Jiujiang Han,Ziyuan Li,Jian Liu,Huimei Wang,Ming Xian,Yuxiang Zhang,Yu Chen

DOI: https://doi.org/10.3390/electronics11162536

IF: 2.9

2022-08-14

Electronics

Abstract:Searchable encryption enables users to enjoy search services while protecting the security and privacy of their outsourced data. Blockchain-enabled searchable encryption delivers the computing processes that are executed on the server to the decentralized and transparent blockchain system, which eliminates the potential threat of malicious servers invading data. Recently, although some of the blockchain-enabled searchable encryption schemes realized that users can search freely and verify search results, unfortunately, these schemes were inefficient and costly. Motivated by this, we proposed an improved scheme that supports fine-grained access control and flexible searchable encryption. In our framework, the data owner uploads ciphertext documents and symmetric keys to cloud database and optional KMS, respectively, and manipulates the access control process and searchable encryption process through smart contracts. Finally, the experimental comparison conducted on a private Ethereum network proved the superiority of our scheme.

engineering, electrical & electronic,computer science, information systems,physics, applied

YAN Xixi,YUAN Xiaohan,TANG Yongli,CHEN Yanli

DOI: https://doi.org/10.11959/j.issn.1000-436x.2020011

2020-01-01

Abstract:For the problem that the shared decryption key lacks of fine-grained access control and the search results lacks of correctness verification under one-to-many search model,a verifiable attribute-based searchable encryption scheme based on blockchain was proposed.The ciphertext policy attribute-based encryption mechanism was used on the shared key to achieve fine-grained access control.Ethereum blockchain technology was combined to solve the problem of incorrect search results returned by the semi-honest and curious cloud server model,so it could prompt both the cloud server and the user to follow the rules of the contract honestly and achieved service-payment fairness between the user and the cloud server in the pay-per-use cloud environment.In addition,based on the irreversible modification of the blockchain,the cloud server was guaranteed to receive the service fee,and the user was assured to obtain the correct retrieval results without additional verification which reduced the computational overhead of the user.The security analysis shows that the scheme satisfies the semantic security against adaptive chosen keyword attack and can protect the privacy of users and the security of data.The performance comparison and experimental results show that the scheme has certain optimizations in security index generation,search token generation,retrieval efficiency and transaction quantity,so it is more suitable for one-to-many search scenarios such as smart medical.

Liang Yan,Lina Ge,Zhe Wang,Guifen Zhang,Jingya Xu,Zheng Hu

DOI: https://doi.org/10.1186/s13677-023-00444-4

2023-04-19

Journal of Cloud Computing

Abstract:With the rapid development of cloud computing technology, how to achieve secure access to cloud data has become a current research hotspot. Attribute-based encryption technology provides the feasibility to achieve the above goal. However, most of the existing solutions have high computational and trust costs. Furthermore, the fairness of access authorization and the security of data search can be difficult to guarantee. To address these issues, we propose a novel access control scheme based on blockchain and attribute-based searchable encryption in cloud environment. The proposed scheme achieves fine-grained access control with low computation consumption by implementing proxy encryption and decryption, while supporting policy hiding and attribute revocation. The encrypted file is stored in the IPFS and the metadata ciphertext is stored on the blockchain, which ensures data integrity and confidentiality. Simultaneously, the scheme enables the secure search of ciphertext keyword in an open and transparent blockchain environment. Additionally, an audit contract is designed to constrain user access behavior to dynamically manage access authorization. Security analysis proves that our scheme is resistant to chosen-plaintext attacks and keyword-guessing attacks. Theoretical analysis and experimental results show that our scheme has high computational and storage efficiency, which is more advantageous than other schemes.

Xu Ma,Chen Wang,Xiaofeng Chen

DOI: https://doi.org/10.1016/j.csi.2021.103543

2021-10-01

Abstract:<p>Along with the progress of cloud service, a growing quantity of data owners store their data on cloud databases, which can not only reduce data owners' storage cost but also provide a quick search function. However, while cloud storage brings some conveniences to users, new privacy problems may emerge, such as the leakage of data privacy and user's query privacy. The best way of protecting data privacy is to encrypt the data. So how to efficiently retrieve the ciphertext to make it available becomes a hot issue in recent years. In this paper, new searchable encryption with multiple keywords is described, it can improve the accuracy of retrieval results, and we present a secure and trusted data sharing framework based on attribute-based encryption (ABE), searchable encryption, and blockchain. Unlike the previous studies, we realize flexible data sharing by using ABE. Furthermore, we transfer the related calculation of ciphertext retrieval to blockchain for credible execution without relying on any trusted third party. The security analysis proves that our method meets the proposed security requirements of data, keyword index, trapdoor, and query. Finally, the experimental results indicate that our scheme suggested has certain practicability and efficiency.</p>

