A New Secure and Lightweight Searchable Encryption Scheme over Encrypted Cloud Data (original) (raw)
Related papers
Secure Inverted Index Based Search over Encrypted Cloud Data with User Access Rights Management
Journal of Computer Science and Technology, 2019
Cloud computing is a technology that provides users with a large storage space and an enormous computing power. However, the outsourced data are often sensitive and confidential, and hence must be encrypted before being outsourced. Consequently, classical search approaches have become obsolete and new approaches that are compatible with encrypted data have become a necessity. For privacy reasons, most of these approaches are based on the vector model which is a time consuming process since the entire index must be loaded and exploited during the search process given that the query vector must be compared with each document vector. To solve this problem, we propose a new method for constructing a secure inverted index using two key techniques, homomorphic encryption and the dummy documents technique. However, 1) homomorphic encryption generates very large ciphertexts which are thousands of times larger than their corresponding plaintexts, and 2) the dummy documents technique that enhances the index security produces lots of false positives in the search results. The proposed approach exploits the advantages of these two techniques by proposing two methods called the compressed table of encrypted scores and the double score formula. Moreover, we exploit a second secure inverted index in order to manage the users' access rights to the data. Finally, in order to validate our approach, we performed an experimental study using a data collection of one million documents. The experiments show that our approach is many times faster than any other approach based on the vector model.
Searchable Encryption: A Review
International Journal of Security and Its Applications
Cloud computing is one of the most important technologies which supports reliability, scalability, ease of deployment and cost-efficient to business growth. Despite its benefits, cloud computing still has open and remain challenges on ensuring confidentiality, integrity, and availability (CIA) of sensitive data located on it. As a solution, the data is encrypted before sending to the cloud. However, the normal searching mechanism could not get through the encrypted data. In this paper, Searchable Encryption (SE) techniques which allow accessing data on encrypted cloud were reviewed. Nine SE techniques were presented with different issues and challenges on achieving secrecy and efficiency of SE. Four factors with their characteristics of SE were also identified for novice reader as a guidance of their future works.
A parallelized disjunctive query based searchable encryption scheme for big data
Future Generation Computer Systems
Searchable Encryption (SE) allows a client to search over large amounts of encrypted data outsourced to the Cloud. Although, this helps to maintain the confidentiality of the outsourced data but achieving privacy is a difficult and resource intensive task. With the increase in the query effectiveness, i.e., by shifting from single keyword SE to multikeyword SE there is a notable drop in the efficiency. This motivates to make use of the advances in the multi-core architectures and multiple threads where the search can be delegated across different threads to perform search in a parallel fashion. The proposed scheme is based on probabilistic trapdoors that are formed by making use of the property of modular inverses. The use of probabilistic trapdoors helps resist distinguishability attacks. The rigorous security analysis helps us to appreciate the advantage of having a probabilistic trapdoor. Furthermore, to validate the performance of the proposed scheme, it is implemented and deployed onto the British Telecommunication's Public Cloud offering and tested over a real speech corpus. The implementation is also extended to anticipate the performance gain by using the multi-core architecture that helps to maintain the lightweight property of the scheme.
Secure Data Sharing In Distributed Cloud Storage Using A Novel Searchable Encryption
International Journal of Research, 2017
Cloud computing is cutting-edge technology greatly serving consumer oriented applications. It has the abilities of sharing selective encrypted knowledge by way of public cloud storage with a couple of customers which may alleviate protection over unintended information leaks in the cloud. Efficient key management is fundamental in encryption schemes. For sharing various records with one-of-a-kind organizations in cloud, separate encryption keys are required. Protection is required by way of owner to distribute large number of keys for encryption and shopping, and with the aid of users to store received keys. Users ought to put up equal number of trapdoors to the cloud for search operation. In such case elements of security, storage and complexity are required at its best performance. In this paper we addressed the quandary of comfy information sharing method in cloud storage and studied special searchable encryption systems with multi-user and multi-key schemes with aggregation of a...
