Advertisement

Springer Nature is making SARS-CoV-2 and COVID-19 research free. View research | View latest news | Sign up for updates

MULKASE: a novel approach for key-aggregate searchable encryption for multi-owner data

Abstract

Recent attempts at key-aggregate searchable encryption (KASE) combine the advantages of searching encrypted data with support for data owners to share an aggregate searchable key with a user delegating search rights to a set of data. A user, in turn, is required to submit only one single aggregate trapdoor to the cloud to perform a keyword search across the shared set of data. However, the existing KASE methods do not support searching through data that are shared by multiple owners using a single aggregate trapdoor. Therefore, we propose a MULKASE method that allows a user to search across different data records owned by multiple users using a single trapdoor. In MULKASE, the size of the aggregate key is independent of the number of documents held by a data owner. The size of an aggregate key remains constant even though the number of outsourced ciphertexts goes beyond the predefined limit. Security analysis proves that MULKASE is secure against chosen message attacks and chosen keyword attacks. In addition, the security analysis confirms that MULKASE is secure against cross-pairing attacks and provides query privacy. Theoretical and empirical analyses show that MULKASE performs better than the existing KASE methods. We also illustrate how MULKASE can carry out federated searches.

This is a preview of subscription content, log in to check access.

References

  1. Akl SG, Taylor PD, 1983. Cryptographic solution to a problem of access control in a hierarchy. ACM Trans Comput Syst, 1(3):239–248. https://doi.org/10.1145/357369.357372

  2. Arya D, Ha-Thuc V, Sinha S, 2015. Personalized federated search at LinkedIn. Proc 24th ACM Int Conf on Information and Knowledge Management, p.1699-1702. https://doi.org/10.1145/2806416.2806615

  3. Atallah MJ, Blanton M, Fazio N, et al., 2009. Dynamic and efficient key management for access hierarchies. ACM Trans Inform Syst Secur, 12(3), Article 18. https://doi.org/10.1145/1455526.1455531

  4. Ateniese G, de Santis A, Ferrara AL, et al., 2006. Provablysecure time-bound hierarchical key assignment schemes. Proc 13th ACM Conf on Computer and Communications Security, p.288-297. https://doi.org/10.1145/1180405.1180441

  5. Banu AS, 2015. Efficient data sharing in cloud medium with key aggregate cryptosystem. Netw Commun Eng, 7(3):118–121.

  6. Bao F, Deng RH, Ding XH, et al., 2008 Private query on encrypted data in multi-user settings. Proc 4th Int Conf on Information Security Practice and Experience, p.71-85. https://doi.org/10.1007/978-3-540-79104-1_6

  7. Bethencourt J, Sahai A, Waters B, 2007. Ciphertext-policy attribute-based encryption. Proc Symp on Security and Privacy, p.321-334. https://doi.org/10.1109/SP.2007.11

  8. Boneh D, di Crescenzo G, Ostrovsky R, et al., 2004. Public key encryption with keyword search. Int Conf on the Theory and Applications of Cryptographic Techniques, p.506-522. https://doi.org/10.1007/978-3-540-24676-3_30

  9. Chame SD, Kumar A, 2015. A noval approach key aggregate cryptosystem for resizable data sharing in cloud storage. Int Res J Eng Technol, 7(2):508–512.

  10. Chang YC, Mitzenmacher M, 2005. Privacy preserving keyword searches on remote encrypted data. Proc 3rd Int Conf on Applied Cryptography and Network Security, p.442-455. https://doi.org/10.1007/11496137_30

  11. Cheon JH, 2006. Security analysis of the strong Diffie-Hellman problem. Proc 24th Annual Int Conf on the Theory and Applications of Cryptographic Techniques, p.1-11. https://doi.org/10.1007/11761679_1

  12. Cheung L, Newport C, 2007. Provably secure ciphertext policy ABE. Proc 14th ACM Conf on Computer and Communications Security, p.456-465. https://doi.org/10.1145/1315245.1315302

  13. Chu CK, Chow SSM, Tzeng WG, et al., 2014. Key-aggregate cryptosystem for scalable data sharing in cloud storage. IEEE Trans Parall Distrib Syst, 25(2):468–477. https://doi.org/10.1109/TPDS.2013.112

  14. Cui BJ, Liu ZL, Wang LY, 2016. Key-aggregate searchable encryption (KASE) for group data sharing via cloud storage. IEEE Trans Comput, 65(8):2374–2385. https://doi.org/10.1109/TC.2015.2389959

