Ce Yang,Weiming Zhang,Jun Xu,Jiajia Xu,Nenghai Yu

DOI: https://doi.org/10.1109/CSC.2012.23

2012-01-01

Abstract:Nowadays, more and more people outsource their data to cloud servers for great flexibility and economic savings. Due to considerations on security, private data is usually protected by encryption before sending to cloud. How to utilize data efficiently while preserving user's privacy is a new challenge. In this paper, we focus on a efficient multi-keyword search scheme meeting a strict privacy requirement. First, we make a short review of two existing schemes supporting multi-keyword search, the kNN-based MRSE scheme and scheme based on bloom filter. Based on the kNN-based scheme, we propose an improved scheme. Our scheme adopt a product of three sparse matrix pairs instead of the original dense matrix pair to encrypt index, and thus get a significant improvement in efficiency. Then, we combine our improved scheme with bloom filter, and thus gain the ability for index updating. Simulation Experiments show proposed scheme indeed introduces low overhead on computation and storage.

Zhangjie Fu,Xinle Wu,Chaowen Guan,Xingming Sun,Kui Ren

DOI: https://doi.org/10.1109/tifs.2016.2596138

IF: 7.231

2016-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Keyword-based search over encrypted outsourced data has become an important tool in the current cloud computing scenario. The majority of the existing techniques are focusing on multi-keyword exact match or single keyword fuzzy search. However, those existing techniques find less practical significance in real-world applications compared with the multi-keyword fuzzy search technique over encrypted data. The first attempt to construct such a multi-keyword fuzzy search scheme was reported by Wang et al., who used locality-sensitive hashing functions and Bloom filtering to meet the goal of multi-keyword fuzzy search. Nevertheless, Wang's scheme was only effective for a one letter mistake in keyword but was not effective for other common spelling mistakes. Moreover, Wang's scheme was vulnerable to server out-of-order problems during the ranking process and did not consider the keyword weight. In this paper, based on Wang et al.'s scheme, we propose an efficient multi-keyword fuzzy ranked search scheme based on Wang et al.'s scheme that is able to address the aforementioned problems. First, we develop a new method of keyword transformation based on the uni-gram, which will simultaneously improve the accuracy and creates the ability to handle other spelling mistakes. In addition, keywords with the same root can be queried using the stemming algorithm. Furthermore, we consider the keyword weight when selecting an adequate matching file set. Experiments using real-world data show that our scheme is practically efficient and achieve high accuracy.

Jianfei Sun,Shengnan Hu,Xuyun Nie,Joojo Walker

DOI: https://doi.org/10.1109/jsyst.2019.2933346

IF: 4.802

2020-01-01

IEEE Systems Journal

Abstract:With the significant rise in the demand for infinite storage resource and high-quality retrieval service, cloud computing is deemed to be a highly remarkable technology. For privacy concerns, several research works on ranked multi-keyword search over the encrypted cloud data under multiple data owner model have been developed. However, most of these schemes are vulnerable to keyword guessing attacks and equivalence test attack. Besides, they cannot accurately return the top-$k$ ranked search results from the encrypted data of different data owners to the data users. Obviously, these drawbacks may incur leakage of privacy-sensitive keyword information and the inaccuracy of returned search results. Therefore, in this article, we first propose a novel efficient ranked multi-keyword retrieval scheme with keyword privacy for multiple data owners, which empowers the cloud server to perform multi-keyword search over the cloud data and then, return the top-$k$ ranked search results to data users without leaking any keyword and trapdoor information. Additionally, we show through rigorous security analysis that our scheme is secure against the attacks launched by inside attackers and outside attackers. Finally, the performance evaluation indicates that our scheme has more satisfactory features than the existing ranked multi-keyword search schemes.

