Multi-user Cloud-Based Secure Keyword Search

  • Shabnam Kasra Kermanshahi
  • Joseph K. Liu
  • Ron Steinfeld
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10342)

Abstract

We propose a multi-user Symmetric Searchable Encryption (SSE) scheme based on the single-user Oblivious Cross Tags (OXT) protocol (Cash et al., CRYPTO 2013). The scheme allows any user to perform a search query by interacting with the server and any \(\theta -1\) ‘helping’ users, and preserves the privacy of database content against the server even assuming leakage of up to \(\theta -1\) users’ keys to the server (for a threshold parameter \(\theta \)), while hiding the query from the \(\theta -1\) ‘helping users’. To achieve the latter query privacy property, we design a new distributed key-homomorphic pseudorandom function (PRF) that hides the PRF input (search keyword) from the ‘helping’ key share holders. By distributing the utilized keys among the users, the need of constant online presence of the data owner to provide services to the users is eliminated, while providing resilience against user key exposure.

Keywords

Multi-user Cloud storage Searchable encryption Query privacy 

References

  1. 1.
    Abdalla, M., Bellare, M., Catalano, D., Kiltz, E., Kohno, T., Lange, T., Malone-Lee, J., Neven, G., Paillier, P., Shi, H.: Searchable encryption revisited: consistency properties, relation to anonymous IBE, and extensions. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 205–222. Springer, Heidelberg (2005). doi:10.1007/11535218_13 CrossRefGoogle Scholar
  2. 2.
    Bao, F., Deng, R.H., Ding, X., Yang, Y.: Private query on encrypted data in multi-user settings. In: Chen, L., Mu, Y., Susilo, W. (eds.) ISPEC 2008. LNCS, vol. 4991, pp. 71–85. Springer, Heidelberg (2008). doi:10.1007/978-3-540-79104-1_6 CrossRefGoogle Scholar
  3. 3.
    Bellare, M., Boldyreva, A., ONeill, A.: Deterministic and efficiently searchable encryption. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 535–552. Springer, Heidelberg (2007). doi:10.1007/978-3-540-74143-5_30 CrossRefGoogle Scholar
  4. 4.
    Boneh, D., Crescenzo, G., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004). doi:10.1007/978-3-540-24676-3_30 CrossRefGoogle Scholar
  5. 5.
    Boneh, D., Lewi, K., Montgomery, H., Raghunathan, A.: Key homomorphic PRFs and their applications. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 410–428. Springer, Heidelberg (2013). doi:10.1007/978-3-642-40041-4_23 CrossRefGoogle Scholar
  6. 6.
    Boneh, D., Waters, B.: Conjunctive, subset, and range queries on encrypted data. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 535–554. Springer, Heidelberg (2007). doi:10.1007/978-3-540-70936-7_29 CrossRefGoogle Scholar
  7. 7.
    Bösch, C., Tang, Q., Hartel, P., Jonker, W.: Selective document retrieval from encrypted database. In: Gollmann, D., Freiling, F.C. (eds.) ISC 2012. LNCS, vol. 7483, pp. 224–241. Springer, Heidelberg (2012). doi:10.1007/978-3-642-33383-5_14 CrossRefGoogle Scholar
  8. 8.
    Cash, D., Jaeger, J., Jarecki, S., Jutla, C.S., Krawczyk, H., Rosu, M., Steiner, M.: Dynamic searchable encryption in very-large databases: data structures and implementation. In: NDSS (2014)Google Scholar
  9. 9.
    Cash, D., Jarecki, S., Jutla, C., Krawczyk, H., Roşu, M.-C., Steiner, M.: Highly-scalable searchable symmetric encryption with support for boolean queries. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 353–373. Springer, Heidelberg (2013). doi:10.1007/978-3-642-40041-4_20 CrossRefGoogle Scholar
