Chang Xu,Ruijuan Wang,Liehuang Zhu,Chuan Zhang,Rongxing Lu,Kashif Sharif

DOI: https://doi.org/10.48550/arXiv.2203.13662

2022-03-25

Cryptography and Security

Abstract:Searchable symmetric encryption (SSE) supports keyword search over outsourced symmetrically encrypted data. Dynamic searchable symmetric encryption (DSSE), a variant of SSE, further enables data updating. Most DSSE works with conjunctive keyword search primarily consider forward and backward privacy. Ideally, the server should only learn the result sets involving all keywords in the conjunction. However, existing schemes suffer from keyword pair result pattern (KPRP) leakage, revealing the partial result sets containing two of query keywords. We propose the first DSSE scheme to address aforementioned concerns that achieves strong privacy-preserving conjunctive keyword search. Specifically, our scheme can maintain forward and backward privacy and eliminate KPRP leakage, offering a higher level of security. The search complexity scales with the number of documents stored in the database in several existing schemes. However, the complexity of our scheme scales with the update frequency of the least frequent keyword in the conjunction, which is much smaller than the size of the entire database. Besides, we devise a least frequent keyword acquisition protocol to reduce frequent interactions between clients. Finally, we analyze the security of our scheme and evaluate its performance theoretically and experimentally. The results show that our scheme has strong privacy preservation and efficiency.

Ling Huaze,Xue Kaiping,Wei David S.L.,Li Ruidong

DOI: https://doi.org/10.52396/JUST-2021-0071

2021-01-01

Journal of University of Science and Technology of China

Abstract:As more and more enterprises and individuals choose to outsource their encrypted private data to the cloud, Searchable Encryption ( SE) , which solves the issue of keyword-searching over encrypted data, is becoming much more important. To overcome typos and semantic diversity existing in query requests, fuzzy search is introduced to achieve a misspelling-tolerate search-supported encryption scheme. However, current schemes of fuzzy search over encrypted data not only bring in high computing and communication overhead in multi-user scenarios but also are unable to cover all kinds of error types under the premise of an effective accuracy. In this paper, we thus propose a multi-user multi-keyword fuzzy searchable encryption scheme. Specifically, we introduce the permuterm index to support multi-keyword wildcard search which can solve more kinds of misspelling with a higher degree of correctness. Moreover, by letting the cloud server re-encrypt indexes user encrypt, our scheme supports unshared-key multi-user fuzzy search, reducing users ' computing overhead effectively and improving the level of privacy-preserving. The results of experiments demonstrate that, compared with existing schemes, our scheme not only has a better accuracy rate, but also supports more varieties of misspelling keyword search with acceptable computational overhead.

Xi Zhang,Cheng Huang,Ye Su,Jing Qin

DOI: https://doi.org/10.1109/tsc.2024.3442558

IF: 11.019

2024-10-11

IEEE Transactions on Services Computing

Abstract:In this paper, we propose a Mergeable Searchable Symmetric Encryption (MSSE) scheme to enable secure keyword search and updates over encrypted cloud data. Particularly, MSSE allows flexible keyword merging, where users can remotely merge file identifiers associated with keywords to create new keyword-to-file identifier relationships. The function is designed for a user to manage their outsourced data conveniently. To this end, we first introduce a new encrypted index where each keyword's relevant file identifiers are grouped, encoded, and encrypted with super-increasing sequences and homomorphic encryption. With such an index, users leverage Distributed Multi-point Functions (DMPFs) to achieve secure keyword search and merge, maintaining efficiency while ensuring high privacy. To address the issue of maintaining "merging consistency" between pre-merged entries and newly updated entries, we employ the DMPF on clusters that incorporate the updated files. The approach significantly minimizes client-side computational overhead compared to re-executing the entire keyword merging process. We formally prove that MSSE can achieve parallel privacy. Extensive performance evaluation shows that MSSE is efficient in terms of computational and communication overheads.