Jing Chen,Kun He,Lan Deng,Quan Yuan,Ruiying Du,Yang Xiang,Jie Wu

DOI: https://doi.org/10.1109/tsc.2017.2765323

IF: 11.019

2020-11-01

IEEE Transactions on Services Computing

Abstract:Motivated by privacy preservation requirements for outsourced data, keyword searches over encrypted cloud data have become a hot topic. Compared to single-keyword exact searches, multi-keyword fuzzy search schemes attract more attention because of their improvements in search accuracy, typo tolerance, and user experience in general. However, existing multi-keyword fuzzy search solutions are not sufficiently efficient when the file set in the cloud is large. To address this, we propose an Efficient Leakage-resilient Multi-keyword Fuzzy Search (EliMFS) framework over encrypted cloud data. In this framework, a novel two-stage index structure is exploited to ensure that search time is independent of file set size. The multi-keyword fuzzy search function is achieved through a delicate design based on the Gram Counting Order, the Bloom filter, and the Locality-Sensitive Hashing. Furthermore, considering the leakages caused by the two-stage index structure, we propose two specific schemes to resist these potential attacks in different threat models. Extensive analysis and experiments show that our schemes are highly efficient and leakage-resilient.

computer science, information systems, software engineering

Hongwei Li,Hao Ren,Hongxian Yao,Hao Chen,Guowen Xu,Yuan-Shun Dai

DOI: https://doi.org/10.1109/ICCChina.2015.7448586

2015-01-01

Abstract:With the development of cloud computing over encrypted outsourced data, textual multi-keyword search schemes over encrypted data have been proposed. In fact, with various types of data available, keyword searches can not only be texts but also any other digital information, such as location, time, and price, etc. Currently, diverse search, which combines textual and digital keywords, has been studied over plaintext, i.e., unencrypted cloud data. However, it is challenging to develop a diverse search over encrypted cloud data. To address this issue, in the paper, we leverage the k-nearest neighbor (kNN) technique to design a diverse multi-keyword ranked search scheme over encrypted cloud data. Specifically, we put the digital keywords and textual keywords together in one index and use only one set of keys to encrypt the combined index. Security analysis indicates that our proposed scheme can achieve textual keyword privacy, digital keyword privacy and trapdoor unlinkability. Functionality analysis shows that our proposed scheme can achieve textual keyword search, coordinate matching, digital keyword search and range query. Performance evaluation demonstrates that our proposed scheme is efficient in terms of index construction, trapdoor generation and query.

Songfeng Lu,Abdulruhman I Ahmed Abomakhelb

DOI: https://doi.org/10.1109/ciis.2017.67

2017-01-01

Abstract:In recent years, Cloud Computing becomes more prevalent in data store domain. More and more sensitive to store information into the cloud, Due to the importance the protection of data privacy, to protect sensitive data, should be encrypted before outsourcing, which makes ineffective data utilization and a very challenging task. Although the protection of the privacy of the data has to be encrypted, There should be schemes allow a user to securely search over encrypted data through keywords and selectively retrieve the appropriate files interest. These techniques support only exact searchable over encryption. In this paper, find a solution to the problem of effective keyword search over encrypted cloud data while maintaining keyword privacy. Keyword search greatly enhances system usability by returning the matching files when users' searching inputs exactly match the predefined keywords. In our solution, we extract the keywords from the file and encrypted the keywords then added into the index. Instead of storing file and searchable index on a cloud system, the proposed system will store the file on cloud and store searchable index on a private server. Which greatly reduces network congestion and representation overheads, also retrieval fast for files, and reduces the storage by file compression With enhanced security using encryption techniques and permission to access the data, through accurate security analysis, we show that our proposed solution is secure and privacy-preserving, while correctly realizing the goal of retrieval data.

Xinyu Tang,Cheng Guo,Yizhi Ren,Cong Wang,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.1109/jsyst.2022.3157530

IF: 4.802

2022-06-14

IEEE Systems Journal

Abstract:Ensuring the privacy of data outsourced to the cloud, while also ensuring data usability, remains challenging. In this article, we propose a global secure ranked multikeyword search scheme based on multiple data owners in cloud-based systems. Compared to prior arts, our scheme improves search precision and efficiency and eliminates keyword redundancies. To improve search efficiency, we use a tree-based index structure, where we remove the need to search all related files. To improve search precision, we design a global computing scheme in which we compute the relevance score in a global manner with the global document frequency. To reduce the redundancies of keywords, we design a keyword conversion scheme, where we re-encrypt keywords with a third entity. As a result, the same keyword extracted by different data owners will be encrypted into the same form. Also, we present the security analysis and demonstrate the performance of the scheme with experiments.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

