Abstract
Searchable Symmetric Encryption (SSE) allows a server to perform search directly over encrypted data outsourced by user. Recently, the primitive of forward secure SSE has attracted significant attention due to its favorable property for dynamic data searching. That is, it can prevent the linkability from newly update data to previously searched keyword. However, the server is assumed to be honest-but-curious in the existing work. How to achieve verifiable forward secure SSE in malicious server model remains a challenging problem. In this paper, we propose an efficient verifiable forward secure SSE scheme, which can simultaneously achieve verifiability of search result and forward security property. In particular, we propose a new verifiable data structure based on the primitive of multiset hash functions, which enables efficient verifiable data update by incrementally hash operation. Compared with the state-of-the-art solution, our proposed scheme is superior in search and update efficiency while providing verifiability of search result. Finally, we present a formal security analysis and implement our scheme, which demonstrates that our proposed scheme is equipped with the desired security properties with practical efficiency.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Azraoui, M., Elkhiyaoui, K., Önen, M., Molva, R.: Publicly verifiable conjunctive keyword search in outsourced databases. In: Proceedings of 2015 IEEE Conference on Communications and Network Security, CNS 2015, pp. 619–627. IEEE (2015)
Bost, R.: \(\rm \Sigma \)o\(\varphi \)o\(\varsigma \): forward secure searchable encryption. In: Proceedings of the 2016 ACM Conference on Computer and Communications Security, CCS 2016, pp. 1143–1154. ACM (2016)
Bost, R., Fouque, P., Pointcheval, D.: Verifiable dynamic symmetric searchable encryption: optimality and forward security. IACR Cryptology ePrint Archive 2016, p. 62 (2016). http://eprint.iacr.org/2016/062
Bost, R., Minaud, B., Ohrimenko, O.: Forward and backward private searchable encryption from constrained cryptographic primitives. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, pp. 1465–1482. ACM (2017)
Cash, D., Jarecki, S., Jutla, C., Krawczyk, H., Roşu, M.-C., Steiner, M.: Highly-scalable searchable symmetric encryption with support for Boolean queries. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 353–373. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_20
Chai, Q., Gong, G.: Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers. In: Proceedings of 2012 IEEE International Conference on Communications, ICC 2012, pp. 917–922. IEEE (2012)
Clarke, D., Devadas, S., van Dijk, M., Gassend, B., Suh, G.E.: Incremental multiset hash functions and their application to memory integrity checking. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 188–207. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-40061-5_12
Curtmola, R., Garay, J.A., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. J. Comput. Secur. 19(5), 895–934 (2011)
Dai, W.: Crypto++: A free C++ class library of cryptographic schemes (2019). https://cryptopp.com/. Accessed 10 June 2019
Facebook Inc.: Rocksdb: a persistent key-value store for flash and ram storage (2019). http://rocksdb.org Accessed 10 June 2019
Foundation, W.: Wikimedia downloads (2019). https://dumps.wikimedia.org. Accessed 10 June 2019
Giraud, M., Anzala-Yamajako, A., Bernard, O., Lafourcade, P.: Practical passive leakage-abuse attacks against symmetric searchable encryption. In: Proceedings of the 14th International Joint Conference on e-Business and Telecommunications, pp. 200–211. IEEE (2017)
Goh, E.: Secure indexes. IACR Cryptology ePrint Archive 2003, p. 216 (2003). http://eprint.iacr.org/2003/216
Google, Inc.: GRPC: a high performance, open-source universal RPC framework (2019). http://www.grpc.io/. Accessed 10 June 2019