computer science, information systems, software engineering

Minghao Zhao,Han Jiang,Zhen Li,Qiuliang Xu,Hao Wang,Shaojing Li

DOI: https://doi.org/10.1504/ijhpcn.2018.10015546

2018-01-01

International Journal of High Performance Computing and Networking

Abstract:Searchable encryption is a significant cryptographic primitive to ensure storage security and data privacy in cloud computing environment. It allows a client to store a collection of encrypted documents on server, and latterly, according to specific search criteria, perform keyword-based searches and retrieve the documents, meanwhile ensuring that it reveals minimal information to the server. Early research on searchable encryption schemes mainly focused on the efficiency, the security and the query expressiveness, and nowadays, the studies have been paying attention to searchable encryption that supports dataset update dynamically. In this paper, we propose a new dynamic symmetric searchable encryption scheme. In the aspect of efficiency, the complexity of search algorithm is O(1), while file addition and deletion are O(m"n) and O(N) respectively (here m" means the number of keywords in a document; N means the number of document-keyword pairs and n means the size of keywords dictionary), which indicates the overall efficiency is superior to the existing schemes; in terms of security, this scheme can resist selective keyword attack, and compared with former ones, it achieves less information leakage.

Feng Li,Jianfeng Ma,Yinbin Miao,Ximeng Liu,Jianting Ning,Robert H. Deng

DOI: https://doi.org/10.1145/3617991

IF: 16.6

2024-01-01

ACM Computing Surveys

Abstract:Outsourcing data to the cloud has become prevalent, so Searchable Symmetric Encryption (SSE), one of the methods for protecting outsourced data, has arisen widespread interest. Moreover, many novel technologies and theories have emerged, especially for the attacks on SSE and privacy-preserving. But most surveys related to SSE concentrate on one aspect (e.g., single keyword search, fuzzy keyword search) or lack in-depth analysis. Therefore, we revisit the existing work and conduct a comprehensive analysis and summary. We provide an overview of state-of-the-art in SSE and focus on the privacy it can protect. Generally, (1) we study the work of the past few decades and classify SSE based on query expressiveness. Meanwhile, we summarize the existing schemes and analyze their performance on efficiency, storage space, index structures, and so on.; (2) we complement the gap in the privacy of SSE and introduce in detail the attacks and the related defenses; (3) we discuss the open issues and challenges in existing schemes and future research directions. We desire that our work will help novices to grasp and understand SSE comprehensively. We expect it can inspire the SSE community to discover more crucial leakages and design more efficient and secure constructions.

Haorui Du,Jianhua Chen,Ming Chen,Cong Peng,Debiao He

DOI: https://doi.org/10.1155/2022/2336685

2022-10-21

Wireless Communications and Mobile Computing

Abstract:Outsourcing data to cloud services is a good solution for users with limited computing resources. Privacy and confidentiality of data is jeopardized when data is transferred and shared in the cloud. The development of searchable cryptography offers the possibility to solve these problems. Symmetric searchable encryption (SSE) is popular among researchers because it is efficient and secure. SSE often requires the data sender and data receiver to use the same key to generate key ciphertext and trapdoor, which will obviously cause the problem of key management. Searchable encryption based on public key can simplify the key management problem. A public key encryption scheme with keyword search (PEKS) allows multiple senders to encrypt keywords under the receiver's public key. It is vulnerable to keyword guessing attacks (KGA) due to the small size of the keywords. The proposal of public key authenticated encryption with keyword search (PAEKS) is mainly to resist inside keyword guessing attacks. The previous security models do not involve the indistinguishability of the same keywords ( w 0 × × = w 1 ), which brings the user's search pattern easy to leak. The essential reason is that the trapdoor generation algorithm is deterministic. At the same time, most of the existing schemes use bilinear pair design, which greatly reduces the efficiency of the scheme. To address these problems, the paper introduces an improved PAEKS model. We design a lightweight public key authentication encryption scheme based on the Diffie-Hellman protocol. Then, we prove the ciphertext indistinguishability security and trapdoor indistinguishability security of the scheme in the improved security model. Finally, the paper demonstrates its comparable security and computational efficiency by comparing it with previous PAEKS schemes. Meanwhile, we conduct an experimental evaluation based on the cryptographic library. Experimental results show that the computational overhead of our scheme compared with the ciphertext generation algorithm, trapdoor generation algorithm and test algorithm of other schemes Our scheme reduces 274, 158 and 60 times, respectively.

computer science, information systems,telecommunications,engineering, electrical & electronic

Haining Lu,Dawu Gu,Chongying Jin,Yinqi Tang

DOI: https://doi.org/10.1109/cloudcom.2012.6427599

2012-01-01

Abstract:In order to protect the data privacy, cloud users usually outsource the encrypted form of their data to the cloud servers, which brings a challenge when they want to search their encrypted data in cloud. Searchable encryption techniques solve this problem by allowing the cloud servers to search on the encrypted data without decrypting the ciphertext or the searching keywords.In this paper, we propose a construction which can dramatically reduce the size of extra storage in the searchable symmetric encryption schemes and still remain efficiency. And security analysis shows that our construction can achieve non-adaptive secure. Further investigation and experiments show that our construction is suitable for not only single keyword search but also more complex search including conjunctive search, disjunctive search and phrase search.