Ling Huaze,Xue Kaiping,Wei David S.L.,Li Ruidong

DOI: https://doi.org/10.52396/JUST-2021-0071

2021-01-01

Journal of University of Science and Technology of China

Abstract:As more and more enterprises and individuals choose to outsource their encrypted private data to the cloud, Searchable Encryption ( SE) , which solves the issue of keyword-searching over encrypted data, is becoming much more important. To overcome typos and semantic diversity existing in query requests, fuzzy search is introduced to achieve a misspelling-tolerate search-supported encryption scheme. However, current schemes of fuzzy search over encrypted data not only bring in high computing and communication overhead in multi-user scenarios but also are unable to cover all kinds of error types under the premise of an effective accuracy. In this paper, we thus propose a multi-user multi-keyword fuzzy searchable encryption scheme. Specifically, we introduce the permuterm index to support multi-keyword wildcard search which can solve more kinds of misspelling with a higher degree of correctness. Moreover, by letting the cloud server re-encrypt indexes user encrypt, our scheme supports unshared-key multi-user fuzzy search, reducing users ' computing overhead effectively and improving the level of privacy-preserving. The results of experiments demonstrate that, compared with existing schemes, our scheme not only has a better accuracy rate, but also supports more varieties of misspelling keyword search with acceptable computational overhead.

Jinguo Li,Yaping Lin,Mi Wen,Chunhua Gu,Bo Yin

DOI: https://doi.org/10.1007/978-3-319-21837-3_32

2015-01-01

Abstract:To preserve the privacy of cloud data, sensitive files are always encrypted by data owners, which let the keyword search be more difficult to the crucial applications. Thus, a secure and efficient keyword search protocol over encrypted files is required. Most of the prior keyword search works over encrypted cloud files focus on single-data-owner settings. However, there are a large number of data owners involved in real applications. To retrieve user required files, single-owner keyword search schemes need to be repeated several times to search over files encrypted by different unique private keys, which is a very costly way. To achieve high efficiency and privacy preserving in multi-data-owner scenario, we propose a Secure and Verifiable Multi-owner Ranked-keyword Search protocol, named SVMRS, in this paper. Specifically, to preserve privacy and to improve the keyword search precision, we combine a modified asymmetric scalar-product encryption function with the TFtimesIDF rule. Furthermore, to preserve the integrity of search results, we extend the SVMRS based on circular bidirection-linked list, which can make the query result verifiable. Detailed analysis and experiments show that the SVMRS can preserve the file privacy and integrity, and confirms the high efficacy and efficiency of SVMRS.

Yu Chen,Jiajun Huang,Mingwu Zhang

DOI: https://doi.org/10.1109/JSYST.2020.2997932

IF: 4.802

2021-06-01

IEEE Systems Journal

Abstract:Cloud computing provides an appearing application for compelling vision in managing big-data files and responding queries over a distributed cloud platform. To overcome privacy revealing risks, sensitive documents and private data are usually stored in the clouds in a cipher-based manner. However, it is inefficient to search the data in traditional encryption systems. Searchable encryption is a useful cryptographic primitive to enable users to retrieve data in ciphertexts. However, the traditional searchable encryptions provide lower search efficiency and cannot carry out fuzzy multikeyword queries. To solve this issue, in this article, we propose a searchable encryption that supports privacy-preserving fuzzy multikeyword search (SE-PPFM) in cloud systems, which is built by asymmetric scalar-product-preserving encryptions and Hadamard product operations. In order to realize the functionality of efficient fuzzy searches, we employ Word2vec as the primitive of machine learning to obtain a fuzzy correlation score between encrypted data and queries predicates. We analyze and evaluate the performance in terms of token of multikeyword, retrieval and match time, file retrieval time and matching accuracy, etc. The experimental results show that our scheme can achieve a higher efficiency in fuzzy multikeyword ciphertext search and provide a higher accuracy in retrieving and matching procedure.