  15. Curtmola R, Garay J, Kamara S, et al., 2011. Searchable symmetric encryption: improved definitions and efficient constructions. J Comput Secur, 19(5):895–934. https://doi.org/10.3233/JCS-2011-0426

  16. Daemen J, Rijmen V, 2001. The Design of Rijndael. AES— the Advanced Encryption Standard. Springer Berlin Heidelberg.

  17. Dang H, Chong YL, Brun F, et al., 2016. Practical and scalable sharing of encrypted data in cloud storage with key aggregation. Proc 4th ACM Workshop on Information Hiding and Multimedia Security, p.69-80. https://doi.org/10.1145/2909827.2930795

  18. Daza V, Herranz J, Morillo P, et al., 2010. Extensions of access structures and their cryptographic applications. Appl Algebr Eng Commun Comput, 21(4):257–284. https://doi.org/10.1007/s00200-010-0125-1

  19. de Caro A, Iovino V, 2011. jPBC: Java pairing based cryptography. Proc Symp on Computers and Communications, p.850-855. https://doi.org/10.1109/ISCC.2011.5983948

  20. Diaz F, Lalmas M, Shokouhi M, 2010. From federated to aggregated search. Proc 33rd Int ACM SIGIR Conf on Research and Development in Information Retrieval, p.910. https://doi.org/10.1145/1835449.1835682

  21. Dodis Y, Fazio N, 2003. Public key broadcast encryption for stateless receivers. ACM CCS-9 Workshop on Digital Rights Management, p.61-80. https://doi.org/10.1007/97835404499355

  22. Fiat A, Naor M, 1993. Broadcast encryption. Proc 13th Annual Int Cryptology Conf on Advances in Cryptology, p.480-491. https://doi.org/10.1007/3-540-48329-2_40

  23. Firdose HF, Rebekah RDC, 2015. A key aggregate construction with adaptable offering of information in cloud. Int J Comput Eng Res Trends, 2(5):355–358.

  24. Goh EJ, 2003. Secure Indexes. Cryptology ePrint Archive, Report 2003/216. https://eprint.iacr.org/2003/216

  25. Goyal V, Pandey O, Sahai A, et al., 2006. Attribute-based encryption for fine-grained access control of encrypted data. Proc 13th ACM Conf on Computer and Communications Security, p.89-98. https://doi.org/10.1145/1180405.1180418

  26. Guo C, Luo NQ, Bhuiyan ZA, et al., 2017. Key-aggregate authentication cryptosystem for data sharing in dynamic cloud storage. Proc 14th Int Symp on Pervasive Systems, Algorithms and Networks & 11th Int Conf on Frontier of Computer Science and Technology & 3rd Int Symp of Creative Computing, p.242-249. https://doi.org/10.1109/ISPAN-FCST-ISCC.2017.43

  27. Huang HP, Du JP, Wang H, et al., 2016. A multi-keyword multi-user searchable encryption scheme based on cloud storage. Proc IEEE Trustcom/BigDataSE/ISPA, p.1937-1943. https://doi.org/10.1109/trustcom.2016.0296

  28. Hwang YH, Lee PJ, 2007. Public key encryption with conjunctive keyword search and its extension to a multiuser system. Proc 1st Int Conf on Pairing-Based Cryptography, p.2-22. https://doi.org/10.1007/978-3-540-73489-5_2

  29. Kiayias A, Oksuz O, Russell A, et al., 2016. Efficient encrypted keyword search for multi-user data sharing. Proc 21st European Symp on Research in Computer Security, p.173-195. https://doi.org/10.1007/978-3-319-45744-4_9

  30. Kurosawa K, Yoshida T, Desmelt Y, 2000. Inherently large traceability of broadcast encryption scheme. Proc IEEE Int Symp on Information Theory, p.464. https://doi.org/10.1109/isit.2000.866762

  31. Lambhate S, Patil S, 2016. A survey on cloud group data sharing using key-aggregate searchable encryption (KASE) scheme. Int J Sci Res Sci Eng Technol, 2(1): 182–185.

  32. Li T, Liu ZL, Li P, et al., 2016. Verifiable searchable encryption with aggregate keys for data sharing in outsourcing storage. Proc 21st Australasian Conf on Information Security and Privacy, p.153-169. https://doi.org/10.1007/978-3-319-40367-0_10

  33. Li T, Liu ZL, Jia CF, et al., 2018. Key-aggregate searchable encryption under multi-owner setting for group data sharing in the cloud. Int J Web Grid Serv, 14(1):21–43. https://doi.org/10.1504/IJWGS.2018.088358

  34. Liao ZH, Wang JM, Lang B, 2013. Ciphertext-policy hidden vector encryption for multi-user keyword search. Proc 3rd Int Conf on Internet & Cloud Computing Technology.

