Abstract
Outsourcing data to the cloud is now a common practice in many organizations to reduce data storage and maintenance costs. Outsourced data is stored in encrypted form over the cloud. Therefore, efficient search techniques are required to perform operations over the encrypted data. The existing solutions provide secure search operations, considering cloud servers as honest-but-curious. However, cloud servers may act malicious and produce inaccurate outcomes to the data users. Thus, a secure and verifiable search technique is required. This work proposes a Blockchain-Assisted Searchable Public key Encryption over outsourced Data (BASPED), using an inverted index. We exploit the potential of blockchain technology for equitable and trusted computing, by deploying a smart contract for secure and verifiable search operations to prevent the cloud server from cheating (intentionally or unintentionally). The most appealing feature of BASPED is that it is non-interactive and achieves both forward and backward privacy. It also resists keyword guessing attacks, chosen keyword attacks, search pattern leakage, and access pattern leakage. We prove the security of our proposed scheme assuming the difficulty of bilinear Diffie-Hellman problem. The proposed scheme is implemented and deployed on the Ethereum test network. Comprehensive evaluation of theory and practice demonstrates the practicability of our decentralized search scheme.
Similar content being viewed by others
Data availability
Not applicable
Code Availability
Not applicable
Notes
The encryption scheme can be AES or any other safe scheme, but the details are not covered in this work.
References
Abdalla, Michel: Bellare, Mihir, Catalano, Dario, Kiltz, Eike, Kohno, Tadayoshi, Lange, Tanja, Malone-Lee, John, Neven, Gregory, Paillier, Pascal, Shi, Haixia: Searchable encryption revisited: consistency properties, relation to anonymous ibe, and extensions. In: Shoup, Victor (ed.) Advances in Cryptology - CRYPTO 2005, pp. 205–222. Berlin Heidelberg, Berlin, Heidelberg, Springer (2005)
Akinyele, Joseph A., Garman, Christina, Miers, Ian, Pagano, Matthew W., Rushanan, Michael, Green, Matthew, Rubin, Aviel D.: Charm: a framework for rapidly prototyping cryptosystems. J. Cryptogr. Eng. 3(2), 111–128 (2013)
Baek, Joonsang, Safavi-Naini, Reihaneh, Susilo, Willy: On the integration of public key data encryption and public key encryption with keyword search. In: International Conference on Information Security – ISC 2006, ISC’06, Berlin, Heidelberg, Springer-Verlag, pp. 217–232 (2006)
Baek, Joonsang, Safavi-Naini, Reihaneh, Susilo, Willy: Public key encryption with keyword search revisited. In: Computational Science and Its Applications – ICCSA 2008, Berlin, Heidelberg, Springer Berlin Heidelberg, pp. 1249–1259 (2008)
Blackstone, Laura, Kamara, Seny, Moataz, Tarik, Revisiting leakage abuse attacks. In: Network and Distributed Systems Security (NDSS) Symposium, pp. 1–18, 2020. San Diego, CA, USA (2020)
Boneh, Dan, Crescenzo, Di.: Giovanni, Ostrovsky, Rafail, Persiano, Giuseppe: Public key encryption with keyword search. In: Cachin, Giuseppe, Camenisch, Jan L. (eds.) Advances in Cryptology - EUROCRYPT 2004, pp. 506–522. Berlin Heidelberg, Berlin, Heidelberg, Springer (2004)
Boneh, Dan: Franklin, Matt: Identity-based encryption from the weil pairing. In: Kilian, Joe (ed.) Advances in Cryptology – CRYPTO 2001, pp. 213–229. Berlin Heidelberg, Berlin, Heidelberg, Springer (2001)
Bost, Raphael: \({\Sigma }{o}{\phi }{o}{\varsigma }\): Forward secure searchable encryption. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS ’16, New York, NY, USA, Association for Computing Machinery, pp. 1143–1154 (2016)
Bost, Raphaël, Minaud, Brice, Ohrimenko, Olga: Forward and backward private searchable encryption from constrained cryptographic primitives. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS ’17, New York, NY, USA, pp. 1465–1482 (2017). Association for Computing Machinery
Cash, David, Grubbs, Paul, Perry, Jason, Ristenpart, Thomas: Leakage-abuse attacks against searchable encryption. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS ’15, New York, NY, USA, ACM, pp. 668–679 (2015)
Chai, Qi, Gong, Guang: Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers. In: 2012 IEEE International Conference on Communications (ICC). IEEE (2012)
Chen, Huashan, Pendleton, Marcus, Njilla, Laurent, Shouhuai, Xu.: A survey on ethereum systems security. ACM Comput. Surv. 53(3), 1–43 (2021)
di Angelo, Monika, Salzer, Gernot: A survey of tools for analyzing ethereum smart contracts. In: 2019 IEEE International Conference on Decentralized Applications and Infrastructures (DAPPCON). IEEE (April 2019)
