Abstract
The demand for cloud storage services continuously increases putting at risk the privacy of the outsourced data. Data encryption is the obvious solution, a well-studied and mature technology. However, it does not support search queries on encrypted data and the server cannot process the outsourced data in their protected form. To counteract this problem, several cryptographic solutions have been proposed, like (fully) homomorphic encryption, multi-party computation, and property preserving encryption. However, all these technologies are either impractical or weak. One of the most promising cryptographic techniques for searching encrypted data is searchable symmetric encryption (SSE). SSE schemes offer a nice trade-off between security and efficiency. Since 2000 and the introduction of SSE from as reported by Song et al. (in: Proceedings of the IEEE computer society symposium on research in security and privacy, 2000), most of the research has been concentrated on schemes that support single keyword queries. In this paper, we investigate the much less explored area of range queries SSE. More precisely, we present a way to leverage inverse index computed for single keyword to compute range queries. This is a nice theoretical result that has its own interest. We also introduce a SSE scheme that supports both single keyword and range queries, building on the new inverted index. Our SSE scheme offers oblivious memory accesses, and it can be used in key-value databases. We prove the scheme’s security and we evaluate its performance, both in theory and in practice.
Similar content being viewed by others
References
Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In Proceedings of the ACM SIGMOD International Conference on Management of Data, pp. 563–574, 2004
Boldyreva, A., Chenette, N., Lee, Y., O’Neill, A.: Order-preserving symmetric encryption. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 5479 LNCS, pp. 224–241, 2009
Boldyreva, A., Chenette, N., O’Neill, A.: Order-preserving encryption revisited: improved security analysis and alternative solutions. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 6841 LNCS, pp. 578–595, 2011
Bost, R.: \(\Sigma \)o\(\phi \)o\(\zeta \)—Forward secure searchable encryption. In Proceedings of the ACM Conference on Computer and Communications Security, volume 24–28-October-2016, pp. 1143–1154, 2016
Cash, D., Jaeger, J., Jarecki, S., Jutla, C., Krawczyk, H., Roşu, M.-C., Steiner, M.: Dynamic searchable encryption in very-large databases: data structures and implementation. NDSS 14, 23–26 (2014)
Cash, D., Jarecki, S., Jutla, C., Krawczyk, H., Roşu, M. C., Steiner, M.: Highly-scalable searchable symmetric encryption with support for Boolean queries. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 8042 LNCS, pp. 353–373, 2013
Chase, M., Kamara, S.: Structured encryption and controlled disclosure. Proc. Adv. Cryptol. ASIACRYPT 2010, 577–594 (2010)
Chen, H., Chillotti, I., Ren, L.: Onion ring oram: efficient constant bandwidth oblivious RAM from (leveled) TFHE. In Proceedings of the ACM Conference on Computer and Communications Security, pp. 345–360, 2019
Curtmola, R., Garay, J., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. J. Comput. Secur. 19(5), 895–934 (2011)
De Donno, M., Giaretta, A., Dragoni, N., Bucchiarone, A., Mazzara, M.: Cyber-storms come from clouds: security of cloud computing in the IoT era. Future Internet 11(6), 127 (2019)
Deep, S., Zheng, X., Jolfaei, A., Yu, D., Ostovari, P., Bashir, A. K.: A survey of security and privacy issues in the Internet of Things from the layered context. Transactions on Emerging Telecommunications Technologies, 2020
Demertzis, I., Papadopoulos, D., Papamanthou, C., Shintre, S.: SEAL: attack mitigation for encrypted databases via adjustable leakage. In Proceedings of the 29th USENIX Security Symposium, pp. 2433–2450, 2020
Demertzis, I., Papadopoulos, S., Papapetrou, O., Deligiannakis, A., Garofalakis, M., Papamanthou, C.: Practical private range search in depth. ACM Trans. Database Syst. 43(1), 1–52 (2018)
