Advertisement

SDKSE-KGA: A Secure Dynamic Keyword Searchable Encryption Scheme Against Keyword Guessing Attacks

  • Hongyuan Chen
  • Zhenfu CaoEmail author
  • Xiaolei Dong
  • Jiachen ShenEmail author
Conference paper
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 563)

Abstract

A number of searchable encryption schemes have been widely proposed to solve the search problem in ciphertext domain. However, most existing searchable encryption schemes are vulnerable to keyword guessing attacks. During keyword guessing attacks, with the help of the cloud, an adversary will learn what keyword a given trapdoor is searching for, which leads to the disclosure of users’ privacy information. To address this issue, we propose SDKSE-KGA: a secure dynamic keyword searchable encryption scheme which resists keyword guessing attacks. SDKSE-KGA has constant-size indexes and trapdoors and supports functionalities such as dynamic updating of keywords and files. Formal proofs show that it is Trapdoor-IND-CKA and Index-IND-CKA secure in the standard model.

Keywords

Searchable encryption Dynamic Keyword guessing attack Trapdoor-IND-CKA Index-IND-CKA 

Notes

Acknowledgement

This work was supported in part by the National Natural Science Foundation of China (Grant No.61632012, 61672239, 61602180 and U1509219), in part by Natural Science Foundation of Shanghai (Grant No. 16ZR1409200), and in part by “the Fundamental Research Funds for the Central Universities”.

