheme based on document similarity to work out the problem. In order to achieve the goals of multi-keyword search and ranking search results, we adopt the vector space model and TF-IDF model to generate index and query vectors. By introducing the secure kNN computation, index and query vectors can be encrypted to prevent cloud servers from obtaining sensitive frequency information. For the need of efficiency advancement, we adopt the $B^{+}$ -tree as the basic structure to build the index and construct a similar document collection for each document. Due to the use of our unique index structure, compared to linear search, the search efficiency is more exceptional. Extensive experiments on the real-world document collection are conducted to demonstrate the feasibility and efficiency of the proposed solution.

computer science, information systems,telecommunications,engineering, electrical & electronic

Na Wang,Wen Zhou,Jingjing Wang,Yifan Guo,Junsong Fu,Jianwei Liu

DOI: https://doi.org/10.1109/tifs.2024.3350909

IF: 7.231

2024-02-02

IEEE Transactions on Information Forensics and Security

Abstract:With the rapid development of cloud computing, massive amounts of data are uploaded to cloud servers for storage. For privacy protection, sensitive data should be encrypted before outsourcing, and ciphertext retrieval technologies based on similarity come into being. In cloud computing with massive data, the efficiency and accuracy of retrieval are crucial. However, most of the current similarity retrieval schemes do not perform well in these two aspects. Therefore, we propose SESR scheme, a secure and efficient similarity retrieval scheme based on homomorphic encryption. Firstly, we use Hamming distance to calculate the similarity between the feature vector of the data and query vector from the data user. Secondly, the homomorphic encryption algorithm is used to encrypt data to protect data privacy. Furthermore, we creatively design a BK-KD tree structure that hierarchically implements similarity search and fine-grained access control, thereby speeding up the retrieval efficiency. In addition, we design a two-cloud-server cooperative retrieval model and a message authentication scheme, which ensure access pattern privacy security and the integrity of the transmitted data simultaneously. We also propose an improved SESR scheme. In this scheme, we use Simhash algorithm to generate feature vectors and query vectors, which reduces storage overhead. Finally, the security of SESR is formally proved and the simulation results show the efficiency and accuracy of the retrieval scheme.

computer science, theory & methods,engineering, electrical & electronic

Kui Ren,Cong Wang

2012-01-01

Abstract:Cloud computing economically enables a fundamental paradigm of data service outsourcing, which provides lower up-front capital costs and less hands-on management. However, outsourcing data services to the commercial public cloud deprives customers' control over the systems that manage their data, raising security and privacy as the primary obstacles to the adoption of the cloud. To address these challenges, in this dissertation we explore the problem of secure and privacy-assured data service outsourcing in cloud computing. We aim at deploying the most fundamental data services including data storage, search, and sharing on the commercial public cloud, with built-in security and privacy assurance as well as high level service performance, usability, and scalability. Our contributions are as follows: Firstly, we focus on privacy-preserving secure cloud storage auditing to maintain strong storage correctness guarantee, given the difficulty that data files are no longer locally possessed by data owners. We first develop a random-masking sampling approach to allow a third party auditor to perform on-demand privacy-preserving storage correctness auditing on behalf of data owners, without violating owners' data privacy. For storage correctness assurance with data dynamics, we further investigate a novel sequence-enforced Merkle Hash Tree and manipulate it with the random sampling approach to support fully dynamic data operations. Secondly, we focus on privacy-assured and effective cloud data search services with strong privacy-assurance, while enjoying high service-level performance inherently demanded by the large number of data users and huge amount data files. We first investigate a widely applicable fuzzy/similarity keyword search problem, and develop a brand new symbol-based trie-traverse searching approach, where transformed fuzzy keywords extracted from data files are stored using a multi-way tree structure, while protecting keyword privacy. To enable search result relevance ranking, we further investigate secure ranked search, which facilitates efficient server-side result ranking without leaking any keyword related information. Thirdly, we study how to enable scalable and owner-controlled cloud data sharing services, given the challenge that data no longer resides on owners' trusted domain. We first associate data with a set of meaningful attributes, use logical composition of attributes to reflect fine-grained data access, and enforce owner's control via attribute-based encryption. For the inherent scalability requirement of cloud system, we further leverage the cloud as a mediated proxy, to which data owners can delegate most cumbersome data/user management workload, without affecting the underlying data confidentiality.