Galbraith, Steven D., Paterson, Kenneth G., Smart, Nigel P.: Pairings for cryptographers. Discret. Appl. Math. 156(16), 3113–3121 (2008). (Applications of Algebra to Cryptography)
Guo, Lifeng, Yau, Wei-Chuen.: Efficient secure-channel free public key encryption with keyword search for EMRs in cloud storage. J. Med. Syst. 39(2), 1–11 (2015)
Hu, Baishuang, Liu, Qin, Liu, Xuhui, Peng, Tao, Wang, Guojun, Wu, Jie: Dabks: Dynamic attribute-based keyword search in cloud computing. In: 2017 IEEE International Conference on Communications (ICC), pp. 1–6 (2017)
Huang, Qiong: Li, Hongbo: An efficient public-key searchable encryption scheme secure against inside keyword guessing attacks. Inf. Sci. 403–404, 1–14 (2017)
Islam, Mohammad Saiful, Kuzu, Mehmet, Kantarcioglu, Murat, Access pattern disclosure on searchable encryption: Ramification, attack and mitigation. In Network and Distributed Systems Security (NDSS) Symposium,: pp 12–27, p. 2012. San Diego, CA, USA (2012)
Katz, Jonathan, Lindell, Andrew Y.: Aggregate message authentication codes. In: The Cryptopgraphers’ Track at the RSA conference on Topics in Cryptology, CT-RSA’08, Berlin, Heidelberg, Springer-Verlag, pp. 155–169 (2008)
Blockchain-based system for secure outsourcing of bilinear pairings: Lin, Chao, He, Debiao, Huang, Xinyi, Xie, Xiang, Choo, Kim-Kwang Raymond. Inf. Sci. 527, 590–601 (2020)
Yang, Lu.: Li, Jiguo, Wang, Fen: Pairing-free certificate-based searchable encryption supporting privacy-preserving keyword search function for IIoTs. IEEE Trans. Industr. Inf. 17(4), 2696–2706 (2021)
Yang, Lu.: Li, Jiguo, Zhang, Yichen: Secure channel free certificate-based searchable encryption withstanding outside and inside keyword guessing attacks. IEEE Trans. Serv. Comput. 14(6), 2041–2054 (2021)
Miao, Yinbin, Weng, Jian, Liu, Ximeng, Choo, Kim-Kwang Raymond., Liu, Zhiquan, Li, Hongwei: Enabling verifiable multiple keywords search over encrypted cloud data. Inf. Sci. 465, 21–37 (2018)
Nayak, Sanjeet Kumar, Tripathy, Somanath: Privacy preserving provable data possession for cloud based electronic health record system. In: 2016 IEEE Trustcom/BigDataSE/ISPA, pp. 860–867 (2016)
Nayak, Sanjeet Kumar, Tripathy, Somanath: SEMKC: secure and efficient computation over outsourced data encrypted under multiple keys. IEEE Trans. Emerg. Top. Comput. 9(1), 414–428 (2021)
Rhee, Hyun Sook, Park, Jong Hwan, Susilo, Willy, Lee, Dong Hoon: Trapdoor security in a searchable public-key encryption scheme with a designated tester. J. Syst. Softw. 83(5), 763–771 (2010)
Shu, Jiangang, Zou, Xing, Jia, Xiaohua, Zhang, Weizhe, Xie, Ruitao: Blockchain-based decentralized public auditing for cloud storage. IEEE Trans. on Cloud Comput. 10(4), 2366–2380 (2022)
Song, Dawn Xiaoding, Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: Proceeding 2000 IEEE Symposium on Security and Privacy. S P 2000, pp. 44–55 (2000)
Sultan, Nazatul Haque, Kaaniche, Nesrine, Laurent, Maryline, Barbhuiya, Ferdous Ahmed: Authorized keyword search over outsourced encrypted data in cloud environment. IEEE Transactions on Cloud Computing, 1–1 (2019)
Wan, Zhiguo, Deng, Robert H.: VPSearch: Achieving verifiability for privacy-preserving multi-keyword search over encrypted cloud data. IEEE Trans. Dependable Secure Comput. 15(6), 1083–1095 (2018)
Wang, Zeli, Jin, Hai, Dai, Weiqi, Choo, Kim-Kwang Raymond., Zou, Deqing: Ethereum smart contract security research: survey and future research opportunities. Front. of Comput. Sci. 15(2), 1–8 (2020)
Zhang, Jianhong: Mao, Jian: Efficient public key encryption with revocable keyword search in cloud computing. Clust. Comput. 19(3), 1211–1217 (2016)
Acknowledgements
This work is encouraged by the Mathematical Research Impact Centric Support (MATRICS), SERB, under grant MTR/2019/000803.
Funding
Not applicable
Author information
Authors and Affiliations
Contributions
PSC helped in conceptualization, investigation, methodology, experiments, writing. ST and SKN were involved in conceptualization, investigation, methodology, review.
Corresponding author
Ethics declarations
Conflict of interest
Not applicable
Ethical approval
Not applicable
Consent to participate
Not applicable
Consent for publication
Not applicable
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Chakraborty, P.S., Tripathy, S. & Nayak, S.K. BASPED: Blockchain assisted searchable public key encryption over outsourced data. Int. J. Inf. Secur. 23, 487–503 (2024). https://doi.org/10.1007/s10207-023-00753-4
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-023-00753-4