computer science, software engineering, hardware & architecture

Zhong Kang,Maoning Wang

DOI: https://doi.org/10.1109/csp58884.2023.00037

2023-01-01

Abstract:Cloud storage attracts more and more individuals and enterprises to outsource and store data on cloud servers due to its advantages of high efficiency, speed, low economic cost and on-demand access. Due to privacy requirements, data files need to be uploaded after being encrypted. Current searchable encryption technology enables retrieval of encrypted data, but lacks verification of searched results. In response to the above problem, this paper proposes a new searchable encryption scheme based on blockchain, which supports multi-keyword ranked search together with verification of searched results. Concretely, the scheme first encrypts the data and uploads it to the cloud server, then builds the index via blockchain. By calling the smart contracts to execute the search algorithm, the search result is returned to the user and the hash value is verified, which ensures the integrity and accuracy of the searched result. Secondly, by combining the vector space model and BM25 model to construct the index and query of encrypted data, the ranked search for multiple keywords is realized, in which the keyword balanced binary tree index is established to improve the retrieval efficiency. Experimental results show that the improved scheme has higher search accuracy while ensuring retrieval efficiency.

Tao Feng,Hongmei Pei,Rong Ma,Youliang Tian,Xiaoqin Feng

DOI: https://doi.org/10.32604/cmc.2020.012146

2020-01-01

Abstract:Data privacy is important to the security of our society, and enabling authorized users to query this data efficiently is facing more challenge. Recently, blockchain has gained extensive attention with its prominent characteristics as public, distributed, decentration and chronological characteristics. However, the transaction information on the blockchain is open to all nodes, the transaction information update operation is even more transparent. And the leakage of transaction information will cause huge losses to the transaction party. In response to these problems, this paper combines hierarchical attribute encryption with linear secret sharing, and proposes a blockchain data privacy protection control scheme based on searchable attribute encryption, which solves the privacy exposure problem in traditional blockchain transactions. The user's access control is implemented by the verification nodes, which avoids the security risks of submitting private keys and access structures to the blockchain network. Associating the private key component with the random identity of the user node in the blockchain can solve the collusion problem. In addition, authorized users can quickly search and supervise transaction information through searchable encryption. The improved algorithm ensures the security of keywords. Finally, based on the DBDH hypothesis, the security of the scheme is proved in the random prediction model.

Shengshan Hu,Chengjun Cai,Qian Wang,Cong Wang,Xiangyang Luo,Kaili Ren

DOI: https://doi.org/10.1109/infocom.2018.8485890

2018-01-01

Abstract:Enabling search directly over encrypted data is a desirable technique to allow users to effectively utilize encrypted data outsourced to a remote server like cloud service provider. So far, most existing solutions focus on an honest-but-curious server, while security designs against a malicious server have not drawn enough attention. It is not until recently that a few works address the issue of verifiable designs that enable the data owner to verify the integrity of search results. Unfortunately, these verification mechanisms are highly dependent on the specific encrypted search index structures, and fail to support complex queries. There is a lack of a general verification mechanism that can be applied to all search schemes. Moreover, no effective countermeasures (e.g., punishing the cheater) are available when an unfaithful server is detected. In this work, we explore the potential of smart contract in Ethereum, an emerging blockchain-based decentralized technology that provides a new paradigm for trusted and transparent computing. By replacing the central server with a carefully-designed smart contract, we construct a decentralized privacy-preserving search scheme where the data owner can receive correct search results with assurance and without worrying about potential wrongdoings of a malicious server. To better support practical applications, we introduce fairness to our scheme by designing a new smart contract for a financially-fair search construction, in which every participant (especially in the multiuser setting) is treated equally and incentivized to conform to correct computations. In this way, an honest party can always gain what he deserves while a malicious one gets nothing. Finally, we implement a prototype of our construction and deploy it to a locally simulated network and an official Ethereum test network, respectively. The extensive experiments and evaluations demonstrate the practicability of our decentralized search scheme over encrypted data.

Hongao Zhang,Zhen Yang,Haiyang Yu

DOI: https://doi.org/10.1109/ic-nidc54101.2021.9660565

2021-01-01

Abstract:With the development of cloud computing, a growing number of users use the cloud to store their sensitive data. To protect privacy, users often encrypt their data before outsourcing. Searchable Symmetric Encryption (SSE) enables users to retrieve their encrypted data. Most prior SSE schemes did not focus on malicious servers, and users could not confirm the correctness of the search results. Blockchain-based SSE schemes show the potential to solve this problem. However, the expensive nature of storage overhead on the blockchain presents an obstacle to the implementation of these schemes. In this paper, we propose a lightweight blockchain-based searchable symmetric encryption scheme that reduces the space cost in the scheme by improving the data structure of the encrypted index and ensuring efficient data retrieval. Experiment results demonstrate the practicability of our scheme.