Dr. P. Karuppasamy,Dr. G. Karthikeyan,Mr. R. Sankarganesh

DOI: https://doi.org/10.48175/ijarsct-3985

2022-05-23

Abstract:With the advent of cloud computing, data owners are motivated to outsource their complex data management systems from local sites to the commercial public cloud for great flexibility and economic savings. But for protecting data privacy, sensitive data has to be encrypted before outsourcing, which obsoletes traditional data utilization based on plaintext keyword search. Thus, enabling an encrypted cloud data search service is of paramount importance. Considering the large number of data users and documents in the cloud, it is necessary to allow multiple keywords in the search request and return documents in the order of their relevance to these keywords. Related works on searchable encryption focus on single keyword search or Boolean keyword search, and rarely sort the search results. In this paper, for the first time, we define and solve the challenging problem of privacy preserving multi-keyword ranked search over encrypted cloud data (MRSE).We establish a set of strict privacy requirements for such a secure cloud data utilization system. Among various multikeyword semantics, we choose the efficient similarity measure of “coordinate matching”, i.e., as many matches as possible, to capture the relevance of data documents to the search query. We further use “inner product similarity” to quantitatively evaluate such similarity measure.

Jinkun Cao,Jinhao Zhu,Liwei Lin,Zhengui Xue,Ruhui Ma,Haibing Guan

DOI: https://doi.org/10.48550/arXiv.1904.12111

2019-04-27

Cryptography and Security

Abstract:As cloud computing becomes prevalent in recent years, more and more enterprises and individuals outsource their data to cloud servers. To avoid privacy leaks, outsourced data usually is encrypted before being sent to cloud servers, which disables traditional search schemes for plain text. To meet both end of security and searchability, search-supported encryption is proposed. However, many previous schemes suffer severe vulnerability when typos and semantic diversity exist in query requests. To overcome such flaw, higher error-tolerance is always expected for search-supported encryption design, sometimes defined as 'fuzzy search'. In this paper, we propose a new scheme of multi-keyword fuzzy search over encrypted and outsourced data. Our approach introduces a new mechanism to map a natural language expression into a word-vector space. Compared with previous approaches, our design shows higher robustness when multiple kinds of typos are involved. Besides, our approach is enhanced with novel data structures to improve search efficiency. These two innovations can work well for both accuracy and efficiency. Moreover, these designs will not hurt the fundamental security. Experiments on a real-world dataset demonstrate the effectiveness of our proposed approach, which outperforms currently popular approaches focusing on similar tasks.

Ning Cao,Cong Wang,Ming Li,Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1109/tpds.2013.45

IF: 5.3

2013-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:With the advent of cloud computing, data owners are motivated to outsource their complex data management systems from local sites to the commercial public cloud for great flexibility and economic savings. But for protecting data privacy, sensitive data has to be encrypted before outsourcing, which obsoletes traditional data utilization based on plaintext keyword search. Thus, enabling an encrypted cloud data search service is of paramount importance. Considering the large number of data users and documents in the cloud, it is necessary to allow multiple keywords in the search request and return documents in the order of their relevance to these keywords. Related works on searchable encryption focus on single keyword search or Boolean keyword search, and rarely sort the search results. In this paper, for the first time, we define and solve the challenging problem of privacy-preserving multi-keyword ranked search over encrypted cloud data (MRSE). We establish a set of strict privacy requirements for such a secure cloud data utilization system. Among various multi-keyword semantics, we choose the efficient similarity measure of "coordinate matching", i.e., as many matches as possible, to capture the relevance of data documents to the search query. We further use "inner product similarity" to quantitatively evaluate such similarity measure. We first propose a basic idea for the MRSE based on secure inner product computation, and then give two significantly improved MRSE schemes to achieve various stringent privacy requirements in two different threat models. Thorough analysis investigating privacy and efficiency guarantees of proposed schemes is given. Experiments on the real-world dataset further show proposed schemes indeed introduce low overhead on computation and communication.

Baojia Zhang,He Zhang,Boqun Yan,Yuan Zhang

DOI: https://doi.org/10.1145/2898445.2898451

2016-01-01

Abstract:With the increasing popularity of cloud storage services, many individuals and enterprises start to move their local data to the clouds. To ensure their privacy and data security, some cloud service users may want to encrypt their data before outsourcing them. However, this impedes efficient data utilities based on the plain text search. In this paper, we study how to construct a secure index that supports both efficient index updating and similarity search. Using the secure index, users are able to efficiently perform similarity searches tolerating input mistakes and update the index when new data are available. We formally prove the security of our proposal and also perform experiments on real world data to show its efficiency.