Computer Science

Maryam Zarezadeh,Hamid Mala,Maede Ashouri-Talouki

DOI: https://doi.org/10.1007/s12083-019-00736-0

2019-04-30

Abstract:With the advent of cloud computing, data owners are motivated to outsource their data to public clouds for decreasing the cost of management systems. For protecting data privacy, sensitive data must be encrypted before outsourcing. So, equipping cloud server with search service over encrypted data is an important issue. Considering the large number of data users and documents in the cloud, users may be interested to perform multi-keyword search and receive the most related data. In this paper, we investigate the Pasupuleti et al.'s scheme which is a multi-keyword ranked search over encrypted cloud data. Their scheme has problems in index construction, trapdoor generation and search procedures. We address these problems and suggest a multi-keyword ranked search over encrypted data on cloud storage. The proposed ranked searchable encryption scheme enhances system usability by ranking results instead of just sending undifferentiated results and ensures file retrieval accuracy. We also use the relevance score from information retrieval to build a secure searchable index, and apply an additive order-preserving encryption to protect the sensitive scores of files. Our scheme also guarantees access control of users during the data retrieval by attribute-based encryption. Analysis shows that our scheme is secure and efficient for cloud storage.

computer science, information systems,telecommunications

Xi WU,Neng-hai YU,Wei-ming ZHANG

DOI: https://doi.org/10.13195/j.kzyjc.2017.0802

2019-01-01

Abstract:With the popularity of the cloud computing, more and more data owners are motivated to outsource their complex data from local sites to the cloud for great shared comuputing sources and economic savings. But for protecting data security and privacy, sensitive data have to be encrypted before outsourcing, which obsoletes some traditional data utilization, for example the multi-keywords search. In this paper, we develop a enhanced multi-keywords fuzzy search scheme. On one hand, a novel method is designed to transfor keywords based on BloomFilter, which can reduce the index length effectively while keeping the fuzzy search rate. On the other hand, the similarity measure method is improved based on dynamic adaption of confusion parameters to achieve various stringent privacy requirements, which shows the data user’s favoritism better. Experiments on real-world data show that the proposed scheme is feasible, effective and accurate.

Fan Yin,Rongxing Lu,Yandong Zheng,Jun Shao,Xue Yang,Xiaohu Tang

DOI: https://doi.org/10.48550/arXiv.2103.08455

2021-03-15

Abstract:The cloud computing technique, which was initially used to mitigate the explosive growth of data, has been required to take both data privacy and users' query functionality into consideration. Symmetric searchable encryption (SSE) is a popular solution to supporting efficient keyword queries over encrypted data in the cloud. However, most of the existing SSE schemes focus on the exact keyword query and cannot work well when the user only remembers the substring of a keyword, i.e., substring-of-keyword query. This paper aims to investigate this issue by proposing an efficient and privacy-preserving substring-of-keyword query scheme over cloud. First, we employ the position heap technique to design a novel tree-based index to match substrings with corresponding keywords. Based on the tree-based index, we introduce our substring-of-keyword query scheme, which contains two consecutive phases. The first phase queries the keywords that match a given substring, and the second phase queries the files that match a keyword in which people are really interested. In addition, detailed security analysis and experimental results demonstrate the security and efficiency of our proposed scheme.

Cryptography and Security

Xi Zhang,Cheng Huang,Ye Su,Jing Qin

DOI: https://doi.org/10.1109/tsc.2024.3442558

IF: 11.019

2024-10-11

IEEE Transactions on Services Computing

Abstract:In this paper, we propose a Mergeable Searchable Symmetric Encryption (MSSE) scheme to enable secure keyword search and updates over encrypted cloud data. Particularly, MSSE allows flexible keyword merging, where users can remotely merge file identifiers associated with keywords to create new keyword-to-file identifier relationships. The function is designed for a user to manage their outsourced data conveniently. To this end, we first introduce a new encrypted index where each keyword's relevant file identifiers are grouped, encoded, and encrypted with super-increasing sequences and homomorphic encryption. With such an index, users leverage Distributed Multi-point Functions (DMPFs) to achieve secure keyword search and merge, maintaining efficiency while ensuring high privacy. To address the issue of maintaining "merging consistency" between pre-merged entries and newly updated entries, we employ the DMPF on clusters that incorporate the updated files. The approach significantly minimizes client-side computational overhead compared to re-executing the entire keyword merging process. We formally prove that MSSE can achieve parallel privacy. Extensive performance evaluation shows that MSSE is efficient in terms of computational and communication overheads.

