Springer Nature is making Coronavirus research free. View research | View latest news | Sign up for updates

VKSE-MO: verifiable keyword search over encrypted data in multi-owner settings

多数据拥有者场景中的可验证的关键字检索

  • 207 Accesses

  • 10 Citations

Abstract

Searchable encryption (SE) techniques allow cloud clients to easily store data and search encrypted data in a privacy-preserving manner, where most of SE schemes treat the cloud server as honest-but-curious. However, in practice, the cloud server is a semi-honest-but-curious third-party, which only executes a fraction of search operations and returns a fraction of false search results to save its computational and bandwidth resources. Thus, it is important to provide a results verification method to guarantee the correctness of the search results. Existing SE schemes allow multiple data owners to upload different records to the cloud server, but these schemes have very high computational and storage overheads when applied in a different but more practical setting where each record is co-owned by multiple data owners. To address this problem, we develop a verifiable keyword search over encrypted data in multi-owner settings (VKSE-MO) scheme by exploiting the multisignatures technique. Thus, our scheme only requires a single index for each record and data users are assured of the correctness of the search results in challenging settings. Our formal security analysis proved that the VKSE-MO scheme is secure against a chosen-keyword attack under a random oracle model. In addition, our empirical study using a real-world dataset demonstrated the efficiency and feasibility of the proposed scheme in practice.

摘要

创新点

可搜索加密是一种具有隐私保护的技术, 它允许云租户执行密文数据的存储和检索, 且在大部分的可搜索加密方案中, 云服务器被假定为是诚实但好奇的。但是, 在实际应用场景中, 云服务器是一个半诚实但好奇的第三方实体, 其可能为了节省计算和带宽资源而恶意地执行一部分搜索操作并返回一部分不正确的搜索结果。因此, 提供一种方法来确保搜索结果的正确性显得极其重要。已有的可搜索加密方案允许多个数据拥有者分别上传不同的文档到云服务器, 但是这些方案被应用到一个不同的实际应用场景中将会带来巨大的通信和存储开销, 即一个文档被多个数据拥有者共享。为此, 我们利用多重签名技术提出了支持挑战型的多数据拥有者场景的可验证密文检索方案, 所提方案仅需为同一个文档构建一个索引值, 同时能确保搜索结果的正确性。严格的安全分析表明文中方案在随机预言模型中是抵抗关键字选择攻击的。此外, 基于实际数据集的实验结果表明文中方案在实际应用场景中是高效的、可行的。

This is a preview of subscription content, log in to check access.

References

  1. 1

    Xia Z H, Wang X H, Zhang L G, et al. A privacy-preserving and copy-deterrence content-based image retrieval scheme in cloud computing. IEEE Trans Inf Foren Secur, 2016, 11: 2594–2608

  2. 2

    Li Q, Ma J F, Li R, et al. Secure, efficient and revocable multi-authority access control system in cloud storage. Comput Secur, 2016, 59: 45–59

  3. 3

    Li H W, Liu D X, Dai Y S, et al. Engineering searchable encryption of mobile cloud networks: when QoE meets QoP. IEEE Wirel Commun, 2015, 22: 74–80

  4. 4

    Fu Z J, Sun X M, Ji S, et al. Towards efficient content-aware search over encrypted outsourced data in cloud. In: Proceedings of Annual IEEE International Conference on Computer Communications, San Francisco, 2016. 1–9

  5. 5

    Li H W, Liu D X, Dai Y S, et al. Personalized search over encrypted data with efficient and secure updates in mobile clouds. IEEE Trans Emerg Topics Comput, 2015, in press. doi:10.1109/TETC.2015.2511457

  6. 6

    Song D X, Wagner D, Perrig A. Practical techniques for searches on encrypted data. In: Proceedings of IEEE Symposium on Security and Privacy, California, 2000. 44–55

  7. 7

    Boneh D, Crescenzo G D, Ostrovsky R, et al. Public key encryption with keyword search. In: Proceedings of International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, 2004. 506–522

  8. 8

    Miao Y B, Ma J F, Liu Z Q. Revocable and anonymous searchable encryption in multi-user setting. Concurr Comp-Pract E, 2016, 28: 1204–1218

  9. 9

    Chai Q, Gong G. Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers. In: Proceedings of IEEE International Conference on Communications, Ottawa, 2012. 917–922

  10. 10

    Zheng Q J, Xu S H, Ateniese G. VABKS: verifiable attribute-based keyword search over outsourced encrypted data. In: Proceedings of IEEE Conference on Computer Communications, Toronto, 2014. 522–530

  11. 11

    Sun W H, Liu X F, Lou W J, et al. Catch you if you lie to me: Efficient verifiable conjunctive keyword search over large dynamic encrypted cloud data. In: Proceedings of IEEE Conference on Computer Communications, Kowloon, 2015. 2110–2118

  12. 12

    Fu Z J, Shu J G, Sun X M, et al. Smart cloud search services: verifiable keyword-based semantic search over encrypted cloud data. IEEE Trans Consum Electron, 2014, 60: 762–770