WanFen Guo,XiaoLei Dong,ZhenFu Cao,JiaChen Shen

DOI: https://doi.org/10.1088/1742-6596/1087/5/052001

2018-01-01

Journal of Physics Conference Series

Abstract:Cloud service is very popular for its computing and storage capacity at lower cost. More and more data are being moved to the cloud to reduce storage cost. On the other hand, since the cloud is not fully trustable, in order to protect data privacy against third-parties and even the cloud server, they are usually encrypted by cryptology technology before uploading. However, many operations, such as searching, are hard to perform on encrypted data. To solve this problem, searchable encryption has emerged. Searchable encryption in multi-user setting is much less efficient than in single-user setting. In order to address this problem, we propose a multi-owner to multi-user searchable encryption scheme based on attribute-based encryption. Our scheme keeps data secure in the cloud even against the cloud server. It allows users with appropriate authorizations to perform search operations on encrypted data. In addition, search tokens are generated by users instead of data owners. We prove that token privacy and index privacy are well protected in our scheme. The cloud server and illegimate users are not able to get any useful information about search tokens and ciphertexts. Ciphertexts of our scheme are constant-size, which reduce the time-complexity and bandwidth overhead of our scheme.

Mi Song,Shufen Niu,Lizhi Fang

DOI: https://doi.org/10.1109/cecit53797.2021.00012

2021-12-01

Abstract:To ensure that multiple data users can access the data and realize the dynamic change of user authority, this paper proposes a ciphertext updatable attribute-based searchable encryption scheme based on blockchain. Combine the blockchain with the cloud server, keyword ciphertext is stored on the blockchain, symmetric key ciphertext and data ciphertext are stored on the cloud server. When the data user wants to change the access policy or revoke the access rights of some users, this scheme uses the proxy re-encryption technology to realize attribute revocation and ciphertext update of the data requester. At the same time, the access policy is hidden, which realizes the user&#x27;s privacy protection. The security analysis shows that our scheme is safe and effective. In addition, the performance analysis shows that the proposed scheme is efficient and feasible.

Yuling Huang,Chuang Ma,Guangxia Xu

DOI: https://doi.org/10.1109/CloudNet59005.2023.10490083

2023-11-01

Abstract:With the rapid development of the internet economy, blockchain has emerged as one of the leading methods for data sharing. However, due to the high value and sensitivity of data assets, electronic data sharing faces challenges such as access control and privacy leakage. Traditional encryption schemes based on attributes have been ineffective in addressing these problems and still suffer from security vulnerabilities. In this paper, we propose a decentralized data sharing framework that combines keyword-searchable attributes encryption with proxy re-encryption using blockchain technology and Interplanetary File Systems. This framework offers high flexibility and efficiency by addressing the issues of a single point of failure and privacy leaks. We provide comprehensive and rigorous proofs of security and efficiency for our scheme, considering security proof and storage overhead. The simulation results demonstrate that our scheme satisfies the requirements for ciphertext and keyword security and is capable of resisting collusive attacks. Furthermore, our proposed scheme exhibits higher computational efficiency and better feasibility compared to existing schemes.

Computer Science

Chen Yan,Fuyuan Hu,Jing Chen,Weizhong Lu,Hongjie Wu,Luping Wang

DOI: https://doi.org/10.1109/ICDMW60847.2023.00096

2023-12-04

Abstract:In the field of smart healthcare, data security and privacy protection are of paramount importance. However, within this context, we are confronted with a crucial question: how can we enable multiple users to simultaneously access online data while safeguarding their privacy? To address this issue, this paper introduces a blockchain-based attribute-based searchable encryption scheme, along with the HBC (Healthcare Blockchain Cipher) encryption algorithm. This scheme enables multiple users to simultaneously access online data while safeguarding their privacy through encrypted search functionality. Furthermore, we integrates tamper-resistant blockchain technology into the system, to address the potential threats to data integrity and correctness when storing data on semi-trusted cloud servers. Additionally, we consider use attribute encryption for access control, to prevent malicious attackers from obtaining sensitive information through access patterns. The scheme also supports attribute revocation to prevent unauthorized access by former system users. Lastly, we provide detailed security and efficiency analysis, the results show that our scheme are security and efficiency.