computer science, information systems, software engineering

Jinguo Li,Mi Wen,Kejie Lu,Chunhua Gu

DOI: https://doi.org/10.1002/sec.1482

IF: 1.968

2016-01-01

Security and Communication Networks

Abstract:Because of the flexibility and convenience brought by cloud computing, it has been adopted in many applications. To preserve the privacy of cloud data, data owner often encrypts all sensitive data files, which makes the keyword search application based on plaintext a very challenging task. Therefore, several privacy-preserving keyword search algorithms have been developed recently, and most of these works support only single-data-owner settings. However, there are always more than one data owners in real applications, which are much more complex and challenging than single-owner scenario. To support multi-owner keyword search, those prior search algorithms need to be repeated several times, because each data owner intends to encrypt his own files with a unique private-key separately. It is absolutely not an efficient way. In this paper, we propose a privacy and integrity-preserving multi-owner ranked-keyword search scheme termed PIMRS. In the PIMRS, we exploit an asymmetric scalar-product encryption function based on the TF×IDF rule to preserve data privacy and to obtain more precise search results. Furthermore, a circular bi-direction-linked list based scheme is proposed to preserve the integrity of search results, which also enables the misbehaviors of cloud server to be detected. The security analysis of PIMRS shows its privacy and integrity property, and extensive experiments based on real-world data set confirm the high efficiency of proposed schemes. Copyright © 2016 John Wiley & Sons, Ltd.

Jin Li,Qian Wang,Cong Wang,Ning Cao,Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1109/infcom.2010.5462196

2010-01-01

Abstract:As Cloud Computing becomes prevalent, more and more sensitive information are being centralized into the cloud. For the protection of data privacy, sensitive data usually have to be encrypted before outsourcing, which makes effective data utilization a very challenging task. Although traditional searchable encryption schemes allow a user to securely search over encrypted data through keywords and selectively retrieve files of interest, these techniques support only exact keyword search. That is, there is no tolerance of minor typos and format inconsistencies which, on the other hand, are typical user searching behavior and happen very frequently. This significant drawback makes existing techniques unsuitable in Cloud Computing as it greatly affects system usability, rendering user searching experiences very frustrating and system efficacy very low. In this paper, for the first time we formalize and solve the problem of effective fuzzy keyword search over encrypted cloud data while maintaining keyword privacy. Fuzzy keyword search greatly enhances system usability by returning the matching files when users' searching inputs exactly match the predefined keywords or the closest possible matching files based on keyword similarity semantics, when exact match fails. In our solution, we exploit edit distance to quantify keywords similarity and develop an advanced technique on constructing fuzzy keyword sets, which greatly reduces the storage and representation overheads. Through rigorous security analysis, we show that our proposed solution is secure and privacy-preserving, while correctly realizing the goal of fuzzy keyword search.

Yuanlong Liu,Hua Dai,Qian Zhou,Pengyue Li,Xun Yi,Geng Yang

DOI: https://doi.org/10.1016/j.future.2024.04.058

IF: 7.307

2024-05-06

Future Generation Computer Systems

Abstract:Traditional privacy-preserving search schemes have commonly used the TF-IDF model, which relies on keyword frequency statistics but neglects the semantic relationships between and documents. In recent years, a few secure multi-keyword ranked search schemes over encrypted cloud data have considered the data semantics. However, the search efficiency of these schemes can still be improved. This paper presents an efficient privacy-preserving semantic-aware multi-keyword ranked search scheme (EPSMR) over encrypted cloud data. EPSMR utilizes the LDA topic model to discover hidden semantic information in documents and convert documents into vector representations. vector encryption by using the secure inner product is employed to implement the privacy-preserving semantic relevance score computation between search keywords and documents. To achieve efficient multi-keyword searches, the bisecting k -means algorithm and search tree structure are introduced to design a novel ω -way balanced search tree index which benefits finding search results quickly. to further improve the search efficiency, a filtering-threshold lookup table is presented, which can be used to prune unqualified sub-trees in advance. The experimental results show the superior performance of the proposed scheme compared to existing schemes in terms of both semantic search precision and search time cost.