  13. 13

    Cheng R, Yan J B, Guan C W, et al. Verifiable searchable symmetric encryption from indistinguishability obfuscation. In: Proceedings of ACM Symposium on Information, Computer and Communications Security, Singapore, 2015. 621–626

  14. 14

    Li T, Liu Z L, Li P, et al. Verifiable searchable encryption with aggregate keys for data sharing in outsourcing storage. In: Proceedings of Australasian Conference on Information Security and Privacy, Melbourne, 2016. 153–169

  15. 15

    Sun W H, Yu S C, Lou W J, et al. Protecting your right: verifiable attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud. IEEE Trans Parallel Distrib Syst, 2016, 27: 1187–1198

  16. 16

    Li J G, Lin Y P, Wen M, et al. Secure and verifiable multi-owner ranked-keyword search in cloud computing. In: Proceedings of International Conference on Wireless Algorithms, Systems, and Applications, Qufu, 2015. 325–334

  17. 17

    Zhang W, Lin Y P, Xiao S, et al. Privacy preserving ranked multi-keyword search for multiple data owners in cloud computing. IEEE Trans Comput, 2016, 65: 1566–1577

  18. 18

    Lu S, Ostrovsky R, Sahai A, et al. Sequential aggregate signatures, multisignatures, and verifiably encrypted signatures without random oracles. J Cryptol, 2013, 26: 340–373

  19. 19

    Ren Y J, Shen J, Wang J, et al. Mutual verifiable provable data auditing in public cloud storage. J Int Tech, 2015, 16: 317–323

  20. 20

    Wang B Y, Li H, Liu X F, et al. Efficient public verification on the integrity of multi-owner data in the cloud. J Commun Netw, 2014, 16: 592–599

  21. 21

    Chen R M, Mu Y, Yang G M, et al. Dual-server public-key encryption with keyword search for secure cloud storage. IEEE Trans Inf Foren Secur, 2016, 11: 789–798

  22. 22

    Wang W, Xu P, Li H, et al. Secure hybrid-indexed search for high efficiency over keyword searchable ciphertexts. Future Gener Comput Syst, 2016, 55: 353–361

  23. 23

    Yang Y, Ma M D. Conjunctive keyword search with designated tester and timing enabled proxy re-encryption function for E-health clouds. IEEE Trans Inf Foren Secur, 2016, 11: 746–759

  24. 24

    Xia Z H, Wang X H, Sun X M, et al. A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data. IEEE Trans Parallel Distrib Syst, 2016, 27: 340–352

  25. 25

    Fu Z J, Sun X M, Liu Q, et al. Achieving efficient cloud search services: multi-keyword ranked search over encrypted cloud data supporting parallel computing. IEICE Trans, 2015, 98: 190–200

  26. 26

    Fu Z J, Ren K, Su J G, et al. Enabling personalized search over encrypted outsourced data with efficiency improvement. IEEE Trans Parallel Distrib Syst, 2016, 27: 2546–2559

  27. 27

    Fu Z J, Wu X L, Guan C W, et al. Towards efficient multi-keyword fuzzy search over encrypted outsourced data with accuracy improvement. IEEE Trans Inf Foren Secur, 2016, 11: 2706–2716

  28. 28

    Li H W, Yang Y, Luan T H, et al. Enabling fine-grained multi-keyword search supporting classified sub-dictionaries over encrypted cloud data. IEEE Trans Depend Secure, 2016, 13: 312–325

  29. 29

    Li H W, Liu D X, Dai Y S, et al. Enabling efficient multi-keyword ranked search over encrypted mobile cloud data through blind storage. IEEE Trans Emerg Topics Comput, 2015, 3: 127–138

  30. 30

    Layouni M, Yoshida M, Okamura S. Efficient multi-authorizer accredited symmetrically private information retrieval. In: Proceedings of International Conference on Information and Communications Security, Birmingham, 2008. 387–402

  31. 31

    Attrapadung N, Libert B, Panafieu E D. Expressive key-policy attribute-based encryption with constant-size ciphertexts. In: Proceedings of International Conference on Practice and Theory in Public Key Cryptography, Taormina, 2011. 90–108

Download references

Acknowledgements

This work was supported by National High Technology Research and Development Program (863 Program) (Grant No. 2015AA016007), National Nature Science Foundation of China (Grant Nos. 61303221, 61472310, 61370078, 61309016), Science Foundation of Two sides of Strait (Grant Nos. U1405255, U1135002), and Shaanxi Science & Technology Coordination & Innovation Project (Grant No. 2016TZC-G-6-3).

Author information

Correspondence to Jianfeng Ma.

Additional information

Conflict of interest The authors declare that they have no conflict of interest.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Miao, Y., Ma, J., Liu, X. et al. VKSE-MO: verifiable keyword search over encrypted data in multi-owner settings. Sci. China Inf. Sci. 60, 122105 (2017). https://doi.org/10.1007/s11432-016-0540-x

Download citation

Keywords

  • chosen-keyword attack
  • efficiency and feasibility
  • multi-owner settings
  • result verification
  • searchable encryption

关键词

  • 选择关键字攻击
  • 效率和可行性
  • 多数据拥有者场景
  • 结果验证
  • 可搜索加密