  10. 10.
    Chang, Y.-C., Mitzenmacher, M.: Privacy preserving keyword searches on remote encrypted data. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 442–455. Springer, Heidelberg (2005). doi:10.1007/11496137_30 CrossRefGoogle Scholar
  11. 11.
    Chase, M., Kamara, S.: Structured encryption and controlled disclosure. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 577–594. Springer, Heidelberg (2010). doi:10.1007/978-3-642-17373-8_33 CrossRefGoogle Scholar
  12. 12.
    Chu, C., Zhu, W.T., Han, J., Liu, J.K., Xu, J., Zhou, J.: Security concerns in popular cloud storage services. IEEE Pervasive Comput. 12(4), 50–57 (2013)CrossRefGoogle Scholar
  13. 13.
    Curtmola, R., Garay, J.A., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. In: ACM CCS 2006, pp. 79–88 (2006)Google Scholar
  14. 14.
    Dong, C., Russello, G., Dulay, N.: Shared and searchable encrypted data for untrusted servers. In: Atluri, V. (ed.) DBSec 2008. LNCS, vol. 5094, pp. 127–143. Springer, Heidelberg (2008). doi:10.1007/978-3-540-70567-3_10 CrossRefGoogle Scholar
  15. 15.
    Goh, E.: Secure indexes. IACR Cryptology ePrint Archive 2003:216 (2003)Google Scholar
  16. 16.
    Golle, P., Staddon, J., Waters, B.: Secure conjunctive keyword search over encrypted data. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 31–45. Springer, Heidelberg (2004). doi:10.1007/978-3-540-24852-1_3 CrossRefGoogle Scholar
  17. 17.
    Hore, B., Mehrotra, S., Canim, M., Kantarcioglu, M.: Secure multidimensional range queries over outsourced data. VLDB J. 21(3), 333–358 (2012)CrossRefGoogle Scholar
  18. 18.
    Hwang, Y.H., Lee, P.J.: Public key encryption with conjunctive keyword search and its extension to a multi-user system. In: Takagi, T., Okamoto, T., Okamoto, E., Okamoto, T. (eds.) Pairing 2007. LNCS, vol. 4575, pp. 2–22. Springer, Heidelberg (2007). doi:10.1007/978-3-540-73489-5_2 CrossRefGoogle Scholar
  19. 19.
    Islam, M.S., Kuzu, M., Kantarcioglu, M.: Access pattern disclosure on searchable encryption: ramification, attack and mitigation. In: NDSS (2012)Google Scholar
  20. 20.
    Jarecki, S., Jutla, C.S., Krawczyk, H., Rosu, M., Steiner, M.: Outsourced symmetric private information retrieval. In: ACM CCS 2013, pp. 875–888. ACM (2013)Google Scholar
  21. 21.
    Jiang, T., Chen, X., Li, J., Wong, D.S., Ma, J., Liu, J.K.: Towards secure and reliable cloud storage against data re-outsourcing. Future Gener. Comp. Syst. 52, 86–94 (2015)CrossRefGoogle Scholar
  22. 22.
    Kerschbaum, F., Sorniotti, A.: Searchable encryption for outsourced data analytics. In: Camenisch, J., Lambrinoudakis, C. (eds.) EuroPKI 2010. LNCS, vol. 6711, pp. 61–76. Springer, Heidelberg (2011). doi:10.1007/978-3-642-22633-5_5 CrossRefGoogle Scholar
  23. 23.
    Kuzu, M., Islam, M.S., Kantarcioglu, M.: Efficient similarity search over encrypted data. In: 2012 IEEE International Conference Data Engineering, pp. 1156–1167 (2012)Google Scholar
  24. 24.
    Liang, K., Au, M.H., Liu, J.K., Susilo, W., Wong, D.S., Yang, G., Phuong, T.V.X., Xie, Q.: A DFA-based functional proxy re-encryption scheme for secure public cloud data sharing. IEEE Trans. Inf. Forensics Secur. 9(10), 1667–1680 (2014)CrossRefGoogle Scholar
  25. 25.
    Liang, K., Huang, X., Guo, F., Liu, J.K.: Privacy-preserving and regular language search over encrypted cloud data. IEEE Trans. Inf. Forensics Secur. 11(10), 2365–2376 (2016)CrossRefGoogle Scholar
  26. 26.
