151 research outputs found
FSPVDsse: A Forward Secure Publicly Verifiable Dynamic SSE scheme
A symmetric searchable encryption (SSE) scheme allows a client (data owner)
to search on encrypted data outsourced to an untrusted cloud server. The search
may either be a single keyword search or a complex query search like
conjunctive or Boolean keyword search. Information leakage is quite high for
dynamic SSE, where data might be updated. It has been proven that to avoid this
information leakage an SSE scheme with dynamic data must be forward private. A
dynamic SSE scheme is said to be forward private, if adding a keyword-document
pair does not reveal any information about the previous search result with that
keyword.
In SSE setting, the data owner has very low computation and storage power. In
this setting, though some schemes achieve forward privacy with
honest-but-curious cloud, it becomes difficult to achieve forward privacy when
the server is malicious, meaning that it can alter the data. Verifiable dynamic
SSE requires the server to give a proof of the result of the search query. The
data owner can verify this proof efficiently. In this paper, we have proposed a
generic publicly verifiable dynamic SSE (DSSE) scheme that makes any forward
private DSSE scheme verifiable without losing forward privacy. The proposed
scheme does not require any extra storage at owner-side and requires minimal
computational cost as well for the owner. Moreover, we have compared our scheme
with the existing results and show that our scheme is practical.Comment: 17 pages, Published in ProvSec 201
Aggregation of Key with Searchable Encryption for Group Data Sharing
Data sharing is an important functionality in cloud storage. In this article, we show how to securely, efficiently, and flexibly share data with others in cloud storage. We describe new public-key cryptosystems which produce constant-size ciphertexts such that efficient delegation of decryption rights for any set of ciphertexts are possible. The novelty is that one can aggregate any set of secret keys and make them as compact as a single key, but encompassing the power of all the keys being aggregated. In other words, the secret key holder can release a constant-size aggregate key for flexible choices of ciphertext set in cloud storage, but the other encrypted files outside the set remain confidential. This compact aggregate key can be conveniently sent to others or be stored in a smart card with very limited secure storage. We provide formal security analysis of our schemes in the standard model. We also describe other application of our schemes. In particular, our schemes give the first public-key patient-controlled encryption for flexible hierarchy, which was yet to be known
A Practical Framework for Storing and Searching Encrypted Data on Cloud Storage
Security has become a significant concern with the increased popularity of
cloud storage services. It comes with the vulnerability of being accessed by
third parties. Security is one of the major hurdles in the cloud server for the
user when the user data that reside in local storage is outsourced to the
cloud. It has given rise to security concerns involved in data confidentiality
even after the deletion of data from cloud storage. Though, it raises a serious
problem when the encrypted data needs to be shared with more people than the
data owner initially designated. However, searching on encrypted data is a
fundamental issue in cloud storage. The method of searching over encrypted data
represents a significant challenge in the cloud.
Searchable encryption allows a cloud server to conduct a search over
encrypted data on behalf of the data users without learning the underlying
plaintexts. While many academic SE schemes show provable security, they usually
expose some query information, making them less practical, weak in usability,
and challenging to deploy. Also, sharing encrypted data with other authorized
users must provide each document's secret key. However, this way has many
limitations due to the difficulty of key management and distribution.
