Countering Statistical Attacks in Cloud-Based Searchable Encryption

A Correction to this article was published on 29 August 2018

This article has been updated

Abstract

Searchable encryption (SE) is appearing as a prominent solution in the intersection of privacy protection and efficient retrieval of data outsourced to cloud computing storage. While it preserves privacy by encrypting data, yet supports search operation without data leakage. Due to its applicability, many research communities have proposed different SE schemes under various security definitions with numerous customary features (i.e. multi keyword search, ranked search). However, by reason of multi-keyword ranked search, SE discloses encrypted document list corresponding to multiple (secure) query keywords (or trapdoor). Such disclosure of statistical information helps an attacker to analyze and deduce the content of the data. To counter statistical information leakage in SE, we propose a scheme referred to as Countering Statistical Attack in Cloud based Searchable Encryption (CSA-CSE) that resorts to randomness in all components of an SE. CSA-CSE adopts inverted index that is built with a hash digest of a pair of keywords. Unlike existing schemes, ranking factors (i.e. relevance scores) rank the documents and then they no longer exist in the secure index (neither in order preserving encrypted form). Query keywords are also garbled with randomness in order to hide actual query/result statistics. Our security analysis and experiment on request for comments database ensure the security and efficiency of CSA-CSE.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11

Change history

  • 29 August 2018

    The original article has been published with an incorrect grant number in the acknowledgements which should be RG # 1439-036.

References

  1. 1.

    Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R., Konwinski, A., et al.: A view of cloud computing. Commun. ACM 53, 50–58 (2010)

    Article  Google Scholar 

  2. 2.

    Radu, L.-D.: Green cloud computing: a literature survey. Symmetry 9, 295 (2017)

    Article  Google Scholar 

  3. 3.

    Takabi, H., Joshi, J.B., Ahn, G.-J.: Security and privacy challenges in cloud computing environments. IEEE Secur. Priv. 8, 24–31 (2010)

    Article  Google Scholar 

  4. 4.

    Zhou, Y., Zhang, D., Xiong, N.: Post-cloud computing paradigms: a survey and comparison. Tsinghua Sci. Technol. 22, 714–732 (2017)

    Article  Google Scholar 

  5. 5.

    Yaqoob, I., Ahmed, E., Ur Rehman, M.H., Ahmed, A.I.A., Al-garadi, M.A., Imran, M., et al.: The rise of ransomware and emerging security challenges in the Internet of Things. Comput. Netw. 129, 444–458 (2017)

    Article  Google Scholar 

  6. 6.

    Feng, D.-G., Zhang, M., Zhang, Y., Xu, Z.: Study on cloud computing security. J. Softw. 22, 71–83 (2011)

    Article  Google Scholar 

  7. 7.

    Kamara, S., Lauter K.: Cryptographic cloud storage. In: International Conference on Financial Cryptography and Data Security, pp. 136–149 (2010)

  8. 8.

    Ali, M., Khan, S.U., Vasilakos, A.V.: Security in cloud computing: opportunities and challenges. Inf. Sci. 305, 357–383 (2015)

    MathSciNet  Article  Google Scholar 

  9. 9.

    Fernandes, D.A., Soares, L.F., Gomes, J.V., Freire, M.M., Inácio, P.R.: Security issues in cloud environments: a survey. Int. J. Inf. Secur. 13, 113–170 (2014)

    Article  Google Scholar 

  10. 10.

    Wang, T., Zhou, J., Chen, X., Wang, G., Liu, A., Liu, Y.: A Three-layer privacy preserving cloud storage scheme based on computational intelligence in fog computing. IEEE Trans. Emerg. Top. Comput. Intell. 2, 3–12 (2018)

    Article  Google Scholar 

  11. 11.

    Han, F., Qin, J., Hu, J.: Secure searches in the cloud: a survey. Future Gener. Comput. Syst. 62, 66–75 (2016)

    Article  Google Scholar 

  12. 12.

    Au, M.H., Liang, K., Liu, J.K., Lu, R., Ning, J.: Privacy-preserving personal data operation on mobile cloud—chances and challenges over advanced persistent threat. Future Gener. Comput. Syst. 79, 337–349 (2018)

    Article  Google Scholar 

  13. 13.