Medicine,Computer Science

Duo Zhang,Shangping Wang,Qian Zhang,Yaling Zhang

DOI: https://doi.org/10.1109/tsc.2023.3311877

IF: 11.019

2023-01-01

IEEE Transactions on Services Computing

Abstract:Cloud computing has brought great convenience to data storage and resource sharing, however, there are still concerns about data security and service quality. Attribute-based encryption (ABE) and searchable encryption (SE) are always adopted to achieve data access authorization and data retrieval on encrypted data in data sharing, respectively. But more efficient and accurate methods have been always pursued. Moreover, the spoofing attacks is another important aspect that raises concerns, especially when it comes to reliability of search results and online payments. Blockchain, an emerging technology that can be used to solve the problem of trust, has shown great application potential in finance and data sharing. Based on blockchain, we propose an attribute-based conjunctive keyword search (ABCKS) scheme with verifiability and fairness. In this paper, data privacy-preserving, fine-grained access control, and multi-keywords search can be supported simultaneously. Blockchain and smart contract are employed to facilitate the search result verification process and ensure fair payment in the trustless case. Furthermore, we reduce the user&#x27;s decryption load to a constant level by performing partial decryption on the cloud side. Finally, the results of the performance evaluation indicate that our scheme has higher efficiency and security.

computer science, information systems, software engineering

Zhigang Xu,Shiguang Zhang,Hongmu Han,Xinhua Dong,Zhiqiang Zheng,Haitao Wang,Wenlong Tian

DOI: https://doi.org/10.1155/2022/2410455

IF: 1.968

2022-10-01

Security and Communication Networks

Abstract:In the Internet of Things (IoT), data sharing security is important to social security. It is a huge challenge to enable more accurate and secure access to data by authorized users. Blockchain access control schemes are mostly one-way access control, which cannot meet the need for ciphertext search, two-way confirmation of users and data, and secure data transmission. Thus, this paper proposes a blockchain-aided searchable encryption-based two-way attribute access control scheme (STW-ABE). The scheme combines ciphertext attribute access control, key attribute access control, and ciphertext search. In particular, two-way access control meets the requirement of mutual confirmation between users and data. The ciphertext search avoids information leakage during transmission, thus improving overall efficiency and security during data sharing. Moreover, user keys are generated by the coalition blockchain. Besides, the ciphertext search and pre-decryption are outsourced to cloud servers, reducing the computing pressure on users and adapting to the needs of lightweight users in the IoT. Security analysis proves that our scheme is secure under a chosen-plaintext attack and a chosen keyword attack. Simulations show that the cost of encryption and decryption, keyword token generation, and ciphertext search of our scheme are preferable.

computer science, information systems,telecommunications

Zhen Yang,Hongao Zhang,Haiyang Yu,Zheng Li,Bocheng Zhu,Richard O. Sinnott

DOI: https://doi.org/10.32604/cmes.2021.015210

2021-01-01

Computer Modeling in Engineering & Sciences

Abstract:To address privacy concerns, data in the blockchain should be encrypted in advance to avoid data access from all users in the blockchain. However, encrypted data cannot be directly retrieved, which hinders data sharing in the blockchain. Several works have been proposed to deal with this problem. However, the data retrieval in these schemes requires the participation of data owners and lacks finer-grained access control. In this paper, we propose an attribute-based keyword search scheme over the encrypted blockchain, which allows users to search encrypted files over the blockchain based on their attributes. In addition, we build a file chain structure to improve the efficiency of searching files with the same keyword. Security analysis proves the security of the proposed scheme. Theoretical analysis and experimental results in performance evaluation show that our scheme is feasible and efficient.

Zhirun Lin,Yang,Yonghua Zhan,Jiayin Li,Chen Dong

DOI: https://doi.org/10.1145/3638782.3638798

2024-01-01

Abstract:In today’s society, an increasing number of users and enterprises encrypt substantial amounts of data, including spatial text data, and outsource it to cloud servers. However, efficiently and securely querying encrypted spatial text data remains a pressing issue. In this article, we propose a blockchain-based searchable encryption scheme for spatial text data. Users encrypt documents using methods such as order-preserving encryption and upload them to the blockchain for on-chain storage. The cloud server can only retrieve information stored within the blocks, facilitating keyword and coordinate comparisons. To enhance query speed, we introduce a sliding window that allows the server to quickly skip through non-matching blocks. Finally, through experiments and comparisons, this paper demonstrates that the proposed scheme excels in query efficiency and computational overhead, proving its superiority and feasibility compared to other solutions.

