Shujie Cui,Xiangfu Song,Muhammad Rizwan Asghar,Steven D Galbraith,Giovanni Russello

DOI: https://doi.org/10.48550/arXiv.1909.11624

2019-09-25

Cryptography and Security

Abstract:Searchable Encryption (SE) is a technique that allows Cloud Service Providers (CSPs) to search over encrypted datasets without learning the content of queries and records. In recent years, many SE schemes have been proposed to protect outsourced data from CSPs. Unfortunately, most of them leak sensitive information, from which the CSPs could still infer the content of queries and records by mounting leakage-based inference attacks, such as the count attack and file injection attack. In this work, first we define the leakage in searchable encrypted databases and analyse how the leakage is leveraged in existing leakage-based attacks. Second, we propose a Privacy-preserving Multi-cloud based dynamic symmetric SE (SSE) scheme for relational Database (P-McDb). P-McDb has minimal leakage, which not only ensures confidentiality of queries and records, but also protects the search, access, and size patterns from CSPs. Moreover, P-McDb ensures both forward and backward privacy of the database. Thus, P-McDb could resist existing leakage-based attacks, e.g., active file/record-injection attacks. We give security definition and analysis to show how P-McDb hides the aforementioned patterns. Finally, we implemented a prototype of P-McDb and test it using the TPC-H benchmark dataset. Our evaluation results show the feasibility and practical efficiency of P-McDb.

Haochen Dou,Zhenwu Dan,Peng Xu,Wei Wang,Shuning Xu,Tianyang Chen,Hai Jin

DOI: https://doi.org/10.1109/tifs.2024.3350330

IF: 7.231

2024-02-02

IEEE Transactions on Information Forensics and Security

Abstract:Dynamic Searchable Symmetric Encryption (DSSE) is a prospective technique in the field of cloud storage for secure search over encrypted data. A DSSE client can issue update queries to an honest-but-curious server for adding or deleting his ciphertexts to or from the server and delegate keyword search over those ciphertexts to the server. Numerous investigations focus on achieving strong security, like forward-and-Type-I−-backward security, to reduce the information leakage of DSSE to the server as much as possible. However, the existing DSSE with such strong security cannot keep search correctness and stable security (or robustness, in short) if irrational queries are issued by the client, like duplicate add or delete queries and the delete queries for removing non-existed entries, to the server unintentionally. Hence, this work proposes two new DSSE schemes, named and , respectively. Both two schemes achieve forward-and-Type-I−-backward security while keeping robustness when irrational queries are issued. In terms of performance, has more efficient communication costs and roundtrips than . In contrast, has a more efficient search performance than . Its search performance is close to the existing DSSE scheme with the same security but fails to achieve robustness.

computer science, theory & methods,engineering, electrical & electronic

Peng Xu,Shuai Liang,Wei Wang,Willy Susilo,Qianhong Wu,Hai Jin

DOI: https://doi.org/10.1007/978-3-319-60055-0_11

2017-01-01

Abstract:Dynamic Searchable Symmetric Encryption (DSSE) allows a client not only to search over ciphertexts as the traditional searchable symmetric encryption does, but also to update these ciphertexts according to requirements, e.g., adding or deleting some ciphertexts. It has been recognized as a fundamental and promising method to build secure cloud storage. In this paper, we propose a new DSSE scheme to overcome the drawbacks of previous schemes. The biggest challenge is to realize the physical deletion of ciphertexts with small leakage. We employ both logical and physical deletions, and run physical deletion in due course to avoid extra information leakage. Our instantiation achieves noticeable improvements throughout all following aspects: search performance, storage cost, functionality, and information leakage when operating its functions. We also demonstrate its provable security under adaptive attacks and practical performance according to experimental results.