Jinkun Cao,Jinhao Zhu,Liwei Lin,Zhengui Xue,Ruhui Ma,Haibing Guan

DOI: https://doi.org/10.48550/arXiv.1904.12111

2019-04-27

Cryptography and Security

Abstract:As cloud computing becomes prevalent in recent years, more and more enterprises and individuals outsource their data to cloud servers. To avoid privacy leaks, outsourced data usually is encrypted before being sent to cloud servers, which disables traditional search schemes for plain text. To meet both end of security and searchability, search-supported encryption is proposed. However, many previous schemes suffer severe vulnerability when typos and semantic diversity exist in query requests. To overcome such flaw, higher error-tolerance is always expected for search-supported encryption design, sometimes defined as 'fuzzy search'. In this paper, we propose a new scheme of multi-keyword fuzzy search over encrypted and outsourced data. Our approach introduces a new mechanism to map a natural language expression into a word-vector space. Compared with previous approaches, our design shows higher robustness when multiple kinds of typos are involved. Besides, our approach is enhanced with novel data structures to improve search efficiency. These two innovations can work well for both accuracy and efficiency. Moreover, these designs will not hurt the fundamental security. Experiments on a real-world dataset demonstrate the effectiveness of our proposed approach, which outperforms currently popular approaches focusing on similar tasks.

Zhenkui Shi,Xuemei Fu,Xianxian Li,Kai Zhu

DOI: https://doi.org/10.1109/tkde.2020.3025348

IF: 9.235

2020-01-01

IEEE Transactions on Knowledge and Data Engineering

Abstract:Symmetric Searchable Encryption(SSE) is deemed to tackle the privacy issue as well as the operability and confidentiality in data outsourcing. However, most SSE schemes assume that the cloud is honest but curious. This assumption is not always applicable. And even if some schemes supported verification, integrity or freshness checking in a malicious cloud, but the performance and security functionalities are not fully exploited. In this paper, we propose an efficient SSE scheme based on B+-Tree and Counting Bloom Filter (CBF) which supports secure verification, dynamic updating, and multi-user queries. Comparing with the previous state of the arts, we design the new data structure CBF to support dynamic updating and boost verification. We also leverage the timestamp mechanism in the scheme to prevent the malicious cloud from launching a replay attack. The new designed CBF is like a front-engine to save user's cost for query and verification. And it can achieve more efficient query and verification with negligible false positive when there is no value matching the queried keyword. The CBF supports efficient dynamic updating by combining Bloom Filter with a one-dimensional array that provides the counting capability. Furthermore, we design the authenticator for CBF. We adopt B+-Tree for it is widely used in many database engines and file systems. We also give a brief security proof of our scheme. Then we provide a detailed performance analysis. Finally, we evaluate our scheme through comprehensive experiments. The results are consistent with our analysis and show that our scheme is secure, and more efficient compared with the previous schemes with the same functionalities. The average performance can be improved by about 20 percent for both the cloud servers and users when the missing rate of the searching keywords is 20 percent. And the higher the missing rate is, the more the performance can be improved.

Qingqing Gan,Joseph K. Liu,Xiaoming Wang,Xingliang Yuan,Shi-Feng Sun,Daxin Huang,Cong Zuo,Jianfeng Wang

DOI: https://doi.org/10.1007/s11704-021-0601-8

IF: 2.6688

2022-04-02

Frontiers of Computer Science

Abstract:Searchable symmetric encryption (SSE) has been introduced for secure outsourcing the encrypted database to cloud storage, while maintaining searchable features. Of various SSE schemes, most of them assume the server is honest but curious, while the server may be trustless in the real world. Considering a malicious server not honestly performing the queries, verifiable SSE (VSSE) schemes are constructed to ensure the verifiability of the search results. However, existing VSSE constructions only focus on single-keyword search or incur heavy computational cost during verification. To address this challenge, we present an efficient VSSE scheme, built on OXT protocol (Cash et al., CRYPTO 2013), for conjunctive keyword queries with sublinear search overhead. The proposed VSSE scheme is based on a privacy-preserving hash-based accumulator, by leveraging a well-established cryptographic primitive, Symmetric Hidden Vector Encryption (SHVE). Our VSSE scheme enables both correctness and completeness verifiability for the result without pairing operations, thus greatly reducing the computational cost in the verification process. Besides, the proposed VSSE scheme can still provide a proof when the search result is empty. Finally, the security analysis and experimental evaluation are given to demonstrate the security and practicality of the proposed scheme.