Jing He,Yiming Wu,Guangli Xiang,Zhendong Wu,Shouling Ji

DOI: https://doi.org/10.1007/978-3-319-69471-9_33

2017-01-01

Abstract:Encrypting data before outsourcing data has become a challenge in using traditional search algorithms. Many techniques have been proposed to cater the needs. However, as cloud service has a pay-as-you-go basis, these techniques are inefficiency. In this paper we attack the challenging problem by proposing an approximate multi keyword search with multi factor ranking over encrypted cloud data. Moreover, we establish strict privacy requirements and prove that the proposed scheme is secure in terms of privacy. To the best of our knowledge, we are the first who propose approximate matching technique on semantic search. Furthermore, to improve search efficiency, we consider multi-factor ranking technique to rank a query for documents. Through comprehensive experimental analysis combined with real world data, our proposed technique shows more efficiency and can retrieve more accurate results and meanwhile improve privacy by introducing randomness in query data.

Li Xu,Chi-Yao Weng,Lun-Pin Yuan,Mu-En Wu,Raylin Tso,Hung-Min Sun

DOI: https://doi.org/10.1007/s11227-015-1515-8

2015-01-01

Abstract:Cloud storage is one of the most important applications in our daily lives. User can store their own data into cloud storage and remotely access the saved data. Owing to the social media develops, users can share the digital files to other users, leading to the amount of data growing rapidly and searching abilities necessarily. In the some cases, servers cannot avoid data leakage even if the server provides complete access control. The encrypted data is a best way to resolve this problem but it may eliminate original structure and searching may become impossible. Applying searchable encryption for each receiver may produce messy duplication and occupy the quota of cloud storage from each receiver. User requires keeping their shared documents belonging up to date which are compared with the latest version. To this aim, we thus propose a sharable ID-based encryption with keyword search in cloud computing environment, which enables users to search in data owners’ shared storage while preserving privacy of data. For the performance analysis, we demonstrate the compared resultant with others ID-based or ID-relative encryption. In addition to that, we show the formal proof to verify the security of our proposed.

Yandong Zheng,Hui Zhu,Rongxing Lu,Songnian Zhang,Yunguo Guan,Fengwei Wang,Jun Shao,Hui Li

DOI: https://doi.org/10.1109/tifs.2024.3413630

IF: 7.231

2024-06-22

IEEE Transactions on Information Forensics and Security

Abstract:Outsourcing big data to cloud servers has gained prominence, and growing concerns about privacy, alongside privacy-related regulations, underscore the need to encrypt data before sending them to the cloud. Nevertheless, encryption significantly hampers the query capabilities of data, particularly in the case of vertically distributed data. This paper focuses on developing secure and efficient similarity query schemes for vertically distributed data in cloud environments. As is known, current solutions are constrained by limitations in query efficiency, approximate query results, and their ability to support vertical data. To address these issues, we introduce two novel schemes: a Fast Similarity Query Scheme (FSQ) and a Non-interactive Similarity Query Scheme (NoSQ) for outsourced distributed data. In the FSQ scheme, we enhance query efficiency by designing a trusted execution environment (TEE) assisted fast secret sharing (FSS) scheme and a series of FSS-based private algorithms, enabling secure data index construction and fast similarity query processing. For the NoSQ scheme, we eliminate communication overheads by designing a TEE assisted non-interactive secret sharing (NoSS) scheme and a series of NoSS-based private algorithms. Both schemes have undergone rigorous security validation using a simulation-based real/ideal worlds model, and their efficiency has been confirmed through comprehensive experiments.

computer science, theory & methods,engineering, electrical & electronic

Ling Huaze,Xue Kaiping,Wei David S.L.,Li Ruidong

DOI: https://doi.org/10.52396/JUST-2021-0071

2021-01-01

Journal of University of Science and Technology of China

Abstract:As more and more enterprises and individuals choose to outsource their encrypted private data to the cloud, Searchable Encryption ( SE) , which solves the issue of keyword-searching over encrypted data, is becoming much more important. To overcome typos and semantic diversity existing in query requests, fuzzy search is introduced to achieve a misspelling-tolerate search-supported encryption scheme. However, current schemes of fuzzy search over encrypted data not only bring in high computing and communication overhead in multi-user scenarios but also are unable to cover all kinds of error types under the premise of an effective accuracy. In this paper, we thus propose a multi-user multi-keyword fuzzy searchable encryption scheme. Specifically, we introduce the permuterm index to support multi-keyword wildcard search which can solve more kinds of misspelling with a higher degree of correctness. Moreover, by letting the cloud server re-encrypt indexes user encrypt, our scheme supports unshared-key multi-user fuzzy search, reducing users ' computing overhead effectively and improving the level of privacy-preserving. The results of experiments demonstrate that, compared with existing schemes, our scheme not only has a better accuracy rate, but also supports more varieties of misspelling keyword search with acceptable computational overhead.