    Fu, Z., Ren, K., Shu, J., Sun, X., Huang, F.: Enabling personalized search over encrypted outsourced data with efficiency improvement. IEEE Trans. Parallel Distrib. Syst. 27, 2546–2559 (2016)

    Article  Google Scholar 

  14. 14.

    Xu, P., Jin, H., Wu, Q., Wang, W.: Public-key encryption with fuzzy keyword search: a provably secure scheme under keyword guessing attack. IEEE Trans. Comput. 62, 2266–2277 (2013)

    MathSciNet  Article  Google Scholar 

  15. 15.

    Singhal, A.: Modern information retrieval: a brief overview. IEEE Data Eng. Bull. 24, 35–43 (2001)

    Google Scholar 

  16. 16.

    Berger, A., Lafferty, J.: Information retrieval as statistical translation. In: ACM SIGIR Forum, pp. 219–226 (2017)

  17. 17.

    Witten, I.H., Moffat, A., Bell, T.C.: Managing Gigabytes: Compressing and Indexing Documents and Images. Morgan Kaufmann, Burlington (1999)

    MATH  Google Scholar 

  18. 18.

    Cao, N., Wang, C., Li, M., Ren, K., Lou, W.: Privacy-preserving multi-keyword ranked search over encrypted cloud data. IEEE Trans. Parallel Distrib. Syst. 25, 222–233 (2014)

    Article  Google Scholar 

  19. 19.

    Fu, Z., Sun, X., Linge, N., Zhou, L.: Achieving effective cloud search services: multi-keyword ranked search over encrypted cloud data supporting synonym query. IEEE Trans. Consum. Electron. 60, 164–172 (2014)

    Article  Google Scholar 

  20. 20.

    Jiang, X., Yu, J., Yan, J., Hao, R.: Enabling efficient and verifiable multi-keyword ranked search over encrypted cloud data. Inf. Sci. 403, 22–41 (2017)

    Article  Google Scholar 

  21. 21.

    Li, H., Liu, D., Dai, Y., Luan, T.H., Shen, X.S.: Enabling efficient multi-keyword ranked search over encrypted mobile cloud data through blind storage. IEEE Trans. Emerg. Top. Comput. 3, 127–138 (2015)

    Article  Google Scholar 

  22. 22.

    Sun, W., Wang, B., Cao, N., Li, M., Lou, W., Hou, Y.T., et al.: Verifiable privacy-preserving multi-keyword text search in the cloud supporting similarity-based ranking. IEEE Trans. Parallel Distrib. Syst. 25, 3025–3035 (2014)

    Article  Google Scholar 

  23. 23.

    Xia, Z., Wang, X., Sun, X., Wang, Q.: A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data. IEEE Trans. Parallel Distrib. Syst. 27, 340–352 (2016)

    Article  Google Scholar 

  24. 24.

    Yao, B., Li, F., Xiao, X.: Secure nearest neighbor revisited. In: 2013 IEEE 29th International Conference on Data Engineering (ICDE), pp. 733–744 (2013)

  25. 25.

    Swaminathan, A., Mao, Y., Su, G.-M., Gou, H., Varna, A.L., He, S., et al.: Confidentiality-preserving rank-ordered search. In: Proceedings of the 2007 ACM Workshop on Storage Security and Survivability, pp. 7–12 (2007)

  26. 26.

    Wang, C., Cao, N., Ren, K., Lou, W.: Enabling secure and efficient ranked keyword search over outsourced cloud data. IEEE Trans. Parallel Distrib. Syst. 23, 1467–1479 (2012)

    Article  Google Scholar 

  27. 27.

    Zerr, S., Olmedilla, D., Nejdl, W., Siberski, W.: Zerber + r: top-k retrieval from a confidential index. In: Proceedings of the 12th International Conference on Extending Database Technology: Advances in Database Technology, pp. 439–449 (2009)

  28. 28.

    Boldyreva, A., Chenette, N., Lee, Y., O’neill, A.: Order-preserving symmetric encryption. In: Eurocrypt, pp. 224–241 (2009)

  29. 29.

    Boldyreva, A., Chenette, N., O’Neill, A.: Order-preserving encryption revisited: improved security analysis and alternative solutions. In: CRYPTO, pp. 578–595 (2011)

  30. 30.

    Wang, G., Liu, C., Dong, Y., Choo, K.-K.R., Han, P., Pan, H., et al.: Leakage models and inference attacks on searchable encryption for cyber-physical social systems. IEEE Access 6, 21828–21839 (2018)

    Article  Google Scholar 

  31. 31.