Devadas, S., van Dijk, M., Fletcher, C.W., Ren, L., Shi, E., Wichs, D.: Onion ORAM: a constant bandwidth blowup oblivious RAM. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 9563, 145–174 (2016)
Gentry, C.: A Fully Homomorphic Encryption Scheme. PhD thesis, 2009
Goldreich, O.: Towards a theory of software protection and simulation by oblivious RAMs. In Conference Proceedings of the Annual ACM Symposium on Theory of Computing, pp. 182–194, 1987
Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious RAMs. J. ACM 43(3), 431–473 (1996)
Kamara, S., Moataz, T.: Boolean searchable symmetric encryption with worst-case sub-linear complexity. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10212 LNCS, pp. 94–124, 2017
Kamara, S., Papamanthou, C.: Parallel and dynamic searchable symmetric encryption. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 7859 LNCS, pp. 258–274, 2013
Kamara, S., Papamanthou, C., Roeder, T.: Dynamic searchable symmetric encryption. In Proceedings of the ACM Conference on Computer and Communications Security, pp. 965–976, 2012
Lindell, Y.: Secure multiparty computation. Commun. ACM 64(1), 86–96 (2021)
Loh, R., Zuo, C., Liu, J. K., Sun, S.-F.: A multi-client dsse scheme supporting range queries. In International Conference on Information Security and Cryptology, vol. 11449, pp. 289–307, 2018
Modi, C., Patel, D., Borisaniya, B., Patel, A., Rajarajan, M.: A survey on security issues and solutions at different layers of Cloud computing. J. Supercomput. 63(2), 561–592 (2013)
Naveed, M., Kamara, S., Wright, C. V.: Inference attacks on property-preserving encrypted databases. In Proceedings of the ACM Conference on Computer and Communications Security, volume 2015-October, pp. 644–655, 2015
Poddar, R., Raluca, T. B., Popa, A.: Arx: a strongly encrypted database system. IACR Cryptology ePrint Archive, 2016:591, 2016
Popa, R. A., Redfield, C. M. S., Zeldovich, N., Balakrishnan, H.: CryptDB: protecting confidentiality with encrypted query processing. In SOSP’11—Proceedings of the 23rd ACM Symposium on Operating Systems Principles, pp. 85–100, 2011
Rizomiliotis, P., Gritzalis, S.: ORAM based forward privacy preserving dynamic searchable symmetric encryption schemes. In CCSW 2015—Proceedings of the 7th ACM Cloud Computing Security Workshop, co-located with: CCS 2015, pp. 65–76, 2015
Rizomiliotis, P., Molla, E., Gritzalis, S.: REX: a searchable symmetric encryption scheme supporting range queries. In CCSW 2017—Proceedings of the 2017 Cloud Computing Security Workshop, co-located with CCS 2017, pp. 29–37, 2017
Song, D. X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy, pp. 44–55, 2000
Stefanov, E., Papamanthou, C., Shi, E.: Practical dynamic searchable encryption with small leakage. In NDSS, pp. 72–75, 2014
Stefanov, E., Dijk, M. Van, Shi, E., Fletcher, C., Ren, L., Yu, X., Devadas, S.: Path ORAM: an extremely simple oblivious RAM protocol. In Proceedings of the ACM Conference on Computer and Communications Security, pp. 299–310, 2013
Wang, X., Chan, H., Shi, E.: Circuit oram: on tightness of the goldreich-ostrovsky lower bound. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS ’15, pp. 850–861, 2015
Wang, Y., Sun, S.-F., Wang, J., Liu, J. K., Chen, X.: Achieving Searchable Encryption Scheme with Search Pattern Hidden. IEEE Transactions on Services Computing, p. 1, 2020
Xiao, L., Ling Yen, I.: Security analysis for order preserving encryption schemes. In 2012 46th Annual Conference on Information Sciences and Systems, CISS 2012, pp. 1–6, 2012
Zuo, C., Macindoe, J., Yang, S., Steinfeld, R., Liu, J. K.: Trusted boolean search on cloud using searchable symmetric encryption. In 2016 IEEE Trustcom/BigDataSE/ISPA, pp. 113–120, 2016
Zuo, C., Sun, S. F., Liu, J. K., Shao, J., Pieprzyk, J.: Dynamic searchable symmetric encryption schemes supporting range queries with forward (and backward) security. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11099 LNCS, pp. 228–246, 2018
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Molla, E., Rizomiliotis, P. & Gritzalis, S. Efficient searchable symmetric encryption supporting range queries. Int. J. Inf. Secur. 22, 785–798 (2023). https://doi.org/10.1007/s10207-023-00667-1
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-023-00667-1