    Liang, K., Su, C., Chen, J., Liu, J.K.: Efficient multi-function data sharing and searching mechanism for cloud-based encrypted data. In: ASIACCS, pp. 83–94 (2016)Google Scholar
  27. 27.
    Liang, K., Susilo, W., Liu, J.K.: Privacy-preserving ciphertext multi-sharing control for big data storage. IEEE Trans. Inf. Forensics Secur. 10(8), 1578–1589 (2015)CrossRefGoogle Scholar
  28. 28.
    Popa, R.A., Zeldovich, N.: Multi-key searchable encryption. IACR Cryptology ePrint Archive 2013:508 (2013)Google Scholar
  29. 29.
    Raykova, M., Cui, A., Vo, B., Liu, B., Malkin, T., Bellovin, S.M., Stolfo, S.J.: Usable, secure, private search. IEEE Secur. Priv. 10(5), 53–60 (2012)CrossRefGoogle Scholar
  30. 30.
    Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)MathSciNetCrossRefMATHGoogle Scholar
  31. 31.
    Shen, E., Shi, E., Waters, B.: Predicate privacy in encryption systems. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 457–473. Springer, Heidelberg (2009). doi:10.1007/978-3-642-00457-5_27 CrossRefGoogle Scholar
  32. 32.
    Shi, E., Bethencourt, J., Chan, T.H.H., Song, D., Perrig, A.: Multi-dimensional range query over encrypted data. In: 2007 IEEE Symposium on Security and Privacy (SP 2007), pp. 350–364, May 2007Google Scholar
  33. 33.
    Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: 2000 IEEE Symposium on Security and Privacy, SP 2000 Proceedings, pp. 44–55 (2000)Google Scholar
  34. 34.
    Sun, S.-F., Liu, J.K., Sakzad, A., Steinfeld, R., Yuen, T.H.: An efficient non-interactive multi-client searchable encryption with support for boolean queries. In: Askoxylakis, I., Ioannidis, S., Katsikas, S., Meadows, C. (eds.) ESORICS 2016. LNCS, vol. 9878, pp. 154–172. Springer, Cham (2016). doi:10.1007/978-3-319-45744-4_8 CrossRefGoogle Scholar
  35. 35.
    Tang, Q.: Nothing is for free: security in searching shared and encrypted data. IEEE Trans. Inf. Forensics Secur. 9(11), 1943–1952 (2014)CrossRefGoogle Scholar
  36. 36.
    Waters, B.R., Balfanz, D., Durfee, G., Smetters, D.K.: Building an encrypted and searchable audit log. In: NDSS 2004 (2004)Google Scholar
  37. 37.
    Wu, X., Xu, L., Zhang, X.: Poster: a certificateless proxy re-encryption scheme for cloud-based data sharing. In: ACMCCS, pp. 869–872. ACM (2011)Google Scholar
  38. 38.
    Xhafa, F., Wang, J., Chen, X., Liu, J.K., Li, J., Krause, P.: An efficient PHR service system supporting fuzzy keyword search and fine-grained access control. Soft Comput. 18(9), 1795–1802 (2014)CrossRefGoogle Scholar
  39. 39.
    Yang, X., Lee, T., Liu, J.K., Huang, X.: Trust enhancement over range search for encrypted data. In: IEEE Trustcom, pp. 66–73 (2016)Google Scholar
  40. 40.
    Yang, Y., Lu, H., Weng, J.: Multi-user private keyword search for cloud computing. In: CloudCom 2011, pp. 264–271 (2011)Google Scholar
  41. 41.
    Zhao, F., Nishide, T., Sakurai, K.: Multi-user keyword search scheme for secure data sharing with fine-grained access control. In: Kim, H. (ed.) ICISC 2011. LNCS, vol. 7259, pp. 406–418. Springer, Heidelberg (2012). doi:10.1007/978-3-642-31912-9_27 CrossRefGoogle Scholar
  42. 42.
    Zuo, C., Macindoe, J., Yang, S., Steinfeld, R., Liu, J.K.: Trusted boolean search on cloud using searchable symmetric encryption. In: IEEE Trustcom, pp. 113–120 (2016)Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Shabnam Kasra Kermanshahi
    • 1
  • Joseph K. Liu
    • 1
  • Ron Steinfeld
    • 1
  1. 1.Faculty of Information TechnologyMonash UniversityMelbourneAustralia

Personalised recommendations