Skip to main content
SpringerLink
Log in

BASPED: Blockchain assisted searchable public key encryption over outsourced data

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Outsourcing data to the cloud is now a common practice in many organizations to reduce data storage and maintenance costs. Outsourced data is stored in encrypted form over the cloud. Therefore, efficient search techniques are required to perform operations over the encrypted data. The existing solutions provide secure search operations, considering cloud servers as honest-but-curious. However, cloud servers may act malicious and produce inaccurate outcomes to the data users. Thus, a secure and verifiable search technique is required. This work proposes a Blockchain-Assisted Searchable Public key Encryption over outsourced Data (BASPED), using an inverted index. We exploit the potential of blockchain technology for equitable and trusted computing, by deploying a smart contract for secure and verifiable search operations to prevent the cloud server from cheating (intentionally or unintentionally). The most appealing feature of BASPED is that it is non-interactive and achieves both forward and backward privacy. It also resists keyword guessing attacks, chosen keyword attacks, search pattern leakage, and access pattern leakage. We prove the security of our proposed scheme assuming the difficulty of bilinear Diffie-Hellman problem. The proposed scheme is implemented and deployed on the Ethereum test network. Comprehensive evaluation of theory and practice demonstrates the practicability of our decentralized search scheme.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Algorithm 1
Fig. 2
Fig. 3
Algorithm 2
Algorithm 3
Algorithm 4
Algorithm 5
Fig. 4

Similar content being viewed by others

Data availability

Not applicable

Code Availability

Not applicable

Notes

  1. The encryption scheme can be AES or any other safe scheme, but the details are not covered in this work.

  2. http://nlp.cs.washington.edu/sciIE/

  3. https://github.com/JHUISI/charm

  4. https://www.finder.com/ethereum-unit-converter

References

  1. Abdalla, Michel: Bellare, Mihir, Catalano, Dario, Kiltz, Eike, Kohno, Tadayoshi, Lange, Tanja, Malone-Lee, John, Neven, Gregory, Paillier, Pascal, Shi, Haixia: Searchable encryption revisited: consistency properties, relation to anonymous ibe, and extensions. In: Shoup, Victor (ed.) Advances in Cryptology - CRYPTO 2005, pp. 205–222. Berlin Heidelberg, Berlin, Heidelberg, Springer (2005)

    Chapter  Google Scholar 

  2. Akinyele, Joseph A., Garman, Christina, Miers, Ian, Pagano, Matthew W., Rushanan, Michael, Green, Matthew, Rubin, Aviel D.: Charm: a framework for rapidly prototyping cryptosystems. J. Cryptogr. Eng. 3(2), 111–128 (2013)

    Article  Google Scholar 

  3. Baek, Joonsang, Safavi-Naini, Reihaneh, Susilo, Willy: On the integration of public key data encryption and public key encryption with keyword search. In: International Conference on Information Security – ISC 2006, ISC’06, Berlin, Heidelberg, Springer-Verlag, pp. 217–232 (2006)

  4. Baek, Joonsang, Safavi-Naini, Reihaneh, Susilo, Willy: Public key encryption with keyword search revisited. In: Computational Science and Its Applications – ICCSA 2008, Berlin, Heidelberg, Springer Berlin Heidelberg, pp. 1249–1259 (2008)

  5. Blackstone, Laura, Kamara, Seny, Moataz, Tarik, Revisiting leakage abuse attacks. In: Network and Distributed Systems Security (NDSS) Symposium, pp. 1–18, 2020. San Diego, CA, USA (2020)

  6. Boneh, Dan, Crescenzo, Di.: Giovanni, Ostrovsky, Rafail, Persiano, Giuseppe: Public key encryption with keyword search. In: Cachin, Giuseppe, Camenisch, Jan L. (eds.) Advances in Cryptology - EUROCRYPT 2004, pp. 506–522. Berlin Heidelberg, Berlin, Heidelberg, Springer (2004)