  35. Mahalle RV, Pawade PP, 2014. A review of secure data sharing in cloud using key aggregate cryptosystem and decoy technology. Int J Sci Res, 3(12):2694–2697.

  36. Massonet P, Levin A, Celesti A, et al., 2015. Security requirements in a federated cloud networking architecture. Workshops of ESOCC Advances in Service-Oriented and Cloud Computing, p.79-88. https://doi.org/10.1007/978-3-319-33313-7_6

  37. Padhya M, Jinwala D, 2014. A novel approach for searchable CP-ABE with hidden ciphertext-policy. Proc 10th Int Conf on Information Systems Security, p.167-184. https://doi.org/10.1007/978-3-319-13841-1_10

  38. Pansare N, Somkuwar A, Shaikh A, et al., 2016. Keyaggregate searchable encryption (KASE) for user revocation in cloud storage. Int J Eng Tech, 2(1):68–70.

  39. Park JH, Lee DH, 2008. A new public key broadcast encryption using Boneh-Boyen-Goh’s HIBE scheme. Proc 4th Int Conf on Information Security Practice and Experience, p.101-115. https://doi.org/10.1007/978-3-540-79104-1_8

  40. Patranabis S, Shrivastava Y, Mukhopadhyay D, 2015. Dynamic key-aggregate cryptosystem on elliptic curves for online data sharing. Proc 16th Int Conf in Cryptology in India Progress in Cryptology, p.25-44. https://doi.org/10.1007/978-3-319-26617-6_2

  41. Patranabis S, Shrivastava Y, Mukhopadhyay D, 2017. Provably secure key-aggregate cryptosystems with broadcast aggregate keys for online data sharing on the cloud. IEEE Trans Comput, 66(5):891–904. https://doi.org/10.1109/TC.2016.2629510

  42. Pawar PS, Sajjad A, Dimitrakos T, et al., 2015. Security-as-a-service in multi-cloud and federated cloud environments. Proc 9th IFIP Int Conf on Trust Management, p.251-261. https://doi.org/10.1007/978-3-319-18491-3_21

  43. Pirretti M, Traynor P, McDaniel P, et al., 2010. Secure attribute-based systems. J Comput Secur, 18(5):799–837.

  44. Popa RA, Zeldovich N, 2013. Multi-key Searchable Encryption. Cryptology ePrint Archive, Report 2013/508. https://eprint.iacr.org/2013/508

  45. Ragab-Hassen H, 2010. Efficient key management model and scheme for content access control in hierarchies. Proc IEEE Globecom Workshop, p.1492-1496. https://doi.org/10.1109/glocomw.2010.5700187

  46. Rivest RL, Shamir A, Adleman L, 1978. A method for obtaining digital signatures and public-key cryptosystems. Commun ACM, 21(2):120–126. https://doi.org/10.1145/359340.359342

  47. Rouselakis Y, Waters B, 2015. Efficient statically-secure large-universe multi-authority attribute-based encryption. Proc 19th Int Conf on Financial Cryptography and Data Security, p.315-332. https://doi.org/10.1007/978-3-662-47854-7_19

  48. Sahai A, Waters B, 2005. Fuzzy identity-based encryption. Proc 24th Annual Int Conf on the Theory and Applications of Cryptographic Techniques Advances in Cryptology, p.457-473. https://doi.org/10.1007/11426639_27

  49. Shim KA, 2012. CPAS: an efficient conditional privacy-preserving authentication scheme for vehicular sensor networks. IEEE Trans Veh Technol, 61(4):1874–1883. https://doi.org/10.1109/TVT.2012.2186992

  50. Singhal A, 2001. Modern information retrieval: a brief overview. IEEE Data Eng Bull, 24(4):35–43.

  51. Sinha A, Kale CV, Douglas JL, et al., 2015. Federated Search. US Patent App. 14/503, 138.

  52. Song DX, Wagner D, Perrig A, 2000. Practical techniques for searches on encrypted data. Proc IEEE Symp on Security and Privacy, p.44-55. https://doi.org/10.1109/SECPRI.2000.848445

  53. Soubhagya B, Mini VG, Celin JA, 2013. A homomorphic encryption technique for scalable and secure sharing of personal health record in cloud computing. Int J Comput Appl, 67(11):40–44. https://doi.org/10.5120/11443-7344

  54. Sumalatha MR, Begam MBR, Priya ED, et al., 2015. Secure data sharing using aggregate key for sensitive data. Int Res J Eng Technol, 2(4):40–45.