    Abdalla, M., Bellare, M., Catalano, D., Kiltz, E., Kohno, T., Lange, T., et al.: Searchable encryption revisited: consistency properties, relation to anonymous IBE, and extensions. J. Cryptol. 21, 350–391 (2008)

    MathSciNet  Article  Google Scholar 

  32. 32.

    Chang, Y.-C., Mitzenmacher, M.: Privacy preserving keyword searches on remote encrypted data. In: International Conference on Applied Cryptography and Network Security, pp. 442–455 (2005)

  33. 33.

    Curtmola, R., Garay, J., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. J. Comput. Secur. 19, 895–934 (2011)

    Article  Google Scholar 

  34. 34.

    Goh, E.-J: Secure indexes. In: IACR Cryptology ePrint Archive, 2003, vol. 216 (2003)

  35. 35.

    Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: 2000 IEEE Symposium on Security and Privacy, 2000. S&P 2000. Proceedings, pp. 44–55 (2000)

  36. 36.

    Baek, J., Safavi-Naini, R., Susilo, W.: Public key encryption with keyword search revisited. In: Computational Science and Its Applications—ICCSA 2008, pp. 1249–1259 (2008)

  37. 37.

    Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: International Conference on the Theory and Applications of Cryptographic Techniques, pp. 506–522 (2004)

  38. 38.

    Rhee, H.S., Park, J.H., Susilo, W., Lee, D.H.: Trapdoor security in a searchable public-key encryption scheme with a designated tester. J. Syst. Softw. 83, 763–771 (2010)

    Article  Google Scholar 

  39. 39.

    Fu, Z., Wu, X., Guan, C., Sun, X., Ren, K.: Toward efficient multi-keyword fuzzy search over encrypted outsourced data with accuracy improvement. IEEE Trans. Inf. Forensics Secur. 11, 2706–2716 (2016)

    Article  Google Scholar 

  40. 40.

    Wong, W.K., Cheung, D.W.-l., Kao, B., Mamoulis, N.: Secure knn computation on encrypted databases. In: Proceedings of the 2009 ACM SIGMOD International Conference on Management of Data, pp. 139–152 (2009)

  41. 41.

    Guo, C., Chen, X., Jie, Y., Zhangjie, F., Li, M., Feng, B.: Dynamic multi-phrase ranked search over encrypted data with symmetric searchable encryption. IEEE Trans. Serv. Comput. (2017). https://doi.org/10.1109/TSC.2017.2768045

    Article  Google Scholar 

  42. 42.

    Sun, W., Wang, B., Cao, N., Li, M., Lou, W., Hou, Y.T., et al.: Privacy-preserving multi-keyword text search in the cloud supporting similarity-based ranking. In: Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, pp. 71–82 (2013)

  43. 43.

    Delfs, H., Knebl, H., Knebl, H.: Introduction to Cryptography, vol. 2. Springer, Berlin (2002)

    Book  Google Scholar 

  44. 44.

    Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data, pp. 563–574 (2004)

  45. 45.

    Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Annual International Cryptology Conference, pp. 1–15 (1996)

  46. 46.

    (25/12/2017) Request for Comments. https://www.rfc-editor.org/rfc-index.html

  47. 47.

    Jeong, I.R., Kwon, J.O., Hong, D., Lee, D.H.: Constructing PEKS schemes secure against keyword guessing attacks is possible? Comput. Commun. 32, 394–396 (2009)

    Article  Google Scholar 

Download references

Acknowledgements

This research work was partially supported by the Faculty of Computer Science and Information Technology, University of Malaya under a special allocation of the Post Graduate Fund for RP036 (A, B, C)-15AET project. This work is also supported by the Deanship of Scientific Research at King Saud University through Research Group number RG-1435-051.

Author information

Affiliations

Authors

Corresponding author

Correspondence to Ihsan Ali.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Ahsan, M.A.M., Ali, I., Bin Idris, M.Y.I. et al. Countering Statistical Attacks in Cloud-Based Searchable Encryption. Int J Parallel Prog 48, 470–495 (2020). https://doi.org/10.1007/s10766-018-0584-8

Download citation

Keywords

  • Cloud computing
  • Security
  • Searchable encryption
  • Statistical attack
  • Multi keyword ranked search