Highly-Scalable Searchable Symmetric Encryption with Support for Boolean Queries

  • David Cash
  • Stanislaw Jarecki
  • Charanjit Jutla
  • Hugo Krawczyk
  • Marcel-Cătălin Roşu
  • Michael Steiner
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8042)


This work presents the design and analysis of the first searchable symmetric encryption (SSE) protocol that supports conjunctive search and general Boolean queries on outsourced symmetrically- encrypted data and that scales to very large databases and arbitrarily-structured data including free text search. To date, work in this area has focused mainly on single-keyword search. For the case of conjunctive search, prior SSE constructions required work linear in the total number of documents in the database and provided good privacy only for structured attribute-value data, rendering these solutions too slow and inflexible for large practical databases.

In contrast, our solution provides a realistic and practical trade-off between performance and privacy by efficiently supporting very large databases at the cost of moderate and well-defined leakage to the outsourced server (leakage is in the form of data access patterns, never as direct exposure of plaintext data or searched values). We present a detailed formal cryptographic analysis of the privacy and security of our protocols and establish precise upper bounds on the allowed leakage. To demonstrate the real-world practicality of our approach, we provide performance results of a prototype applied to several large representative data sets, including encrypted search over the whole English Wikipedia (and beyond).


Encrypt Data Inverted Index Conjunctive Query Conjunctive Search Search Protocol 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Ballard, L., Kamara, S., Monrose, F.: Achieving efficient conjunctive keyword searches over encrypted data. In: Qing, S., Mao, W., López, J., Wang, G. (eds.) ICICS 2005. LNCS, vol. 3783, pp. 414–426. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  2. 2.
    Bloom, B.H.: Space/time trade-offs in hash coding with allowable errors. Communications of the Association for Computing Machinery 13(7), 422–426 (1970)CrossRefzbMATHGoogle Scholar
  3. 3.
    Byun, J.W., Lee, D.-H., Lim, J.-I.: Efficient conjunctive keyword search on encrypted data storage system. In: Atzeni, A.S., Lioy, A. (eds.) EuroPKI 2006. LNCS, vol. 4043, pp. 184–196. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  4. 4.
    Cash, D., Jagger, J., Jarecki, S., Jutla, C., Krawczyk, H., Rosu, M.C., Steiner, M.: Dynamic searchable encryption in very-large databases: Data structures and implementation (manuscript, 2013)Google Scholar
  5. 5.
    Cash, D., Jarecki, S., Jutla, C., Krawczyk, H., Rosu, M., Steiner, M.: Highlyscalable searchable symmetric encryption with support for boolean queries. Report 2013/169, Cryptology ePrint Archive (2013),
  6. 6.
    Chang, Y.-C., Mitzenmacher, M.: Privacy preserving keyword searches on remote encrypted data. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 442–455. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  7. 7.
    Chase, M., Kamara, S.: Structured encryption and controlled disclosure. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 577–594. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  8. 8.
    Curtmola, R., Garay, J.A., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. In: Juels, A., Wright, R.N., Vimercati, S. (eds.) ACM CCS 2006, pp. 79–88. ACM Press (October 2006)Google Scholar
  9. 9.
  10. 10.
    Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Mitzenmacher, M. (ed.) 41st ACM STOC, pp. 169–178. ACM Press (May/June 2009)Google Scholar
  11. 11.
    Goh, E.-J.: Secure indexes. Cryptology ePrint Archive, Report 2003/216 (2003),
  12. 12.
    Goldwasser, S., Ostrovsky, R.: Invariant signatures and non-interactive zeroknowledge proofs are equivalent (extended abstract). In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 228–245. Springer, Heidelberg (1993)CrossRefGoogle Scholar
  13. 13.
    Golle, P., Staddon, J., Waters, B.: Secure conjunctive keyword search over encrypted data. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 31–45. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  14. 14.
    IARPA. Security and Privacy Assurance Research (SPAR) Program - BAA (2011),
  15. 15.
    Islam, M., Kuzu, M., Kantarcioglu, M.: Access pattern disclosure on searchable encryption: Ramification, attack and mitigation. In: Proceedings of the Symposium on Network and Distributed Systems Security (NDSS 2012), San Diego, CA. Internet Society (February 2012)Google Scholar
  16. 16.
    Jarecki, S., Jutla, C., Krawczyk, H., Rosu, M.C., Steiner, M.: Outsourced symmetric private information retrieval (manuscript 2013)Google Scholar
  17. 17.
    Kamara, S., Lauter, K.: Cryptographic cloud storage. In: Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J.M., Sako, K., Sebé, F. (eds.) RLCPS, WECSR, and WLC 2010. LNCS, vol. 6054, pp. 136–149. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  18. 18.
    Kamara, S., Papamanthou, C., Röder, T.: CS2: A searchable cryptographic cloud storage system (2011),
  19. 19.
    Kamara, S., Papamanthou, C., Roeder, T.: Dynamic searchable symmetric encryption. In: Proc. of CCS 2012 (2012)Google Scholar
  20. 20.
    Lemur Project. ClueWeb09 dataset,
  21. 21.
    Pappas, V., Vo, B., Krell, F., Choi, S.G., Kolesnikov, V., Keromytis, A., Malkin, T.: Blind Seer: A Scalable Private DBMS (manuscript, 2013)Google Scholar
  22. 22.
    Patrascu, M.: Towards polynomial lower bounds for dynamic problems. In: 42nd ACM STOC, pp. 603–610. ACM Press (2010)Google Scholar
  23. 23.
    Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: 2000 IEEE Symposium on Security and Privacy, pp. 44–55. IEEE Computer Society Press (May 2000)Google Scholar

Copyright information

© International Association for Cryptologic Research 2013

Authors and Affiliations

  • David Cash
    • 1
  • Stanislaw Jarecki
    • 2
  • Charanjit Jutla
    • 3
  • Hugo Krawczyk
    • 3
  • Marcel-Cătălin Roşu
    • 3
  • Michael Steiner
    • 3
  1. 1.Rutgers UniversityUSA
  2. 2.University of California IrvineUSA
  3. 3.IBM ResearchUSA

Personalised recommendations