VKSE-MO: verifiable keyword search over encrypted data in multi-owner settings

  • Yinbin Miao
  • Jianfeng Ma
  • Ximeng Liu
  • Junwei Zhang
  • Zhiquan Liu
Research Paper

Abstract

Searchable encryption (SE) techniques allow cloud clients to easily store data and search encrypted data in a privacy-preserving manner, where most of SE schemes treat the cloud server as honest-but-curious. However, in practice, the cloud server is a semi-honest-but-curious third-party, which only executes a fraction of search operations and returns a fraction of false search results to save its computational and bandwidth resources. Thus, it is important to provide a results verification method to guarantee the correctness of the search results. Existing SE schemes allow multiple data owners to upload different records to the cloud server, but these schemes have very high computational and storage overheads when applied in a different but more practical setting where each record is co-owned by multiple data owners. To address this problem, we develop a verifiable keyword search over encrypted data in multi-owner settings (VKSE-MO) scheme by exploiting the multisignatures technique. Thus, our scheme only requires a single index for each record and data users are assured of the correctness of the search results in challenging settings. Our formal security analysis proved that the VKSE-MO scheme is secure against a chosen-keyword attack under a random oracle model. In addition, our empirical study using a real-world dataset demonstrated the efficiency and feasibility of the proposed scheme in practice.

Keywords

chosen-keyword attack efficiency and feasibility multi-owner settings result verification searchable encryption 

多数据拥有者场景中的可验证的关键字检索

摘要

创新点

可搜索加密是一种具有隐私保护的技术, 它允许云租户执行密文数据的存储和检索, 且在大部分的可搜索加密方案中, 云服务器被假定为是诚实但好奇的。但是, 在实际应用场景中, 云服务器是一个半诚实但好奇的第三方实体, 其可能为了节省计算和带宽资源而恶意地执行一部分搜索操作并返回一部分不正确的搜索结果。因此, 提供一种方法来确保搜索结果的正确性显得极其重要。已有的可搜索加密方案允许多个数据拥有者分别上传不同的文档到云服务器, 但是这些方案被应用到一个不同的实际应用场景中将会带来巨大的通信和存储开销, 即一个文档被多个数据拥有者共享。为此, 我们利用多重签名技术提出了支持挑战型的多数据拥有者场景的可验证密文检索方案, 所提方案仅需为同一个文档构建一个索引值, 同时能确保搜索结果的正确性。严格的安全分析表明文中方案在随机预言模型中是抵抗关键字选择攻击的。此外, 基于实际数据集的实验结果表明文中方案在实际应用场景中是高效的、可行的。

关键词

选择关键字攻击 效率和可行性 多数据拥有者场景 结果验证 可搜索加密 

Notes

Acknowledgements

This work was supported by National High Technology Research and Development Program (863 Program) (Grant No. 2015AA016007), National Nature Science Foundation of China (Grant Nos. 61303221, 61472310, 61370078, 61309016), Science Foundation of Two sides of Strait (Grant Nos. U1405255, U1135002), and Shaanxi Science & Technology Coordination & Innovation Project (Grant No. 2016TZC-G-6-3).