computer science, theory & methods

Cong Wang,Ning Cao,Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1109/tpds.2011.282

IF: 5.3

2012-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Cloud computing economically enables the paradigm of data service outsourcing. However, to protect data privacy, sensitive cloud data have to be encrypted before outsourced to the commercial public cloud, which makes effective data utilization service a very challenging task. Although traditional searchable encryption techniques allow users to securely search over encrypted data through keywords, they support only Boolean search and are not yet sufficient to meet the effective data utilization need that is inherently demanded by large number of users and huge amount of data files in cloud. In this paper, we define and solve the problem of secure ranked keyword search over encrypted cloud data. Ranked search greatly enhances system usability by enabling search result relevance ranking instead of sending undifferentiated results, and further ensures the file retrieval accuracy. Specifically, we explore the statistical measure approach, i.e., relevance score, from information retrieval to build a secure searchable index, and develop a one-to-many order-preserving mapping technique to properly protect those sensitive score information. The resulting design is able to facilitate efficient server-side ranking without losing keyword privacy. Thorough analysis shows that our proposed solution enjoys “as-strong-as-possible” security guarantee compared to previous searchable encryption schemes, while correctly realizing the goal of ranked keyword search. Extensive experimental results demonstrate the efficiency of the proposed solution.

Axin Wu,Fagen Li,Xiangjun Xin,Yinghui Zhang,Jianhao Zhu

DOI: https://doi.org/10.1016/j.sysarc.2024.103104

IF: 5.836

2024-03-08

Journal of Systems Architecture

Abstract:Cloud storage offers data users relief from cumbersome management tasks and enhances overall efficiency. However, while it brings convenience, there is also the risk of privacy breaches. To address this, public-key encryption with keyword search (PEKE) presents a solution that balances efficiency, convenience, and security in the context of cloud storage. Nevertheless, PEKS is vulnerable to inside keyword guessing attacks and algorithm substitution attacks, posing a serious threat to its deployment. Cryptographic reverse firewall technique randomizes incoming messages to effectively defend against both types of attacks mentioned earlier through a gateway. However, this approach requires the gateway to store a random number for each keyword, increasing storage costs and potentially exposing keyword information. In response, we propose an improved scheme that inherits the remarkable properties of the method based on cryptographic reverse firewall. Additionally, the proposed scheme eliminates the need for gateways to store random numbers, reducing the management and storage burdens and supports multiple keywords for one document, a feature more aligned with real-world applications. Furthermore, we prove the security of the scheme, which achieves the same security goals as the existing scheme. Finally, we analyze the scheme s efficiency through theoretical analysis and performance evaluation, which demonstrates its efficiency.

computer science, software engineering, hardware & architecture

Jingwei Li,Jin Li,Xiaofeng Chen,Chunfu Jia,Zheli Liu

DOI: https://doi.org/10.1007/978-3-642-34601-9_37

2012-01-01

Abstract:As cloud computing becomes prevalent, more and more sensitive information is being centralized into the cloud, which raises a new challenge on how to efficiently share the outsourced data in a fine-grained manner. Although searchable encryption allows for privacy-preserving keyword search over encrypted data in public cloud, it could not work effectively for supporting fine-grained access control over encrypted data simultaneously. In this paper, we consider to tackle the challenge above under a hybrid architecture in which a private cloud is introduced as an access interface between users and public cloud. We firstly propose a basic scheme allowing both exact keyword search and fine-grained access control over encrypted data. Furthermore, an advanced scheme supporting fuzzy keyword search is presented. In both schemes, overhead computation is securely outsourced to private cloud but only left behind the file encryption and decryption at user side. Finally, we demonstrate approaches to realize outsourcing cryptographic access control mechanism and further relieve the computational cost at user side.