Searchable Symmetric Encryption for Restricted Search
Journal of Communications Software and Systems, 2018
The proliferation of cloud computing highlights the importance of techniques that permit both secure storage of sensitive data and flexible data management at the same time. One line of research with this double motivation is the study of Searchable Symmetric Encryption (SSE) that has provided several outstanding results in the recent years. These solutions achieve sublinear keyword search in huge databases by using various data structures to store keywords and document identifiers. In this work, we focus on certain scenarios in which search over the whole database is not necessary and show that the otherwise inefficient sequential scan (in linear time) can be very practical. This is due to the fact that adding new entries to the database comes for free in this case while updating a complex data structure without information leakage is rather complicated. To demonstrate the practicality of our approach we build a simple SSE scheme based on bilinear pairings and prove its security against adaptive chosen-keyword attacks in the standard model under the widely used Symmetric eXternal Diffie-Hellman (SXDH) assumption.
Se-PKSE: Secure Public-Key Searchable Encryption for Cloud-Assisted Lightweight Platforms
2021
Since more and more data from lightweight platforms like IoT devices are being outsourced to the cloud, the need to ensure privacy while retaining data usability is important. Encrypting documents before uploading to the cloud, ensures privacy but reduces data usability. Searchable encryption, specially public-key searchable encryption (PKSE), allows secure keyword search in the cloud over encrypted documents uploaded from IoT devices. However, most existing PKSE schemes focus on returning all the files that match the queried keyword, which is not practical. To achieve a secure, practical, and efficient keyword search, we design a dynamic ranked PKSE framework over encrypted cloud data named \textit{Secure Public-Key Searchable Encryption} (Se-PKSE). We leverage a partially homomorphically encrypted index tree structure that provides sub-linear ranked search capability and allows dynamic insertion/deletion of documents without the owner storing any document details. An interactive s...
A PARALLEL AND FORWARD PRIVATE SEARCHABLE PUBLIC KEY ENCRYPTION FOR CLOUD BASED DATA SHARING
With the advancement of cloud computing technologies, data exchange over the cloud is becoming more common. New technology bring new security concerns, particularly when it comes to data privacy in cloud-based sharing services. One of the finest way for balancing data privacy and usability is searchable encryption. Due to the lack of some essential features such as parallel search and forward security, most existing searchable encryption systems do not match the requirements for both high search capacity and robust security at the same time. To address this issue, we propose parallel and forward private searchable public-key encryption as a variation searchable encryption with parallel and forward privacy (PFP-SPE). At the tradeoff of slightly increased storage costs, the PFP-SPE system accomplishes both parallelism and forward privacy. PFP-SPE provides a similar search functionality to various other programmes.
A Multi-User Searchable Encryption Scheme with Constant-Size Keys
International Journal of Computer & Software Engineering, 2018
Cloud storage is widely adopted nowadays. Considering about the data leakage issue, people encrypted the data before uploading them to cloud server. However, due to the loss of data's original properties, it is hard to search the encrypted data directly. To solve this problem, searchable encryption scheme has been proposed to search the data stored on Cloud server in the ciphertext domain. To enhance the searchable encryption scheme's practicability, we propose a scheme, which has constant-size keys, to decrease the corresponding storage requirement. In this work, we also provide efficient mechanisms for the participation and revocation of a user. Therefore, it can be easily applied to storage systems of a University or a cooperate user. More importantly, it is our belief that our work provides a useful function for dealing with the mandating enforcement of General Data Protection Regulation (GDPR). Finally, a prototype based on the proposed scheme has been built to verify the feasibility of our work.
Search in Encrypted Data: Theoretical Models and Practical Applications
Recently, the concept of Search in Encrypted Data (SED) has become a highlight in cryptography. A SED scheme enables a client to have third-party server(s) to perform certain search functionalities on his encrypted data. In this book chapter, we aim at conducting a systematic study on SED schemes. Firstly, we describe three application scenarios and identify the desirable security requirements. Secondly, we provide two orthogonal categorizations and review the related security models for each category of SED schemes. Thirdly, we analyze the practical issues related to SED schemes and identify some future research directions.