    Chapter  Google Scholar 

  7. Boneh, Dan: Franklin, Matt: Identity-based encryption from the weil pairing. In: Kilian, Joe (ed.) Advances in Cryptology – CRYPTO 2001, pp. 213–229. Berlin Heidelberg, Berlin, Heidelberg, Springer (2001)

    Chapter  Google Scholar 

  8. Bost, Raphael: \({\Sigma }{o}{\phi }{o}{\varsigma }\): Forward secure searchable encryption. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS ’16, New York, NY, USA, Association for Computing Machinery, pp. 1143–1154 (2016)

  9. Bost, Raphaël, Minaud, Brice, Ohrimenko, Olga: Forward and backward private searchable encryption from constrained cryptographic primitives. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS ’17, New York, NY, USA, pp. 1465–1482 (2017). Association for Computing Machinery

  10. Cash, David, Grubbs, Paul, Perry, Jason, Ristenpart, Thomas: Leakage-abuse attacks against searchable encryption. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS ’15, New York, NY, USA, ACM, pp. 668–679 (2015)

  11. Chai, Qi, Gong, Guang: Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers. In: 2012 IEEE International Conference on Communications (ICC). IEEE (2012)

  12. Chen, Huashan, Pendleton, Marcus, Njilla, Laurent, Shouhuai, Xu.: A survey on ethereum systems security. ACM Comput. Surv. 53(3), 1–43 (2021)

  13. di Angelo, Monika, Salzer, Gernot: A survey of tools for analyzing ethereum smart contracts. In: 2019 IEEE International Conference on Decentralized Applications and Infrastructures (DAPPCON). IEEE (April 2019)

  14. Galbraith, Steven D., Paterson, Kenneth G., Smart, Nigel P.: Pairings for cryptographers. Discret. Appl. Math. 156(16), 3113–3121 (2008). (Applications of Algebra to Cryptography)

  15. Guo, Lifeng, Yau, Wei-Chuen.: Efficient secure-channel free public key encryption with keyword search for EMRs in cloud storage. J. Med. Syst. 39(2), 1–11 (2015)

  16. Hu, Baishuang, Liu, Qin, Liu, Xuhui, Peng, Tao, Wang, Guojun, Wu, Jie: Dabks: Dynamic attribute-based keyword search in cloud computing. In: 2017 IEEE International Conference on Communications (ICC), pp. 1–6 (2017)

  17. Huang, Qiong: Li, Hongbo: An efficient public-key searchable encryption scheme secure against inside keyword guessing attacks. Inf. Sci. 403–404, 1–14 (2017)

    Article  Google Scholar 

  18. Islam, Mohammad Saiful, Kuzu, Mehmet, Kantarcioglu, Murat, Access pattern disclosure on searchable encryption: Ramification, attack and mitigation. In Network and Distributed Systems Security (NDSS) Symposium,: pp 12–27, p. 2012. San Diego, CA, USA (2012)

  19. Katz, Jonathan, Lindell, Andrew Y.: Aggregate message authentication codes. In: The Cryptopgraphers’ Track at the RSA conference on Topics in Cryptology, CT-RSA’08, Berlin, Heidelberg, Springer-Verlag, pp. 155–169 (2008)

  20. Blockchain-based system for secure outsourcing of bilinear pairings: Lin, Chao, He, Debiao, Huang, Xinyi, Xie, Xiang, Choo, Kim-Kwang Raymond. Inf. Sci. 527, 590–601 (2020)

    Google Scholar 

  21. Yang, Lu.: Li, Jiguo, Wang, Fen: Pairing-free certificate-based searchable encryption supporting privacy-preserving keyword search function for IIoTs. IEEE Trans. Industr. Inf. 17(4), 2696–2706 (2021)

    Article  Google Scholar 

  22. Yang, Lu.: Li, Jiguo, Zhang, Yichen: Secure channel free certificate-based searchable encryption withstanding outside and inside keyword guessing attacks. IEEE Trans. Serv. Comput. 14(6), 2041–2054 (2021)

