Abstract
Many enterprises and personals are inclining to outsource their data to public clouds, but security and privacy are two critical problems cannot be ignored. The door of cloud provider may be broken, and the data may also be dug into by providers to find valuable information. In this paper, a secure and efficient storage file (SES_FS) system is proposed to distribute files in several clouds and allows users to search the files securely and efficiently. In the proposed system, keywords were transformed into integers and secretly shared in a defined finite field, then the shares were mapped to random numbers in specified random domain in each cloud. Files were encrypted with distinct secret key and scattered within different clouds. Information about keyword/file was secretly shared among cloud providers. Legal users can search in the clouds to find correct encrypted files and reconstruct corresponding secret key. No adversary can find or detect the real file information even they can collude all the servers. Manipulation on shares by one or more clouds can be detected with high probability. The system can also detect malicious servers through introduced virtual points. One interesting property for the scheme is that new keywords can be added easily, which is difficult and usually not efficient for many searchable symmetric encryption systems. Detailed experimental result shows, with tolerable uploading delay, the scheme exhibits excellent performance on data retrieving aspect.
This work is supported by Demonstration on the Construction of Guangdong Survey and Geomatics Industry Technology Innovation Alliance (2017B090907030), The Demonstration of Big Data Application for Land Resource Management and Service (2015B010110006). Qiong Huang is supported by Guangdong Natural Science Funds for Distinguished Young Scholar (No. 2014A030306021), Guangdong Program for Special Support of Top-notch Young Professionals (No. 2015TQ01X796), Pearl River Nova Program of Guangzhou (No. 201610010037), and the National Natural Science Foundation of China (Nos. 61472146, 61672242).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Asmuth, C., Bloom, J.: A modular approach to key safeguarding. IEEE Trans. Inf. Theory 29(2), 208–210 (1983)
Attasena, V., Harbi, N., Darmont, J.: fVSS: a new secure and cost-efficient scheme for cloud data warehouses. In: Proceedings of the 17th International Workshop on Data Warehousing and OLAP, pp. 81–90. ACM (2014)
Avni, H., Dolev, S., Gilboa, N., Li, X.: SSSDB: database with private information search. In: Karydis, I., Sioutas, S., Triantafillou, P., Tsoumakos, D. (eds.) ALGOCLOUD 2015. LNCS, vol. 9511, pp. 49–61. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29919-8_4
Benaloh, J.C.: Secret sharing homomorphisms: keeping shares of a secret secret (extended abstract). In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 251–260. Springer, Heidelberg (1987). https://doi.org/10.1007/3-540-47721-7_19
Brakerski, Z., Vaikuntanathan, V.: Efficient fully homomorphic encryption from (standard) LWE. SIAM J. Comput. 43(2), 831–871 (2014)
Cai, Q., Lin, J., Li, F., Wang, Q.: SEDB: building secure database services for sensitive data. In: Hui, L.C.K., Qing, S.H., Shi, E., Yiu, S.M. (eds.) ICICS 2014. LNCS, vol. 8958, pp. 16–30. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-21966-0_2
Curtmola, R., Garay, J., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. J. Comput. Secur. 19(5), 895–934 (2011)
Dautrich, J.L., Ravishankar, C.V.: Security limitations of using secret sharing for data outsourcing. In: Cuppens-Boulahia, N., Cuppens, F., Garcia-Alfaro, J. (eds.) DBSec 2012. LNCS, vol. 7371, pp. 145–160. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31540-4_12
Dolev, S., Gilboa, N., Li, X.: Accumulating automata and cascaded equations automata for communicationless information theoretically secure multi-party computation. In: Proceedings of the 3rd International Workshop on Security in Cloud Computing, pp. 21–29. ACM (2015)
Emekci, F., Methwally, A., Agrawal, D., El Abbadi, A.: Dividing secrets to secure data outsourcing. Inf. Sci. 263, 198–210 (2014)
Ferretti, L., Colajanni, M., Marchetti, M.: Distributed, concurrent, and independent access to encrypted cloud databases. IEEE Trans. Parallel Distrib. Syst. 25(2), 437–446 (2014)
Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proceedings of the 41st Annual ACM Symposium on Theory of Computing, STOC 2009, Bethesda, MD, USA, 31 May–2 June 2009, pp. 169–178 (2009)
