Semantic Search Approach in Cloud

With the approach of cloud computing, more and more information data are distributed to the public cloud for economic savings and ease of access. But, the encryption of privacy information is necessary to guarantee the security. Now a days efficient data utilization, and search over encrypted cloud data has been a great challenge. Solution of existing methods depends only on the keyword of submitted query and didn�t examine the semantics of keyword. Thus the search schemes are not intelligent and also omit some semantically related documents. To overcome this problem, we propose a semantic expansion based similar search solution over encrypted cloud data. The solution of this method will return not only the exactly matched files, but also the files including the terms semantically related to the query keyword. In this scheme, a corresponding file metadata is constructed for each file. After this, both the encrypted file metadata set and file collection are uploaded to the cloud server. With the help of metadata set file, the cloud server maintains the inverted index and create semantic relationship library (SRL) for the keywords set. After receiving a query request from user , this server firstly search out the keywords that are related to the query keyword according to SRL. After this, both the query keyword and the extensional words are used to retrieve the files to fulfill the user request. These files are returned in order according to the total relevance score. Our detailed security analysis shows that our method is privacy-preserving and secure than the previous searchable symmetric encryption (SSE) security definition. Experimental evaluation demonstrates the efficiency and effectives of the scheme

Verifiable key-aggregate searchable encryption with a designated server in multi-owner setting

Key-aggregate searchable encryption (KASE) schemes support selective data sharing and keyword-based ciphertext searching by using the constant-size shared key and trapdoor, making these schemes attractive for resource-constrained users to store, share, and search encrypted data in public clouds. However, most previously proposed KASE schemes suffer from our proposed "off-line keyword guessing attack (KGA)" and some other weaknesses. Consequently, they fail to gain the keyword ciphertext indistinguishability and trapdoor indistinguishability, which are vital security goals of searchable encryption. Inspired by the relationship of public key encryption with keyword search (PEKS) and KASE, we design a new KASE scheme called key-aggregate searchable encryption with a designated server (dKASE). The dKASE scheme achieves our proposed keyword ciphertext indistinguishability against chosen keyword attack (KC-IND-CKA) and keyword trapdoor indistinguishability against keyword guessing attack (KT-IND-KGA) security models, where the latter model captures off-line KGA. Then, we extend the dKASE scheme to verifiable dKASE in multi-owner setting (dVKASEM) scheme. With dVKASEM, when multiple data owners authorize a user to access data, the user merely needs to store his single key and generate a single trapdoor to query these owners’ data. Besides, the adoption of the aggregate signature significantly reduces the overhead of verifying whether data has been tampered with. Performance analysis illustrates that our schemes are efficient

Shared and Searchable Encrypted Data for Untrusted Servers

Current security mechanisms pose a risk for organisations that outsource their data management to untrusted servers. Encrypting and decrypting sensitive data at the client side is the normal approach in this situation but has high communication and computation overheads if only a subset of the data is required, for example, selecting records in a database table based on a keyword search. New cryptographic schemes have been proposed that support encrypted queries over encrypted data but all depend on a single set of secret keys, which implies single user access or sharing keys among multiple users, with key revocation requiring costly data re-encryption. In this paper, we propose an encryption scheme where each authorised user in the system has his own keys to encrypt and decrypt data. The scheme supports keyword search which enables the server to return only the encrypted data that satisfies an encrypted query without decrypting it. We provide two constructions of the scheme giving formal proofs of their security. We also report on the results of a prototype implementation. This research was supported by the UK’s EPSRC research grant EP/C537181/1. The authors would like to thank the members of the Policy Research Group at Imperial College for their support

Towards an Information Theoretic Analysis of Searchable Encryption (Extended Version)

Searchable encryption is a technique that allows a client to store data in encrypted form on a curious server, such that data can be retrieved while leaking a minimal amount of information to the server. Many searchable encryption schemes have been proposed and proved secure in their own computational model. In this paper we propose a generic model for the analysis of searchable encryptions. We then identify the security parameters of searchable encryption schemes and prove information theoretical bounds on the security of the parameters. We argue that perfectly secure searchable encryption schemes cannot be efficient. We classify the seminal schemes in two categories: the schemes that leak information upfront during the storage phase, and schemes that leak some information at every search. This helps designers to choose the right scheme for an application