References

  1. 1.
    Song, D., Wagner, D.A., Perrig, A., et al.: Practical techniques for searches on encrypted data. In: IEEE symposium on Security and Privacy, pp. 44–55 (2000)Google Scholar
  2. 2.
    Boneh, D., Crescenzo, G.D., Ostrovsky, R., et al.: Public key encryption with keyword search. In: Theory and Application of Cryptographic Techniques, pp. 506–522 (2004)Google Scholar
  3. 3.
    Waters, B., Balfanz, D., Durfee, G.E., et al.: Building an encrypted and searchable audit log. In: Network and Distributed System Security Symposium (2004)Google Scholar
  4. 4.
    Curtmola, R., Garay, J.A., Kamara, S., et al.: Searchable symmetric encryption: improved definitions and efficient constructions. In: Computer and Communications Security, pp. 79–88 (2006)Google Scholar
  5. 5.
    Wang, P., Wang, H., Pieprzyk, J.: Threshold privacy preserving keyword searches. In: Geffert, V., Karhumäki, J., Bertoni, A., Preneel, B., Návrat, P., Bieliková, M. (eds.) SOFSEM 2008. LNCS, vol. 4910, pp. 646–658. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-77566-9_56CrossRefGoogle Scholar
  6. 6.
    Dong, J.P., Cha, J., Lee, P.J.: Searchable keyword-based encryption. IACR Cryptology Eprint Archive, 2005 (2005)Google Scholar
  7. 7.
    Moataz, T., Justus, B., Ray, I., Cuppens-Boulahia, N., Cuppens, F., Ray, I.: Privacy-preserving multiple keyword search on outsourced data in the clouds. In: Atluri, V., Pernul, G. (eds.) DBSec 2014. LNCS, vol. 8566, pp. 66–81. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-43936-4_5CrossRefGoogle Scholar
  8. 8.
    Yang, Y., Liu, X., Deng, R.: Multi-user multi-keyword rank search over encrypted data in arbitrary language. IEEE Trans. Dependable Secur. Comput. PP(99), 1 (2017)Google Scholar
  9. 9.
    Fu, Z., Wu, X., Guan, C., et al.: Toward efficient multi-keyword fuzzy search over encrypted outsourced data with accuracy improvement. IEEE Trans. Inf. Forensics Secur. 11(12), 2706–2716 (2017)CrossRefGoogle Scholar
  10. 10.
    Wang, B., Yu, S., Lou, W., et al.: Privacy-preserving multi-keyword fuzzy search over encrypted data in the cloud. In: INFOCOM, 2014 Proceedings IEEE. IEEE, pp. 2112–2120 (2014)Google Scholar
  11. 11.
    Zhang, W., Xiao, S., Lin, Y., et al.: Secure ranked multi-keyword search for multiple data owners in cloud computing. In: IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 276–286. IEEE (2014)Google Scholar
  12. 12.
    Ameri, M.H., Delavar, M., Mohajeri, J., et al.: A key-policy attribute-based temporary keyword search scheme for secure cloud storage. IEEE Trans. Cloud Comput. PP(99), 1 (2018)Google Scholar
  13. 13.
    Liang, X., Cao, Z., Lin, H., et al.: Attribute based proxy re-encryption with delegating capabilities. In: International Symposium on Information, Computer, and Communications Security, pp. 276–286. ACM (2009)Google Scholar
  14. 14.
    Cui, J., Zhou, H., Zhong, H., et al.: AKSER: attribute-based keyword search with efficient revocation in cloud computing. Inf. Sci. 423, 343–352 (2017)CrossRefGoogle Scholar
  15. 15.
    Hur, J., Dong, K.N.: Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans. Parallel Distrib. Syst. 22(7), 1214–1221 (2011)CrossRefGoogle Scholar
  16. 16.
    Cui, H., Deng, R.H., Liu, J.K., Li, Y.: Attribute-based encryption with expressive and authorized keyword search. In: Pieprzyk, J., Suriadi, S. (eds.) ACISP 2017. LNCS, vol. 10342, pp. 106–126. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-60055-0_6CrossRefGoogle Scholar
  17. 17.
    Kamara, S., Papamanthou, C., Roeder, T., et al.: Dynamic searchable symmetric encryption. In: Computer and Communications Security, pp. 965–976 (2012)Google Scholar
  18. 18.
    Kamara, S., Papamanthou, C.: Parallel and dynamic searchable symmetric encryption. In: Financial Cryptography, pp. 258–274 (2013)Google Scholar
  19. 19.
    Hahn, F., Kerschbaum, F.: Searchable encryption with secure and efficient updates. In: Computer and Communications Security, pp. 310–320 (2014)Google Scholar
  20. 20.
    Xia, Z., Wang, X., Sun, X., et al.: A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data. IEEE Trans. Parallel Distrib. Syst. 27(2), 340–352 (2016)CrossRefGoogle Scholar
  21. 21.
    Miers, I., Mohassel, P.: IO-DSSE: scaling dynamic searchable encryption to millions of indexes by improving locality. In: Network and Distributed System Security Symposium (2017)Google Scholar
  22. 22.
    Seo, J.H., Cheon, J.H.: Fully Secure Anonymous Hierarchical Identity-Based Encryption with Constant Size Ciphertexts. IACR Cryptology Eprint Archive 2011, 215–234 (2011)Google Scholar
  23. 23.
    Zhao, Y., Chen, X., Ma, H., et al.: A new trapdoor-indistinguishable public key encryption with keyword search. J. Wirel. Mob. Networks, Ubiquitous Comput. Dependable Appl. 3(1/2), 72–81 (2012)Google Scholar
  24. 24.
    Katz, J., Sahai, A., Waters, B., et al.: Predicate encryption supporting disjunctions, polynomial equations, and inner products. In: Theory and Application of Cryptographic Techniques, pp. 146–162 (2008)Google Scholar
  25. 25.
    Byun, J.W., Rhee, H.S., Park. H.A., et al.: Off-line keyword guessing attacks on recent keyword search schemes over encrypted data. In: Very Large Data Bases, pp. 75–83 (2006)Google Scholar
  26. 26.
    Yau, W.-C., Phan, R.C.-W., Heng, S.-H., Goi, B.-M.: Keyword guessing attacks on secure searchable public key encryption schemes with a designated tester. Int. J. Comput. Math. 90(12), 2581–2587 (2013)CrossRefGoogle Scholar
  27. 27.
    Tang, Q., Chen, L.: Public-key encryption with registered keyword search. In: European Public Key Infrastructure Workshop, pp. 163–178 (2009)Google Scholar
  28. 28.
    Chen, R., Mu, Y., Yang, G., et al.: Dual-server public-key encryption with keyword search for secure cloud storage. IEEE Trans. Inf. Forensics Secur. 11(4), 789–798 (2016)Google Scholar
  29. 29.
    Lu, Y., Li, J.: Efficient searchable public key encryption against keyword guessing attacks for cloud-based EMR systems. Cluster Comput. 22(1), 285–299 (2019)CrossRefGoogle Scholar
  30. 30.
    Chen, H., Cao, Z., Dong, Z., et al.: SDKSE: a secure dynamic keyword searchable encryption scheme for email systems. In: 2018 3rd International Conference on Security of Smart Cities, Industrial Control System and Communications (2018)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2019

Authors and Affiliations

  1. 1.Shanghai Key Laboratory of Trustworthy ComputingEast China Normal UniversityShanghaiChina
  2. 2.Cyberspace Security Research CenterPeng Cheng LaboratoryShenzhenChina
  3. 3.Shanghai Institute of Intelligent Science and TechnologyTongji UniversityShanghaiChina

Personalised recommendations