Gentry, C., Halevi, S.: Implementing gentry’s fully-homomorphic encryption scheme. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 129–148. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20465-4_9
Hadavi, M.A., Damiani, E., Jalili, R., Cimato, S., Ganjei, Z.: AS5: a secure searchable secret sharing scheme for privacy preserving database outsourcing. In: Di Pietro, R., Herranz, J., Damiani, E., State, R. (eds.) DPM/SETOP 2012. LNCS, vol. 7731, pp. 201–216. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-35890-6_15
Hadavi, M.A., Jalili, R.: Secure data outsourcing based on threshold secret sharing; towards a more practical solution. In: Proceedings of the VLDB PhD Workshop, pp. 54–59 (2010)
Hadavi, M.A., Jalili, R., Damiani, E., Cimato, S.: Security and searchability in secret sharing-based data outsourcing. Int. J. Inf. Secur. 14(6), 513–529 (2015)
Hadavi, M.A., Noferesti, M., Jalili, R., Damiani, E.: Database as a service: towards a unified solution for security requirements. In: 2012 IEEE 36th Annual Computer Software and Applications Conference Workshops (COMPSACW), pp. 415–420. IEEE (2012)
Kaya, K., Selçuk, A.A.: Threshold cryptography based on asmuth-bloom secret sharing. Inf. Sci. 177(19), 4148–4160 (2007)
Monz, T., et al.: Realization of a scalable shor algorithm. Science 351(6277), 1068–1070 (2016)
Muhammad, Y.I., Kaiiali, M., Habbal, A., Wazan, A.S., Sani Ilyasu, A.: A secure data outsourcing scheme based on asmuth-bloom secret sharing. Enterp. Inf. Syst. 10(9), 1001–1023 (2016)
Pal, D., Khethavath, P., Thomas, J.P., Chen, T.: Multilevel threshold secret sharing in distributed cloud. In: Abawajy, J.H., Mukherjea, S., Thampi, S.M., Ruiz-Martínez, A. (eds.) SSCC 2015. CCIS, vol. 536, pp. 13–23. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-22915-7_2
Poh, G.S., Mohamad, M.S., Chin, J.J.: Searchable symmetric encryption over multiple servers. Crypt. Commun. 10(1), 139–158 (2018)
Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)
Tian, X.X., Sha, C.F., Wang, X.L., Zhou, A.Y.: Privacy preserving query processing on secret share based data storage. In: Yu, J.X., Kim, M.H., Unland, R. (eds.) DASFAA 2011. LNCS, vol. 6587, pp. 108–122. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20149-3_10
Trummer, I., Koch, C.: Multiple query optimization on the D-Wave 2X adiabatic quantum computer. Proc. VLDB Endow. 9(9), 648–659 (2016)
Wang, W., Hu, Y., Chen, L., Huang, X., Sunar, B.: Exploring the feasibility of fully homomorphic encryption. IEEE Trans. Comput. 64(3), 698–706 (2015)
Wu, C., Zapevalova, E., Chen, Y., Li, F.: Time optimization of multiple knowledge transfers in the big data environment. Comput. Mater. Continua 54(3), 269–285 (2018)
Zhu, H., Liu, T., Zhu, D., Li, H.: Robust and simple N-party entangled authentication cloud storage protocol based on secret sharing scheme. J. Inf. Hiding Multimed. Signal Process. 4(2), 110–117 (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A Algorithm of Transforming String to Integer
A Algorithm of Transforming String to Integer
We here give a function \(HF_{SToI}\) to convert a keyword to a distinct number in \(\mathbb {Z}_p\) (where p is a prime number). Below, we give the detailed process.
-
(1)
Convert each character of the keyword kw into a binary data bkw.
-
(2)
For each binary data bkw, if its length is not an exact multiple, pad digit 1 in the front of bkw until its length is a multiple which is named fbkw.
-
(3)
For each l bit block of fbkw, convert it to a decimal digit.
-
(4)
Compute the product of all decimal blocks fbkw and get an integer number Ikw.
-
(5)
Compute \(Ikw \mod p\).
In the function, there is a small probability that two or more strings are converted to the same integer in \(\mathbb {Z}_p\). Figure 10 gives an example that converts string kw to a numeric value where p = 2017. In the example the string kw is converted to bitstring 0110101101110111, and then padded with 111111. Finally, the number of kw is 559 in finite field \(\mathbb {Z}_{2017}\).
Sample data type conversion process
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Li, X., Chen, W., Guo, Y., Ma, S., Huang, Q. (2019). Secure, Efficient and Searchable File System on Distributed Clouds. In: Mao, R., Wang, H., Xie, X., Lu, Z. (eds) Data Science. ICPCSEE 2019. Communications in Computer and Information Science, vol 1059. Springer, Singapore. https://doi.org/10.1007/978-981-15-0121-0_19
Download citation
DOI: https://doi.org/10.1007/978-981-15-0121-0_19
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-0120-3
Online ISBN: 978-981-15-0121-0
eBook Packages: Computer ScienceComputer Science (R0)