computer science, information systems, theory & methods, software engineering

Jin Li,Qian Wang,Cong Wang,Ning Cao,Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1109/infcom.2010.5462196

2010-01-01

Abstract:As Cloud Computing becomes prevalent, more and more sensitive information are being centralized into the cloud. For the protection of data privacy, sensitive data usually have to be encrypted before outsourcing, which makes effective data utilization a very challenging task. Although traditional searchable encryption schemes allow a user to securely search over encrypted data through keywords and selectively retrieve files of interest, these techniques support only exact keyword search. That is, there is no tolerance of minor typos and format inconsistencies which, on the other hand, are typical user searching behavior and happen very frequently. This significant drawback makes existing techniques unsuitable in Cloud Computing as it greatly affects system usability, rendering user searching experiences very frustrating and system efficacy very low. In this paper, for the first time we formalize and solve the problem of effective fuzzy keyword search over encrypted cloud data while maintaining keyword privacy. Fuzzy keyword search greatly enhances system usability by returning the matching files when users' searching inputs exactly match the predefined keywords or the closest possible matching files based on keyword similarity semantics, when exact match fails. In our solution, we exploit edit distance to quantify keywords similarity and develop an advanced technique on constructing fuzzy keyword sets, which greatly reduces the storage and representation overheads. Through rigorous security analysis, we show that our proposed solution is secure and privacy-preserving, while correctly realizing the goal of fuzzy keyword search.

Cong Wang,Ning Cao,Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1109/tpds.2011.282

IF: 5.3

2012-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Cloud computing economically enables the paradigm of data service outsourcing. However, to protect data privacy, sensitive cloud data have to be encrypted before outsourced to the commercial public cloud, which makes effective data utilization service a very challenging task. Although traditional searchable encryption techniques allow users to securely search over encrypted data through keywords, they support only Boolean search and are not yet sufficient to meet the effective data utilization need that is inherently demanded by large number of users and huge amount of data files in cloud. In this paper, we define and solve the problem of secure ranked keyword search over encrypted cloud data. Ranked search greatly enhances system usability by enabling search result relevance ranking instead of sending undifferentiated results, and further ensures the file retrieval accuracy. Specifically, we explore the statistical measure approach, i.e., relevance score, from information retrieval to build a secure searchable index, and develop a one-to-many order-preserving mapping technique to properly protect those sensitive score information. The resulting design is able to facilitate efficient server-side ranking without losing keyword privacy. Thorough analysis shows that our proposed solution enjoys “as-strong-as-possible” security guarantee compared to previous searchable encryption schemes, while correctly realizing the goal of ranked keyword search. Extensive experimental results demonstrate the efficiency of the proposed solution.

Jianting Ning,Jiageng Chen,Kaitai Liang,Joseph K. Liu,Chunhua Su,Qianhong Wu

DOI: https://doi.org/10.1109/tsc.2020.3004988

IF: 11.019

2022-01-01

IEEE Transactions on Services Computing

Abstract:Outsourcing encrypted data to cloud servers that has become a prevalent trend among Internet users to date. There is a long list of advantages on data outsourcing, such as the reduction cost of local data management. How to securely operate encrypted data (remotely), however, is the top-rank concern over data owner. Liang et al. proposed a novel encrypted cloud-based data share and search system without loss of privacy. The system allows users to flexibly search and share encrypted data as well as updating keyword field. However, the search complexity of the system is of extreme inefficiency, O(nd), where d is the total number of system files and n is the size of query formula. This article, for the first time, leverages the "oblivious cross search" technology in public key searchable encryption context to reduce the search complexity to only O(nf(w)), where f(w) is the number of files embedded with the "least frequent keyword" w. The new scheme maintains efficient encrypted data share and keyword field update as well. This article further revisits the security models for payload security, keyword privacy and search token privacy (i.e., search pattern privacy) and meanwhile, presents security and efficiency analysis for the new scheme.