Yandong Zheng,Rongxing Lu,Jun Shao,Fan Yin,Hui Zhu

DOI: https://doi.org/10.1109/tsc.2020.2992303

IF: 11.019

2020-01-01

IEEE Transactions on Services Computing

Abstract:Dynamic symmetric searchable encryption (SSE), which enables a data user to securely search and dynamically update the encrypted documents stored in a semi-trusted cloud server, has received considerable attention in recent years. However, the search and update operations in many previously reported SSE schemes will bring some additional privacy leakages, e.g., search pattern privacy, forward privacy and backward privacy. To the best of our knowledge, none of the existing dynamic SSE schemes preserves the search pattern privacy, and many backward private SSE schemes still leak some critical information, e.g., the identifiers containing a specific keyword currently in the database. Therefore, aiming at the above challenges, in this article, we design a practical SSE scheme, which not only supports the search pattern privacy but also enhances the backward privacy. Specifically, we first leverage the <span class="mjpage"><svg xmlns:xlink="http://www.w3.org/1999/xlink" width="1.211ex" height="2.176ex" style="vertical-align: -0.338ex;" viewBox="0 -791.3 521.5 936.9" role="img" focusable="false" xmlns="http://www.w3.org/2000/svg"><g stroke="currentColor" fill="currentColor" stroke-width="0" transform="matrix(1 0 0 -1 0 0)"> <use xlink:href="#MJMATHI-6B" x="0" y="0"></use></g></svg></span>k-anonymity and encryption to design an obfuscating technique. Then, based on the obfuscating technique, pseudorandom function and pseudorandom generator, we design a basic dynamic SSE scheme to support single keyword queries and simultaneously achieve search pattern privacy and enhanced backward privacy. Furthermore, we also extend our proposed scheme to support more efficient boolean queries. Security analysis demonstrates that our proposed scheme can achieve the desired privacy properties, and the extensive performance evaluations also show that our proposed scheme is indeed efficient in terms of communication overhead and computational cost.<svg xmlns="http://www.w3.org/2000/svg" style="display: none;"><defs id="MathJax_SVG_glyphs"><path stroke-width="1" id="MJMATHI-6B" d="M121 647Q121 657 125 670T137 683Q138 683 209 688T282 694Q294 694 294 686Q294 679 244 477Q194 279 194 272Q213 282 223 291Q247 309 292 354T362 415Q402 442 438 442Q468 442 485 423T503 369Q503 344 496 327T477 302T456 291T438 288Q418 288 406 299T394 328Q394 353 410 369T442 390L458 393Q446 405 434 405H430Q398 402 367 380T294 316T228 255Q230 254 243 252T267 246T293 238T320 224T342 206T359 180T365 147Q365 130 360 106T354 66Q354 26 381 26Q429 26 459 145Q461 153 479 153H483Q499 153 499 144Q499 139 496 130Q455 -11 378 -11Q333 -11 305 15T277 90Q277 108 280 121T283 145Q283 167 269 183T234 206T200 217T182 220H180Q168 178 159 139T145 81T136 44T129 20T122 7T111 -2Q98 -11 83 -11Q66 -11 57 -1T48 16Q48 26 85 176T158 471L195 616Q196 629 188 632T149 637H144Q134 637 131 637T124 640T121 647Z"></path></defs></svg>

computer science, information systems, software engineering

Dexin Li,Xingwen Zhao,Hui Li,Kai Fan

DOI: https://doi.org/10.1109/jiot.2024.3408812

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:Considerable attention has been directed towards dynamic searchable symmetric encryption (DSSE) since it has the capability to both search and update the encrypted database. Nevertheless, the majority of DSSE schemes operate in single dimensions, and the server is assumed to be honest but curious. Consequently, there are two significant issues that must be addressed. One concerns how searchable operations can be implemented in a multi-dimensional space. Another is the construction of a search-result-verifiable DSSE scheme within a malicious server model. In response to the above-mentioned problems, we proposed a multi-dimensional verifiable DSSE scheme with volume-hiding. Our design leverages the combination of various query methods across different dimensions to enable a wide array of search modes. The state chain is used in the scheme to guarantee forward privacy, while backward privacy is ensured through the encryption of the index. Our scheme employs a bitmap index of the same length to represent multiple file addresses that match a keyword, ensuring size consistency in search results, also known as volume-hiding. Multiset hash function is used to construct the verifiable search result. The security of the scheme is analyzed using a simulation-based proof method based on leakage functions.