    Article  Google Scholar 

  23. Miao, Yinbin, Weng, Jian, Liu, Ximeng, Choo, Kim-Kwang Raymond., Liu, Zhiquan, Li, Hongwei: Enabling verifiable multiple keywords search over encrypted cloud data. Inf. Sci. 465, 21–37 (2018)

  24. Nayak, Sanjeet Kumar, Tripathy, Somanath: Privacy preserving provable data possession for cloud based electronic health record system. In: 2016 IEEE Trustcom/BigDataSE/ISPA, pp. 860–867 (2016)

  25. Nayak, Sanjeet Kumar, Tripathy, Somanath: SEMKC: secure and efficient computation over outsourced data encrypted under multiple keys. IEEE Trans. Emerg. Top. Comput. 9(1), 414–428 (2021)

    Article  Google Scholar 

  26. Rhee, Hyun Sook, Park, Jong Hwan, Susilo, Willy, Lee, Dong Hoon: Trapdoor security in a searchable public-key encryption scheme with a designated tester. J. Syst. Softw. 83(5), 763–771 (2010)

    Article  Google Scholar 

  27. Shu, Jiangang, Zou, Xing, Jia, Xiaohua, Zhang, Weizhe, Xie, Ruitao: Blockchain-based decentralized public auditing for cloud storage. IEEE Trans. on Cloud Comput. 10(4), 2366–2380 (2022)

  28. Song, Dawn Xiaoding, Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: Proceeding 2000 IEEE Symposium on Security and Privacy. S P 2000, pp. 44–55 (2000)

  29. Sultan, Nazatul Haque, Kaaniche, Nesrine, Laurent, Maryline, Barbhuiya, Ferdous Ahmed: Authorized keyword search over outsourced encrypted data in cloud environment. IEEE Transactions on Cloud Computing, 1–1 (2019)

  30. Wan, Zhiguo, Deng, Robert H.: VPSearch: Achieving verifiability for privacy-preserving multi-keyword search over encrypted cloud data. IEEE Trans. Dependable Secure Comput. 15(6), 1083–1095 (2018)

    Article  Google Scholar 

  31. Wang, Zeli, Jin, Hai, Dai, Weiqi, Choo, Kim-Kwang Raymond., Zou, Deqing: Ethereum smart contract security research: survey and future research opportunities. Front. of Comput. Sci. 15(2), 1–8 (2020)

  32. Zhang, Jianhong: Mao, Jian: Efficient public key encryption with revocable keyword search in cloud computing. Clust. Comput. 19(3), 1211–1217 (2016)

    Article  Google Scholar 

Download references

Acknowledgements

This work is encouraged by the Mathematical Research Impact Centric Support (MATRICS), SERB, under grant MTR/2019/000803.

Funding

Not applicable

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Indian Institute of Technology Patna, Bihta, India

    Partha Sarathi Chakraborty & Somanath Tripathy

  2. Department of Computer Science and Engineering, Indian Institute of Information Technology, Design and Manufacturing, Kancheepuram, India

    Sanjeet Kumar Nayak

Authors
  1. Partha Sarathi Chakraborty
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Somanath Tripathy
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sanjeet Kumar Nayak
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

PSC helped in conceptualization, investigation, methodology, experiments, writing. ST and SKN were involved in conceptualization, investigation, methodology, review.

Corresponding author

Correspondence to Somanath Tripathy.

Ethics declarations

Conflict of interest

Not applicable

Ethical approval

Not applicable

Consent to participate

Not applicable

Consent for publication

Not applicable

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Chakraborty, P.S., Tripathy, S. & Nayak, S.K. BASPED: Blockchain assisted searchable public key encryption over outsourced data. Int. J. Inf. Secur. 23, 487–503 (2024). https://doi.org/10.1007/s10207-023-00753-4

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-023-00753-4

Keywords

Search

Navigation