We have designed the system using the existing cryptographic approaches,
ensuring the search on encrypted data over the cloud. The primary focus of our
proposed model is to ensure user privacy and security through a less
computationally intensive, user-friendly system with a trusted third party
entity. To demonstrate our proposed model, we have implemented a web
application called CryptoSearch as an overlay system on top of a well-known
cloud storage domain. It exhibits secure search on encrypted data with no
compromise to the user-friendliness and the scheme's functional performance in
real-world applications.Comment: 146 Pages, Master's Thesis, 6 Chapters, 96 Figures, 11 Table
Authorized keyword search over outsourced encrypted data in cloud environment
For better data availability and accessibility while ensuring data secrecy, end-users often tend to outsource their data to the cloud servers in an encrypted form. However, this brings a major challenge to perform the search for some keywords over encrypted content without disclosing any information to unintended entities. This paper proposes a novel expressive authorized keyword search scheme relying on the concept of ciphertext-policy attribute-based encryption. The originality of the proposed scheme is multifold. First, it supports the generic and convenient multi-owner and multi-user scenario, where the encrypted data are outsourced by several data owners and searchable by multiple users. Second, the formal security analysis proves that the proposed scheme is semantically secure against chosen keyword and outsider's keyword guessing attacks. Third, an interactive protocol is introduced which avoids the need of any secure channels between users and service provider. Fourth, due to the concept of bilinear-map accumulator, the system can efficiently revoke users and/or their attributes, and authenticate them prior to launching any expensive search operations. Fifth, conjunctive keyword search is provided thus enabling to search for multiple keywords simultaneously, with minimal cost. Sixth, the performance analysis shows that the proposed scheme outperforms closely-related works
Efficient Strong Privacy-Preserving Conjunctive Keyword Search Over Encrypted Cloud Data
Searchable symmetric encryption (SSE) supports keyword search over outsourced
symmetrically encrypted data. Dynamic searchable symmetric encryption (DSSE), a
variant of SSE, further enables data updating. Most DSSE works with conjunctive
keyword search primarily consider forward and backward privacy. Ideally, the
server should only learn the result sets involving all keywords in the
conjunction. However, existing schemes suffer from keyword pair result pattern
(KPRP) leakage, revealing the partial result sets containing two of query
keywords. We propose the first DSSE scheme to address aforementioned concerns
that achieves strong privacy-preserving conjunctive keyword search.
Specifically, our scheme can maintain forward and backward privacy and
eliminate KPRP leakage, offering a higher level of security. The search
complexity scales with the number of documents stored in the database in
several existing schemes. However, the complexity of our scheme scales with the
update frequency of the least frequent keyword in the conjunction, which is
much smaller than the size of the entire database. Besides, we devise a least
frequent keyword acquisition protocol to reduce frequent interactions between
clients. Finally, we analyze the security of our scheme and evaluate its
performance theoretically and experimentally. The results show that our scheme
has strong privacy preservation and efficiency
Recommended from our members
Fuzzy keywords enabled ranked searchable encryption scheme for a public Cloud environment
Searchable Encryption allows a user or organization to outsource their encrypted documents to a Cloud-based storage service, while maintaining the ability to perform keyword searches over the encrypted text. However, most of the existing search schemes do not take the almost certain presence of typographical errors in the documents under consideration, when trying to obtain meaningful and accurate results. This paper presents a novel ranked searchable encryption scheme that addresses this issue by supporting fuzzy keywords. The proposed construction is based on probabilistic trapdoors that help resist distinguishability attacks. This paper for the first time proposes Searchable Encryption as a Service (SEaaS). The proposed construction is deployed on the British Telecommunication’s public Cloud architecture and evaluated over a real-life speech corpus. Our security analysis yields that the construction satisfies strong security guarantees and is also quiet lightweight, by analyzing its performance over the speech corpus
GraphSE: An Encrypted Graph Database for Privacy-Preserving Social Search
In this paper, we propose GraphSE, an encrypted graph database for online
social network services to address massive data breaches. GraphSE preserves
the functionality of social search, a key enabler for quality social network
services, where social search queries are conducted on a large-scale social
graph and meanwhile perform set and computational operations on user-generated
contents. To enable efficient privacy-preserving social search, GraphSE
provides an encrypted structural data model to facilitate parallel and
encrypted graph data access. It is also designed to decompose complex social
search queries into atomic operations and realise them via interchangeable
protocols in a fast and scalable manner. We build GraphSE with various
queries supported in the Facebook graph search engine and implement a
full-fledged prototype. Extensive evaluations on Azure Cloud demonstrate that
GraphSE is practical for querying a social graph with a million of users.Comment: This is the full version of our AsiaCCS paper "GraphSE: An
Encrypted Graph Database for Privacy-Preserving Social Search". It includes
the security proof of the proposed scheme. If you want to cite our work,
please cite the conference version of i
- …