Yunling Wang,Jianfeng Wang,Xiaofeng Chen

DOI: https://doi.org/10.1007/bf03391580

2016-01-01

Journal of Communications and Information Networks

Abstract:Cloud computing facilitates convenient and on-demand network access to a centralized pool of resources. Currently, many users prefer to outsource data to the cloud in order to mitigate the burden of local storage. However, storing sensitive data on remote servers poses privacy challenges and is currently a source of concern. SE (Searchable Encryption) is a positive way to protect users sensitive data, while preserving search ability on the server side. SE allows the server to search encrypted data without leaking information in plaintext data. The two main branches of SE are SSE (Searchable Symmetric Encryption) and PEKS (Public key Encryption with Keyword Search). SSE allows only private key holders to produce ciphertexts and to create trapdoors for search, whereas PEKS enables a number of users who know the public key to produce ciphertexts but allows only the private key holder to create trapdoors. This article surveys the two main techniques of SE: SSE and PEKS. Different SE schemes are categorized and compared in terms of functionality, efficiency, and security. Moreover, we point out some valuable directions for future work on SE schemes.

Dongli Liu,Wei Wang,Peng Xu,Laurence T. Yang,Bo Luo,Kaitai Liang

2024-03-02

Abstract:Dynamic Searchable Encryption (DSE) has emerged as a solution to efficiently handle and protect large-scale data storage in encrypted databases (EDBs). Volume leakage poses a significant threat, as it enables adversaries to reconstruct search queries and potentially compromise the security and privacy of data. Padding strategies are common countermeasures for the leakage, but they significantly increase storage and communication costs. In this work, we develop a new perspective to handle volume leakage. We start with distinct search and further explore a new concept called \textit{distinct} DSE (\textit{d}-DSE).

Cryptography and Security

Ke Huang,Xiaolei Dong,Zhenfu Cao,Jiachen Shen

DOI: https://doi.org/10.1088/1757-899x/715/1/012062

2020-01-01

IOP Conference Series Materials Science and Engineering

Abstract:Dynamic searchable symmetric encryption (DSSE) is helpful to users with limited storage. In DSSE, the users are able to perform search and update queries on the ciphertext which stored on the cloud server. However, DSSE may suffer from file-injection attacks and leak information after deletion. In order to solve these problems, DSSE schemes with forward security and/or backward security have been proposed. In this paper, we propose two efficient DSSE schemes. The first one supports forward security using binary tree as the basic data structure. The second one uses puncturable encryption to achieve both forward and backward privacy.

Jianwei Li,Xiaoming Wang,Qingqing Gan,Fengling Wang

DOI: https://doi.org/10.1016/j.comcom.2022.04.026

IF: 5.047

2022-04-01

Computer Communications

Abstract:Dynamic Searchable Symmetric Encryption (DSSE) allows users to outsource data with ciphertext format to untrusted servers and supports the operations of data adding and deleting, which is adopted in common usage by government and business. Recently, the primitive of Forward Privacy in DSSE has drawn great public interest owing to its beneficial feature, which is that it can guard against the newly uploaded files from linking to previous search tokens. However, most of existing Forward Private Searchable Encryption (FPSE) schemes focus on single-user environment, which means that only the users themselves can utilize the data, greatly limits the wide application in cloud computing. To our knowledge, it is difficult to migrate the FPSE schemes to multi-user network. First, to realize forward privacy, the data owner should share the entire key group to the legitimate users, which means the users have the privilege of tampering or deleting data rather than query only; secondly, some FPSE schemes use the special structures and can not be directly developed to multi-user network. Inspired by this, we present a scheme of multi-user forward private searchable encryption with dynamic authorization. The proposed scheme is based on a new structure of Multi-user State Chain and involves dynamic keyword-oriented authorization management. We prove our scheme can meet the secure characteristics, then conduct the performance evaluation and experiments. The results demonstrate that compared with the existing solutions, our scheme is superior in efficiency and practicability.

computer science, information systems,telecommunications,engineering, electrical & electronic