J. Monisha Privthy Jeba,K. Vivekrabinson,B. Shanmuga Raja,N. Sundareswaran,M. Vijay

DOI: https://doi.org/10.1504/ijahuc.2024.137598

2024-03-29

International Journal of Ad Hoc and Ubiquitous Computing

Abstract:Searchable encryption is a method which permits cloud servers to recover consumers' requested data even when the contents are encrypted. However, many current searchable encryption algorithms only offer single keyword recovery and are subject to keyword guessing attacks. This work presents a blockchain-based multi-keyword searchable encryption technique based on a certificateless approach. Further, we employ attribute-based encryption to protect sensitive information and a certificateless cryptosystem to encode keywords. The encrypted files are uploaded to the cloud, whereas the encoded keyword indexes are kept on the blockchain, assuring the encrypted indexes' tamper resistance. Our approach also supports multi-keyword search over encrypted data. We created a fair payment smart contract to support the exchange of service costs with the owner of the information and the cloud service provider in the event of successful search results. The study reveals that our technique outperforms other related techniques in terms of computing efficiency.

computer science, information systems,telecommunications

Shunrong Jiang,Jianqing Liu,Liangmin Wang,Seong-Moo Yoo

DOI: https://doi.org/10.1109/icc.2019.8761146

2019-01-01

Abstract:Outsourcing storage and computation to clouds is popular but also raises security concerns. Most existing solutions mainly focus on an honest-but-curious cloud server, while security designs against a malicious server have not drawn enough attention. Although there are a few works addressing the issue of verifiable designs that enable the data owner to verify the integrity of search results. Unfortunately, these verification schemes are not efficient and or applicable from one scenario to another. Motivated by this, in this paper, we propose a publicly verifiable search framework for outsourced encrypted data based on blockchain. In our framework, we store the encrypted index in a decentralized blockchain (Ethereum) while outsourcing the corresponding encrypted data to the cloud or Interplanetary File System (IPFS). Thus, once a user is authorized, he/she can get the query results and check the query integrity efficiently by the designed smart contract anytime without data owner being online. Besides, to guarantee the privacy of the data user in the Ethereum, we construct a stealth authorization scheme to achieve access authorization delivery. The security analysis and performance evaluation show that the proposed scheme is secure and practical for verification of encrypted data.

Huige Li,Fangguo Zhang,Jiejie He,Haibo Tian

DOI: https://doi.org/10.48550/arXiv.1711.01030

2017-11-03

Cryptography and Security

Abstract:At present, the cloud storage used in searchable symmetric encryption schemes (SSE) is provided in a private way, which cannot be seen as a true cloud. Moreover, the cloud server is thought to be credible, because it always returns the search result to the user, even they are not correct. In order to really resist this malicious adversary and accelerate the usage of the data, it is necessary to store the data on a public chain, which can be seen as a decentralized system. As the increasing amount of the data, the search problem becomes more and more intractable, because there does not exist any effective solution at present. In this paper, we begin by pointing out the importance of storing the data in a public chain. We then innovatively construct a model of SSE using blockchain(SSE-using-BC) and give its security definition to ensure the privacy of the data and improve the search efficiency. According to the size of data, we consider two different cases and propose two corresponding schemes. Lastly, the security and performance analyses show that our scheme is feasible and secure.

Hancheng Gao,Haiping Huang,Lingyan Xue,Fu Xiao,Qi Li

DOI: https://doi.org/10.1109/jiot.2023.3279893

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:The integration of Internet of Things (IoT) with cloud-edge computing in cyber-physical systems has revolutionized the way healthcare enterprises manage electronic health records (EHRs). With more healthcare enterprises outsourcing encrypted EHRs to the cloud, searchable encryption is utilized to retrieve encrypted data, especially attribute-based searchable encryption (ABSE) can achieve fine-grained access control. However, ABSE usually requires a lot of computation, which imposes a serious burden on resource-limited devices. Moreover, ensuring fairness in data access is crucial in the healthcare domain, where both data users and owners may have conflicting interests. In order to overcome these problems, this paper proposes a searchable encryption scheme with fine-grained access control for cloud-based EHRs sharing assisted by blockchain. It transfers computing tasks to edge servers and enables users to control who has access to their EHRs. The adoption of blockchain and smart contracts guarantees data integrity and transaction fairness. Moreover, a consensus algorithm is designed for the higher efficiency of the proposed scheme. Finally, security analysis proves the proposed scheme resists adaptive chosen keyword attacks (CKA). Performance analysis further confirms it has more functionalities and is efficient for smart healthcare.

computer science, information systems,telecommunications,engineering, electrical & electronic