Fateh Boucenna

DOI: https://doi.org/10.48550/arXiv.2002.10294

2020-02-24

Cryptography and Security

Abstract:Companies and individuals demand more and more storage space and computing power. For this purpose, several new technologies have been designed and implemented, such as the cloud computing. This technology provides its users with storage space and computing power according to their needs in a flexible and personalized way. However, the outsourced data such as emails, electronic health records, and company reports are sensitive and confidential. Therefore, It is primordial to protect the outsourced data against possible external attacks and the cloud server itself. That is why it is highly recommended to encrypt the sensitive data before being outsourced to a remote server. To perform searches over outsourced data, it is no longer possible to exploit traditional search engines given that these data are encrypted. Consequently, lots of searchable encryption (SE) schemes have been proposed in the literature. Three major research axes of searchable encryption area have been studied in the literature. The first axis consists in ensuring the security of the search approach. Indeed, the search process should be performed without decryption any data and without causing any sensitive information leakage. The second axis consists in studying the search performance. In fact, the encrypted indexes are less efficient than the plaintext indexes, which makes the searchable encryption schemes very slow in practice. More the approach is secure, less it is efficient, thus, the challenge consists in finding the best compromise between security and performance. Finally, the third research axis consists in the quality of the returned results in terms of relevance and recall. The problem is that the encryption of the index causes the degradation of the recall and the precision. Therefore, the goal is to propose a technique that is able to obtain almost the same result obtained in the traditional search.

Xi Zhang,Cheng Huang,Ye Su,Jing Qin,Xuemin (Sherman) Shen

DOI: https://doi.org/10.1109/GLOBECOM48099.2022.10001357

2022-01-01

Abstract:Searchable Symmetric Encryption (SSE) is a promising method for users to store data in remote clouds securely and search them using keywords over an encrypted index. In this paper, we explore a new function named "keyword diverting" and propose a variant of SSE named Divertible Searchable Symmetric Encryption (DivSSE). Specifically, the index in DivSSE is encoded into an inverted, compressed, and encrypted format, by using the super-increasing sequence, symmetric homomorphic encryption (SHE), and a secure hash function. According to the homomorphic properties of SHE, users can construct a unique keyword diverting token, which can be utilized to update the encrypted index by obliviously merging data identifiers corresponding to different keywords without searching in advance and thus achieve keyword diverting. Moreover, based on function secret sharing, DivSSE can protect users' search patterns and reduce communication costs with the assistance of two independent clouds. Detailed security proof demonstrates that DivSSE can achieve parallel privacy, forward privacy, and backward privacy. Extensive performance evaluation also shows that DivSSE is efficient in terms of computational and communication overheads.

Cong Wang,Kui Ren,Shucheng Yu,Karthik Mahendra Raje Urs

DOI: https://doi.org/10.1109/infcom.2012.6195784

2012-01-01

Abstract:As the data produced by individuals and enterprises that need to be stored and utilized are rapidly increasing, data owners are motivated to outsource their local complex data management systems into the cloud for its great flexibility and economic savings. However, as sensitive cloud data may have to be encrypted before outsourcing, which obsoletes the traditional data utilization service based on plaintext keyword search, how to enable privacy-assured utilization mechanisms for outsourced cloud data is thus of paramount importance. Considering the large number of on-demand data users and huge amount of outsourced data files in cloud, the problem is particularly challenging, as it is extremely difficult to meet also the practical requirements of performance, system usability, and high-level user searching experiences.In this paper, we investigate the problem of secure and efficient similarity search over outsourced cloud data. Similarity search is a fundamental and powerful tool widely used in plaintext information retrieval, but has not been quite explored in the encrypted data domain. Our mechanism design first exploits a suppressing technique to build storage-efficient similarity keyword set from a given document collection, with edit distance as the similarity metric. Based on that, we then build a private trie-traverse searching index, and show it correctly achieves the defined similarity search functionality with constant search time complexity. We formally prove the privacy-preserving guarantee of the proposed mechanism under rigorous security treatment. To demonstrate the generality of our mechanism and further enrich the application spectrum, we also show our new construction naturally supports fuzzy search, a previously studied notion aiming only to tolerate typos and representation inconsistencies in the user searching input. The extensive experiments on Amazon cloud platform with real data set further demonstrate the validity and practicality of the proposed mechanism.