Chen Guo,Xingbing Fu,Yaojun Mao,Guohua Wu,Fagen Li,Ting Wu

DOI: https://doi.org/10.3390/info9100242

2018-01-01

Information

Abstract:With the advent of cloud computing, more and more users begin to outsource encrypted files to cloud servers to provide convenient access and obtain security guarantees. Searchable encryption (SE) allows a user to search the encrypted files without leaking information related to the contents of the files. Searchable symmetric encryption (SSE) is an important branch of SE. Most of the existing SSE schemes considered single-user settings, which cannot meet the requirements for data sharing. In this work, we propose a multi-user searchable symmetric encryption scheme with dynamic updates. This scheme is applicable to the usage scenario where one data owner encrypts sensitive files and shares them among multiple users, and it allows secure and efficient searches/updates. We use key distribution and re-encryption to achieve multi-user access while avoiding a series of issues caused by key sharing. Our scheme is constructed based on the index structure where a bit matrix is combined with two static hash tables, pseudorandom functions and hash functions. Our scheme is proven secure in the random oracle model.

Yinbin Miao,Jiajia Liu,Jianfeng Ma

DOI: https://doi.org/10.1007/978-3-319-21837-3_40

2015-01-01

Abstract:Cloud computing has increased rapidly due to its abundant benefits in terms of low cost and accessability of data. Privacy protection and data security are two issues in cloud computing, as users often outsource sensitive information to honest-but-curious cloud storage providers (CSP). While encryption seriously obsoletes the traditional information retrieval over plaintext. Therefore, searchable encryption (SE) technology which allows the users to securely search over cipher-text through keywords and selectively retrieve files of interest becomes important. Dealing with single CSP is predicted to become less popular with cloud customers for fear of risks of single-point failure threat and potential malicious insiders. To tackle above problems, two schemes based on Identity-Based Encryption (IBE) and Key-Policy Attribute-Based Encryption (KP-ABE) are proposed in multi-clouds environment, respectively. Through rigorous security and performance analysis, both schemes can ensure security and reliability, and greatly reduce computational burden.

Chang Liu,Liehuang Zhu,Jinjun Chen

DOI: https://doi.org/10.1109/trustcom.2015.406

2015-01-01

Abstract:Cloud computing has greatly facilitated large-scale data outsourcing due to its cost efficiency, scalability and many other advantages. Subsequent privacy risks force data owners to encrypt sensitive data, hence making the outsourced data no longer searchable. Searchable Symmetric Encryption (SSE) is an advanced cryptographic primitive addressing the above issue, which maintains efficient keyword search over encrypted data without disclosing much information to the storage provider. Existing SSE schemes implicitly assume that original user data is centralized, so that a searchable index can be built at once. Nevertheless, especially in cloud computing applications, user-side data centralization is not reasonable, e.g. an enterprise distributes its data in several data centers. In this paper, we propose the notion of Multi-Data-Source SSE (MDS-SSE), which allows each data source to build a local index individually and enables the storage provider to merge all local indexes into a global index afterwards. We propose a novel MDS-SSE scheme, in which an adversary only learns the number of data sources, the number of entire data files, the access pattern and the search pattern, but not any other distribution information such as how data files or search results are distributed over data sources. We offer rigorous security proof of our scheme, and report experimental results to demonstrate the efficiency of our scheme.

Chang Xu,Ruijuan Wang,Liehuang Zhu,Chuan Zhang,Rongxing Lu,Kashif Sharif

DOI: https://doi.org/10.48550/arXiv.2203.13662

2022-03-25

Cryptography and Security

Abstract:Searchable symmetric encryption (SSE) supports keyword search over outsourced symmetrically encrypted data. Dynamic searchable symmetric encryption (DSSE), a variant of SSE, further enables data updating. Most DSSE works with conjunctive keyword search primarily consider forward and backward privacy. Ideally, the server should only learn the result sets involving all keywords in the conjunction. However, existing schemes suffer from keyword pair result pattern (KPRP) leakage, revealing the partial result sets containing two of query keywords. We propose the first DSSE scheme to address aforementioned concerns that achieves strong privacy-preserving conjunctive keyword search. Specifically, our scheme can maintain forward and backward privacy and eliminate KPRP leakage, offering a higher level of security. The search complexity scales with the number of documents stored in the database in several existing schemes. However, the complexity of our scheme scales with the update frequency of the least frequent keyword in the conjunction, which is much smaller than the size of the entire database. Besides, we devise a least frequent keyword acquisition protocol to reduce frequent interactions between clients. Finally, we analyze the security of our scheme and evaluate its performance theoretically and experimentally. The results show that our scheme has strong privacy preservation and efficiency.