References

  1. 1.
    Xia Z H, Wang X H, Zhang L G, et al. A privacy-preserving and copy-deterrence content-based image retrieval scheme in cloud computing. IEEE Trans Inf Foren Secur, 2016, 11: 2594–2608CrossRefGoogle Scholar
  2. 2.
    Li Q, Ma J F, Li R, et al. Secure, efficient and revocable multi-authority access control system in cloud storage. Comput Secur, 2016, 59: 45–59MathSciNetCrossRefGoogle Scholar
  3. 3.
    Li H W, Liu D X, Dai Y S, et al. Engineering searchable encryption of mobile cloud networks: when QoE meets QoP. IEEE Wirel Commun, 2015, 22: 74–80CrossRefGoogle Scholar
  4. 4.
    Fu Z J, Sun X M, Ji S, et al. Towards efficient content-aware search over encrypted outsourced data in cloud. In: Proceedings of Annual IEEE International Conference on Computer Communications, San Francisco, 2016. 1–9Google Scholar
  5. 5.
    Li H W, Liu D X, Dai Y S, et al. Personalized search over encrypted data with efficient and secure updates in mobile clouds. IEEE Trans Emerg Topics Comput, 2015, in press. doi:10.1109/TETC.2015.2511457Google Scholar
  6. 6.
    Song D X, Wagner D, Perrig A. Practical techniques for searches on encrypted data. In: Proceedings of IEEE Symposium on Security and Privacy, California, 2000. 44–55Google Scholar
  7. 7.
    Boneh D, Crescenzo G D, Ostrovsky R, et al. Public key encryption with keyword search. In: Proceedings of International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, 2004. 506–522MATHGoogle Scholar
  8. 8.
    Miao Y B, Ma J F, Liu Z Q. Revocable and anonymous searchable encryption in multi-user setting. Concurr Comp-Pract E, 2016, 28: 1204–1218CrossRefGoogle Scholar
  9. 9.
    Chai Q, Gong G. Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers. In: Proceedings of IEEE International Conference on Communications, Ottawa, 2012. 917–922Google Scholar
  10. 10.
    Zheng Q J, Xu S H, Ateniese G. VABKS: verifiable attribute-based keyword search over outsourced encrypted data. In: Proceedings of IEEE Conference on Computer Communications, Toronto, 2014. 522–530Google Scholar
  11. 11.
    Sun W H, Liu X F, Lou W J, et al. Catch you if you lie to me: Efficient verifiable conjunctive keyword search over large dynamic encrypted cloud data. In: Proceedings of IEEE Conference on Computer Communications, Kowloon, 2015. 2110–2118Google Scholar
  12. 12.
    Fu Z J, Shu J G, Sun X M, et al. Smart cloud search services: verifiable keyword-based semantic search over encrypted cloud data. IEEE Trans Consum Electron, 2014, 60: 762–770CrossRefGoogle Scholar
  13. 13.
    Cheng R, Yan J B, Guan C W, et al. Verifiable searchable symmetric encryption from indistinguishability obfuscation. In: Proceedings of ACM Symposium on Information, Computer and Communications Security, Singapore, 2015. 621–626Google Scholar
  14. 14.
    Li T, Liu Z L, Li P, et al. Verifiable searchable encryption with aggregate keys for data sharing in outsourcing storage. In: Proceedings of Australasian Conference on Information Security and Privacy, Melbourne, 2016. 153–169MATHGoogle Scholar
  15. 15.
    Sun W H, Yu S C, Lou W J, et al. Protecting your right: verifiable attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud. IEEE Trans Parallel Distrib Syst, 2016, 27: 1187–1198CrossRefGoogle Scholar
  16. 16.
    Li J G, Lin Y P, Wen M, et al. Secure and verifiable multi-owner ranked-keyword search in cloud computing. In: Proceedings of International Conference on Wireless Algorithms, Systems, and Applications, Qufu, 2015. 325–334Google Scholar
  17. 17.
    Zhang W, Lin Y P, Xiao S, et al. Privacy preserving ranked multi-keyword search for multiple data owners in cloud computing. IEEE Trans Comput, 2016, 65: 1566–1577MathSciNetCrossRefGoogle Scholar
  18. 18.
    Lu S, Ostrovsky R, Sahai A, et al. Sequential aggregate signatures, multisignatures, and verifiably encrypted signatures without random oracles. J Cryptol, 2013, 26: 340–373MathSciNetCrossRefMATHGoogle Scholar
  19. 19.
    Ren Y J, Shen J, Wang J, et al. Mutual verifiable provable data auditing in public cloud storage. J Int Tech, 2015, 16: 317–323Google Scholar
  20. 20.
    Wang B Y, Li H, Liu X F, et al. Efficient public verification on the integrity of multi-owner data in the cloud. J Commun Netw, 2014, 16: 592–599CrossRefGoogle Scholar
  21. 21.
    Chen R M, Mu Y, Yang G M, et al. Dual-server public-key encryption with keyword search for secure cloud storage. IEEE Trans Inf Foren Secur, 2016, 11: 789–798Google Scholar
  22. 22.
    Wang W, Xu P, Li H, et al. Secure hybrid-indexed search for high efficiency over keyword searchable ciphertexts. Future Gener Comput Syst, 2016, 55: 353–361CrossRefGoogle Scholar
  23. 23.
    Yang Y, Ma M D. Conjunctive keyword search with designated tester and timing enabled proxy re-encryption function for E-health clouds. IEEE Trans Inf Foren Secur, 2016, 11: 746–759Google Scholar
  24. 24.
    Xia Z H, Wang X H, Sun X M, et al. A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data. IEEE Trans Parallel Distrib Syst, 2016, 27: 340–352CrossRefGoogle Scholar
  25. 25.
    Fu Z J, Sun X M, Liu Q, et al. Achieving efficient cloud search services: multi-keyword ranked search over encrypted cloud data supporting parallel computing. IEICE Trans, 2015, 98: 190–200CrossRefGoogle Scholar
  26. 26.
    Fu Z J, Ren K, Su J G, et al. Enabling personalized search over encrypted outsourced data with efficiency improvement. IEEE Trans Parallel Distrib Syst, 2016, 27: 2546–2559CrossRefGoogle Scholar
  27. 27.
    Fu Z J, Wu X L, Guan C W, et al. Towards efficient multi-keyword fuzzy search over encrypted outsourced data with accuracy improvement. IEEE Trans Inf Foren Secur, 2016, 11: 2706–2716CrossRefGoogle Scholar
  28. 28.
    Li H W, Yang Y, Luan T H, et al. Enabling fine-grained multi-keyword search supporting classified sub-dictionaries over encrypted cloud data. IEEE Trans Depend Secure, 2016, 13: 312–325CrossRefGoogle Scholar
  29. 29.
    Li H W, Liu D X, Dai Y S, et al. Enabling efficient multi-keyword ranked search over encrypted mobile cloud data through blind storage. IEEE Trans Emerg Topics Comput, 2015, 3: 127–138CrossRefGoogle Scholar
  30. 30.
    Layouni M, Yoshida M, Okamura S. Efficient multi-authorizer accredited symmetrically private information retrieval. In: Proceedings of International Conference on Information and Communications Security, Birmingham, 2008. 387–402Google Scholar
  31. 31.
    Attrapadung N, Libert B, Panafieu E D. Expressive key-policy attribute-based encryption with constant-size ciphertexts. In: Proceedings of International Conference on Practice and Theory in Public Key Cryptography, Taormina, 2011. 90–108MATHGoogle Scholar

Copyright information

© Science China Press and Springer-Verlag Berlin Heidelberg 2017

Authors and Affiliations

  • Yinbin Miao
    • 1
  • Jianfeng Ma
    • 1
  • Ximeng Liu
    • 2
  • Junwei Zhang
    • 1
  • Zhiquan Liu
    • 1
  1. 1.School of Cyber EngineeringXidian UniversityXi’anChina
  2. 2.School of Information SystemsSingapore Management UniversitySingaporeSingapore

Personalised recommendations