Peter van Liesdonk,Saeed Sedghi,Jeroen Doumen,Pieter Hartel,Willem Jonker

DOI: https://doi.org/10.1007/978-3-642-15546-8_7

2010-01-01

Abstract:Searchable encryption is a technique that allows a client to store documents on a server in encrypted form. Stored documents can be retrieved selectively while revealing as little information as possible to the server. In the symmetric searchable encryption domain, the storage and the retrieval are performed by the same client. Most conventional searchable encryption schemes suffer from two disadvantages. First, searching the stored documents takes time linear in the size of the database, and/or uses heavy arithmetic operations. Secondly, the existing schemes do not consider adaptive attackers; a search-query will reveal information even about documents stored in the future. If they do consider this, it is at a significant cost to the performance of updates. In this paper we propose a novel symmetric searchable encryption scheme that offers searching at constant time in the number of unique keywords stored on the server. We present two variants of the basic scheme which differ in the efficiency of search and storage. We show how each scheme could be used in a personal health record system.

Yinqi Tang,Dawu Gu,Ning Ding,Haining Lu

DOI: https://doi.org/10.1109/ICDCSW.2012.89

2012-01-01

Abstract:We study the case of searching over encrypted data from a remote server. In order to retrieve the encrypted documents that satisfy a client's criteria, a special index must be built and sent by the client together with encrypted documents. A trapdoor will also be produced to offer the privilege to search on the index. In the area of searchable encryption, many works mainly focused on search criteria consisting of a single keyword or conjunctive keywords. Up until now, searching of the exact documents that contain a phrase, or consecutive keywords still remains an unsolved problem. We first define the model of phrase search over encrypted data with symmetric encryption and its security definition based on the latest security definition raised by R. Curtmola. Then we propose a construction for phrase search with symmetric encryption (PSSE), which meets the functionality of searching a phrase over encrypted documents securely and efficiently. The computing complexity of our scheme when performing a query is linear in the size of the phrase, and at a moderate communication cost between server and client as well. In addition, we prove that our scheme achieves non-adaptive security.

Lixue Sun,Chunxiang Xu,Yuan Zhang

DOI: https://doi.org/10.1016/j.jisa.2018.03.002

IF: 4.96

2018-01-01

Journal of Information Security and Applications

Abstract:Searchable symmetric encryption (SSE) allows one to outsource a collection of encrypted documents to a remote server, and later conduct keyword searches on these encrypted documents, while revealing minimal information to the server. Most existing SSE schemes are only proved adaptively secure against the untrusted server in the random oracle model. To enhance security, we consider the security in the standard model when designing an SSE scheme. We extend the OXT protocol of Cash et al. to support arbitrary boolean query in multi-client setting while achieving update of documents. Our scheme realizes access control on documents without requiring per-query interaction between the data owner and each client. In addition, we give a new effective T-set instantiation, which supports update of the index files. Besides, our scheme achieves provable security against adaptive adversarial server and malicious clients in the standard model. Finally, performance analysis shows the applicability of our scheme. (C) 2018 Elsevier Ltd. All rights reserved.

Hua Zhang,Shaohua Zhao,Ziqing Guo,Qiaoyan Wen,Wenmin Li,Fei Gao

DOI: https://doi.org/10.1109/tcc.2021.3092358

IF: 5.697

2021-01-01

IEEE Transactions on Cloud Computing

Abstract:Searchable encryption (SE) is a powerful technology that enables keyword-based search over encrypted data becomes possible. However, most SE schemes focus on exact keyword search which can not tolerate misspellings and typos. Existing fuzzy keyword search schemes only support fuzzy search within a limited similarity threshold $d$d, the storage cost will grow exponentially or the precision of search results will greatly decrease as $d$d increases. Moreover, the current fuzzy keyword ranked search schemes consider only the keyword weight, and disregard the influence of keyword morphology similarity on the ranking. In this article, we propose a scalable fuzzy keyword ranked search scheme over encrypted data under hybrid clouds architecture. We use the edit distance to measure the similarity of keywords and design an edit distance algorithm over encrypted data, in which our scheme achieves fuzzy keyword search for any similarity threshold $d$d with a constant storage size and accurate search results. Furthermore, we design a two-factor ranking function combining keyword weight with keyword morphology similarity, which is utilized to rank the search results and enhance system usability. Extensive experiments are performed to demonstrate the trade-off of efficiency and security of the proposed scheme.

computer science, information systems, theory & methods