Minghao Zhao,Han Jiang,Zhen Li,Qiuliang Xu,Hao Wang,Shaojing Li

DOI: https://doi.org/10.1504/ijhpcn.2018.10015546

2018-01-01

International Journal of High Performance Computing and Networking

Abstract:Searchable encryption is a significant cryptographic primitive to ensure storage security and data privacy in cloud computing environment. It allows a client to store a collection of encrypted documents on server, and latterly, according to specific search criteria, perform keyword-based searches and retrieve the documents, meanwhile ensuring that it reveals minimal information to the server. Early research on searchable encryption schemes mainly focused on the efficiency, the security and the query expressiveness, and nowadays, the studies have been paying attention to searchable encryption that supports dataset update dynamically. In this paper, we propose a new dynamic symmetric searchable encryption scheme. In the aspect of efficiency, the complexity of search algorithm is O(1), while file addition and deletion are O(m"n) and O(N) respectively (here m" means the number of keywords in a document; N means the number of document-keyword pairs and n means the size of keywords dictionary), which indicates the overall efficiency is superior to the existing schemes; in terms of security, this scheme can resist selective keyword attack, and compared with former ones, it achieves less information leakage.

Cong Zuo,Shi-Feng Sun,Joseph K. Liu,Jun Shao,Josef Pieprzyk

DOI: https://doi.org/10.48550/arXiv.1905.08561

2019-05-21

Cryptography and Security

Abstract:Dynamic searchable symmetric encryption (DSSE) is a useful cryptographic tool in encrypted cloud storage. However, it has been reported that DSSE usually suffers from file-injection attacks and content leak of deleted documents. To mitigate these attacks, forward privacy and backward privacy have been proposed. Nevertheless, the existing forward/backward-private DSSE schemes can only support single keyword queries. To address this problem, in this paper, we propose two DSSE schemes supporting range queries. One is forward-private and supports a large number of documents. The other can achieve backward privacy, while it can only support a limited number of documents. Finally, we also give the security proofs of the proposed DSSE schemes in the random oracle model.

Qiang Zhang,Guojun Wang,Wenjuan Tang,Karim Alinani,Qin Liu,Xin Li

DOI: https://doi.org/10.1016/j.comcom.2021.05.009

IF: 5.047

2021-08-01

Computer Communications

Abstract:<p>Cloud storage services allow a data owner to share her/his outsourced data with other users, and enable the users to search target data by keywords. To ensure the data confidentiality, data owner always encrypt data using traditional encryption schemes before outsourcing. Whereas, it makes efficiently searching impossible. Symmetric searchable encryption (SSE) is a cryptographic primitive that resolves this tension. However, most existing SSE schemes do not consider the individual characteristics of users during the search, such that they cannot support personalized search services over encrypted data. Meanwhile, security and efficiency issues in the cloud service model have also severely affected the user's search experience, and the introduction of mobile edge servers can solve these problems to some extent. In this paper, we propose a personalized searchable encryption scheme (PSED) for mobile edge-assisted cloud storage. Our contribution consists of three aspects. First, we incorporate the user's preference factors into the user's query which enable users to get accurate personalized search results. Second, the computational overhead of the cloud server is reduced by calculating the relevance scores of the subqueries and subindexes on mobile edge servers. Third, by cutting the index and the query matrix, the encryption efficiency of the index and the query matrix is improved. Security analysis shows that PSED can guarantee the privacy of the data and the user. Experimental results demonstrate that the proposed schemes are highly efficient and accurate.</p>

computer science, information systems,telecommunications,engineering, electrical & electronic