  55. Sun WH, Yu SC, Lou WJ, et al., 2014. Protecting your right: attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud. Proc IEEE Conf on Computer Communications, p.226-234. https://doi.org/10.1109/INFOCOM.2014.6847943

  56. Wang CJ, Li WT, Li Y, et al., 2013. A ciphertext-policy attribute-based encryption scheme supporting keyword search function. Proc 5th Int Symp on Cyberspace Safety and Security, p.377-386. https://doi.org/10.1007/978-3-319-03584-0_28

  57. Wang PS, Wang HX, Pieprzyk J, 2007. Common secure index for conjunctive keyword-based retrieval over encrypted data. Proc 4th VLDB Workshop on Secure Data Management, p.108-123. https://doi.org/10.1007/978-3-540-75248-6_8

  58. Wang PS, Wang HX, Pieprzyk J, 2008a. Keyword field-free conjunctive keyword searches on encrypted data and extension for dynamic groups. In: Franklin MK, Hui LCK, Wong DS (Eds.), Cryptology and Network Security. Springer Berlin Heidelberg, p.178–195. https://doi.org/10.1007/978-3-540-89641-8_13

  59. Wang PS, Wang HX, Pieprzyk J, 2008b. Threshold privacy preserving keyword searches. Proc Int Conf on Current Trends in Theory and Practice of Computer Science, p.646-658. https://doi.org/10.1007/978-3-540-77566-9_56

  60. Wang ZW, 2019. Provably secure key-aggregate cryptosystems with auxiliary inputs for data sharing on the cloud. Fut Gener Comput Syst, 93:770–776. https://doi.org/10.1016/j.future.2017.09.041

  61. Wang ZW, Zhou LY, 2016. Leakage-resilient key-aggregate cryptosystem with auxiliary input. Proc 25th Int Conf on Computer Communication and Networks, p.1-5. https://doi.org/10.1109/ICCCN.2016.7568536

  62. Wang ZW, Cao C, Yang NH, et al., 2017. ABE with improved auxiliary input for big data security. J Comput Syst Sci, 89:41–50. https://doi.org/10.1016/j.jcss.2016.12.006

  63. Waters B, 2011. Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Catalano D, Fazio N, Gennaro R, et al. (Eds.), Public Key Cryptography-PKC 2011. Springer Berlin Heidelberg, p.53–70. https://doi.org/10.1007/978-3-642-19379-8_4

  64. Xiong AP, Gan QX, He XX, et al., 2013. A searchable encryption of CP-ABE scheme in cloud storage. Proc 10th Int Computer Conf on Wavelet Active Media Technology and Information Processing, p.345-349. https://doi.org/10.1109/ICCWAMTIP.2013.6716664

  65. Yang ZQ, Zhong S, Wright RN, 2006. Privacy-preserving queries on encrypted data. European Symp on Research in Computer Security, p.479-495. https://doi.org/10.1007/11863908_29

  66. Yao DF, Fazio N, Dodis Y, et al., 2004. ID-based encryption for complex hierarchies with applications to forward security and broadcast encryption. Proc 11th ACM Conf on Computer and Communications Security, p.354-363. https://doi.org/10.1145/1030083.1030130

  67. Zhang LH, Yang WH, Liao LZ, 2013. On an efficient implementation of the face algorithm for linear programming. J Comput Math, 31(4):335–354.

  68. Zhou R, Zhang XS, Du XJ, et al., 2018. File-centric multi-key aggregate keyword searchable encryption for industrial Internet of Things. IEEE Trans Ind Inform, 14(8):3648–3658. https://doi.org/10.1109/TII.2018.2794442

Download references

Author information

Correspondence to Mukti Padhya.

Additional information

Compliance with ethics guidelines

Mukti PADHYA and Devesh C. JINWALA declare that they have no conflict of interest.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Padhya, M., Jinwala, D.C. MULKASE: a novel approach for key-aggregate searchable encryption for multi-owner data. Front Inform Technol Electron Eng 20, 1717–1748 (2019). https://doi.org/10.1631/FITEE.1800192

Download citation

Key words

  • Searchable encryption
  • Cloud storage
  • Key-aggregate encryption
  • Data sharing

CLC number

  • TP309