Hashim, A.: Latest facebook data breach totals over 540 million records found unsecured. https://latesthackingnews.com/2019/04/04/latest-facebook-data-breach-totals-over-540-million-records-found-unsecured/. Accessed 29 Apr 2019
Islam, M.S., Kuzu, M., Kantarcioglu, M.: Access pattern disclosure on searchable encryption: ramification, attack and mitigation. In: Proceedings of the 19th Annual Network and Distributed System Security Symposium. NDSS (2012)
Kamara, S., Papamanthou, C., Roeder, T.: Dynamic searchable symmetric encryption. In: Proceedings of the 19th ACM Conference on Computer and Communications Security, CCS 2012, pp. 965–976. ACM (2012)
Kurosawa, K., Ohtaki, Y.: UC-secure searchable symmetric encryption. In: Proceedings of the 16th International Conference on Financial Cryptography and Data Security, FC 2012, pp. 285–298. IEEE (2012)
Kurosawa, K., Sasaki, K., Ohta, K., Yoneyama, K.: UC-secure dynamic searchable symmetric encryption scheme. In: Proceedings of the 11th International Workshop on Security Advances in Information and Computer Security, IWSEC 2016, pp. 73–90. IEEE (2016)
Ogata, W., Kurosawa, K.: Efficient no-dictionary verifiable searchable symmetric encryption. In: Proceedings of the 21st International Conference on Financial Cryptography and Data Security, FC 2017, pp. 498–516. IEEE (2017)
Song, D.X., Wagner, D.A., Perrig, A.: Practical techniques for searches on encrypted data. In: Proceedings of 2000 IEEE Symposium on Security and Privacy, S&P 2000, pp. 44–55. IEEE (2000)
Song, X., Dong, C., Yuan, D., Xu, Q., Zhao, M.: Forward private searchable symmetric encryption with optimized I/O efficiency. IEEE Trans. Dependable Secur. Comput. (2018). https://doi.org/10.1109/TDSC.2018.2822294
Stefanov, E., Papamanthou, C., Shi, E.: Practical dynamic searchable encryption with small leakage. In: Proceedings of the 21st Annual Network and Distributed System Security Symposium, NDSS (2014)
Sun, S., et al.: Practical backward-secure searchable encryption from symmetric puncturable encryption. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS 2018, pp. 763–780 (2018)
Sun, W., Liu, X., Lou, W., Hou, Y.T., Li, H.: Catch you if you lie to me: efficient verifiable conjunctive keyword search over large dynamic encrypted cloud data. In: Proceedings of 2015 IEEE Conference on Computer Communications, INFOCOM 2015, pp. 2110–2118. IEEE (2015)
Wang, J., Chen, X., Sun, S.-F., Liu, J.K., Au, M.H., Zhan, Z.-H.: Towards efficient verifiable conjunctive keyword search for large encrypted database. In: Lopez, J., Zhou, J., Soriano, M. (eds.) ESORICS 2018. LNCS, vol. 11099, pp. 83–100. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98989-1_5
Zhang, Y., Katz, J., Papamanthou, C.: All your queries are belong to us: the power of file-injection attacks on searchable encryption. In: Proceedings of the 25th Security Symposium, USENIX 2016, pp. 707–720. IEEE (2016)
Zhang, Z.: Implementation of our scheme (2019). https://github.com/zhangzhongjun/VFSSSE. Accessed 10 June 2019
Acknowledgement
This work is supported by National Key Research and Development Program of China (No. 2017YFB0802202), National Natural Science Foundation of China (Nos. 61702401 and 61572382), the Fundamental Research Funds for the Central Universities (XJS17053), National Cryptography Development Fund (No. MMJJ20180110) and China 111 Project (No. B16037).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Zhang, Z., Wang, J., Wang, Y., Su, Y., Chen, X. (2019). Towards Efficient Verifiable Forward Secure Searchable Symmetric Encryption. In: Sako, K., Schneider, S., Ryan, P. (eds) Computer Security – ESORICS 2019. ESORICS 2019. Lecture Notes in Computer Science(), vol 11736. Springer, Cham. https://doi.org/10.1007/978-3-030-29962-0_15
Download citation
DOI: https://doi.org/10.1007/978-3-030-29962-0_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-29961-3
Online ISBN: 978-3-030-29962-0
eBook Packages: Computer ScienceComputer Science (R0)