Yinbin Miao,Jianfeng Ma,Ximeng Liu,Zhiquan Liu,Junwei Zhang,Fushan Wei

DOI: https://doi.org/10.1007/s12083-016-0523-7

2016-10-15

Abstract:Data outsourcing service can shift the local data storage and maintenance to cloud service provider (CSP) to ease the burden from data owner, but it brings the data security threats as CSP is always considered to honest-but-curious. Therefore, searchable encryption (SE) technique which allows cloud clients (including data owner and data user) to securely search over ciphertext through keywords and selectively retrieve files of interest is of prime importance. However, in practice, data user’s access permission always dynamically varies with data owner’s preferences. Moreover, existing SE schemes which are based on attribute-based encryption (ABE) incur heavy computational burden through attribution revocation and policy updating. To allow data owner to flexibly grant access permissions, we design a secure cryptographic primitive called as efficient data owner authorized search over encrypted data scheme through utilizing identity-based encryption (IBE) technique. The formal security analysis proves that our scheme is secure against chosen-plaintext attack (CPA) and chosen-keyword attack (CKA) without random oracle. Besides, empirical experiments over real-world dataset show that our scheme is efficient and feasible with regard to data access control.

computer science, information systems,telecommunications

Guofeng Wang,Chuanyi Liu,Yingfei Dong,Peiyi Han,Hezhong Pan,Binxing Fang

DOI: https://doi.org/10.1109/access.2017.2786026

IF: 3.9

2018-01-01

IEEE Access

Abstract:Searchable Encryption (SE) has been extensively examined by both academic and industry researchers. While many academic SE schemes show provable security, they usually expose some query information (e.g., search and access patterns) to achieve high efficiency. However, several inference attacks have exploited such leakage, e.g., a query recovery attack can convert opaque query trapdoors to their corresponding keywords based on some prior knowledge. On the other hand, many proposed SE schemes require significant modification of existing applications, which makes them less practical, weak in usability, and difficult to deploy. In this paper, we introduce a secure and practical searchable symmetric encryption scheme with provable security strength for cloud applications, called IDCrypt, which improves the search efficiency, and enhances the security strength of SE using symmetric cryptography. We further point out the main challenges in securely searching on multiple indexes and sharing encrypted data between multiple users. To address the above issues, we propose a token-adjustment search scheme to preserve the search functionality among multi-indexes, and a key sharing scheme which combines identity-based encryption and public-key encryption. Our experimental results show that the overhead of the key sharing scheme is fairly low.

Cheng Guo,Wenfeng Li,Xinyu Tang,Kim-Kwang Raymond Choo,Yining Liu

DOI: https://doi.org/10.1109/tdsc.2023.3262060

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Dynamic searchable symmetric encryption (DSSE) allows efficient searches over encrypted databases and also supports clients in their updating of the data, such as those stored in a remote cloud server. However, recent attacks suggest the risk of leakage during such updates, which consequently impacts on the privacy of the queries. In addition, existing DSSE schemes that support forward privacy generally rely on the honest-but-curious server and support only single-keyword retrieval, which limits the application scenarios. In this paper, we present the design of a verifiable DSSE protocol, which supports efficient conjunctive query with forward privacy. In our scheme, the forward index is constructed by a novel form, i.e., $ t$t-puncturable PRFs, and the authentication tag is designed by symmetric cryptography. During conjunctive queries, we narrow the scope by an inverted index, and then we determine the results of the final query through the forward index. Meanwhile, we can use verification tag to check the correctness and completeness of the result. In addition, we present an extension to support backward privacy, and our experimental evaluations show that our proposed approach achieves better performance on both conjunctive queries and updates than other competing solutions and ensures efficient verification.

Cong Zuo,Shi-Feng Sun,Joseph K. Liu,Jun Shao,Josef Pieprzyk

DOI: https://doi.org/10.1007/978-3-030-29962-0_14

2019-01-01

Abstract:Dynamic Searchable Symmetric Encryption (DSSE) enables a client to perform updates and searches on encrypted data which makes it very useful in practice. To protect DSSE from the leakage of updates (leading to break query or data privacy), two new security notions, forward and backward privacy, have been proposed recently. Although extensive attention has been paid to forward privacy, this is not the case for backward privacy. Backward privacy, first formally introduced by Bost et al., is classified into three types from weak to strong, exactly Type-III to Type-I. To the best of our knowledge, however, no practical DSSE schemes without trusted hardware (e.g. SGX) have been proposed so far, in terms of the strong backward privacy and constant roundtrips between the client and the server.