Lu Liu,Jingchao Sun,Jianqiang Li,Rong Li,Juan Li,Xi Meng,Huifang Li,Jijiang Yang

DOI: https://doi.org/10.1109/SmartCity.2015.205

2015-01-01

Abstract:With the development of healthcare industry, healthcare informatization provides great potential for the health-care improvement. The cloud computing platform, which is an important infrastructure for the inter( intra)-organization collaboration, provides a shared storage space to the medical data sharing. For the privacy protection of medical data, sensitive data has to be encrypted before being transmitted to the cloud, which makes it more challenging to use these data in the cloud. For strengthening the utilization of encrypted cloud data, various encrypted search technologies are widely studied. However, these existing searchable encryption schemes may not enforce users' demands well. This paper proposes a privacy enhanced search approach for cloud-based medical data sharing. The proposed solution implements a hybrid search approach, where the search process is conducted across plaintext and ciphertext. Moreover, the enhanced access control can ensure the privacy protection of cloud data. The empirical experiments illustrate the effectiveness of our solution.

Fateh Boucenna

DOI: https://doi.org/10.48550/arXiv.2002.10294

2020-02-24

Cryptography and Security

Abstract:Companies and individuals demand more and more storage space and computing power. For this purpose, several new technologies have been designed and implemented, such as the cloud computing. This technology provides its users with storage space and computing power according to their needs in a flexible and personalized way. However, the outsourced data such as emails, electronic health records, and company reports are sensitive and confidential. Therefore, It is primordial to protect the outsourced data against possible external attacks and the cloud server itself. That is why it is highly recommended to encrypt the sensitive data before being outsourced to a remote server. To perform searches over outsourced data, it is no longer possible to exploit traditional search engines given that these data are encrypted. Consequently, lots of searchable encryption (SE) schemes have been proposed in the literature. Three major research axes of searchable encryption area have been studied in the literature. The first axis consists in ensuring the security of the search approach. Indeed, the search process should be performed without decryption any data and without causing any sensitive information leakage. The second axis consists in studying the search performance. In fact, the encrypted indexes are less efficient than the plaintext indexes, which makes the searchable encryption schemes very slow in practice. More the approach is secure, less it is efficient, thus, the challenge consists in finding the best compromise between security and performance. Finally, the third research axis consists in the quality of the returned results in terms of relevance and recall. The problem is that the encryption of the index causes the degradation of the recall and the precision. Therefore, the goal is to propose a technique that is able to obtain almost the same result obtained in the traditional search.

Wanyu Lin,Helei Cui,Baochun Li,Cong Wang

DOI: https://doi.org/10.1109/tpds.2020.3042695

IF: 5.3

2021-05-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Privacy-preserving similarity search plays an essential role in data analytics, especially when very large encrypted datasets are stored in the cloud. Existing mechanisms on privacy-preserving similarity search were not able to support secure updates (addition and deletion) efficiently when frequent updates are needed. In this article, we propose a new mechanism to support parallel privacy-preserving similarity search in a distributed key-value store in the cloud, with a focus on efficient addition and deletion operations, both executed with sublinear time complexity. If search accuracy is the top priority, we further leverage Yao's garbled circuits and the homomorphic property of Hash-ElGamal encryption to build a secure evaluation protocol, which can obtain the top-$R$<math>R</math> most accurate results without extensive client-side post-processing. We have formally analyzed the security strength of our proposed approach, and performed an extensive array of experiments to show its superior performance as compared to existing mechanisms in the literature. In particular, we evaluate the performance of our proposed protocol with respect to the time it takes to build the index and perform similarity queries. Extensive experimental results demonstrated that our protocol can speedup the index building process by up to 800× with 2 threads and the similarity queries by up to $sim $<math>∼</math>7× with comparable accuracy, as compared to the state-of-the-art in the literature.

computer science, theory & methods,engineering, electrical & electronic