351 research outputs found
A practical and secure multi-keyword search method over encrypted cloud data
Cloud computing technologies become more and more popular every year, as many organizations tend to outsource their data utilizing robust and fast services of clouds while lowering the cost of hardware ownership. Although its benefits are welcomed, privacy is still a remaining concern that needs to be addressed. We propose an efficient privacy-preserving search method over encrypted cloud data that utilizes minhash functions. Most of the work in literature can only support a single feature search in queries which reduces the effectiveness. One of the main advantages of our proposed method is the capability of multi-keyword search in a single query. The proposed method is proved to satisfy adaptive semantic security definition. We also combine an effective ranking capability that is based on term frequency-inverse document frequency (tf-idf) values of keyword document pairs. Our analysis demonstrates that the proposed scheme is proved to be privacy-preserving, efficient and effective
GraphSE: An Encrypted Graph Database for Privacy-Preserving Social Search
In this paper, we propose GraphSE, an encrypted graph database for online
social network services to address massive data breaches. GraphSE preserves
the functionality of social search, a key enabler for quality social network
services, where social search queries are conducted on a large-scale social
graph and meanwhile perform set and computational operations on user-generated
contents. To enable efficient privacy-preserving social search, GraphSE
provides an encrypted structural data model to facilitate parallel and
encrypted graph data access. It is also designed to decompose complex social
search queries into atomic operations and realise them via interchangeable
protocols in a fast and scalable manner. We build GraphSE with various
queries supported in the Facebook graph search engine and implement a
full-fledged prototype. Extensive evaluations on Azure Cloud demonstrate that
GraphSE is practical for querying a social graph with a million of users.Comment: This is the full version of our AsiaCCS paper "GraphSE: An
Encrypted Graph Database for Privacy-Preserving Social Search". It includes
the security proof of the proposed scheme. If you want to cite our work,
please cite the conference version of i
Efficient Strong Privacy-Preserving Conjunctive Keyword Search Over Encrypted Cloud Data
Searchable symmetric encryption (SSE) supports keyword search over outsourced
symmetrically encrypted data. Dynamic searchable symmetric encryption (DSSE), a
variant of SSE, further enables data updating. Most DSSE works with conjunctive
keyword search primarily consider forward and backward privacy. Ideally, the
server should only learn the result sets involving all keywords in the
conjunction. However, existing schemes suffer from keyword pair result pattern
(KPRP) leakage, revealing the partial result sets containing two of query
keywords. We propose the first DSSE scheme to address aforementioned concerns
that achieves strong privacy-preserving conjunctive keyword search.
Specifically, our scheme can maintain forward and backward privacy and
eliminate KPRP leakage, offering a higher level of security. The search
complexity scales with the number of documents stored in the database in
several existing schemes. However, the complexity of our scheme scales with the
update frequency of the least frequent keyword in the conjunction, which is
much smaller than the size of the entire database. Besides, we devise a least
frequent keyword acquisition protocol to reduce frequent interactions between
clients. Finally, we analyze the security of our scheme and evaluate its
performance theoretically and experimentally. The results show that our scheme
has strong privacy preservation and efficiency
A Privacy-Preserving, Accountable and Spam-Resilient Geo-Marketplace
Mobile devices with rich features can record videos, traffic parameters or
air quality readings along user trajectories. Although such data may be
valuable, users are seldom rewarded for collecting them. Emerging digital
marketplaces allow owners to advertise their data to interested buyers. We
focus on geo-marketplaces, where buyers search data based on geo-tags. Such
marketplaces present significant challenges. First, if owners upload data with
revealed geo-tags, they expose themselves to serious privacy risks. Second,
owners must be accountable for advertised data, and must not be allowed to
subsequently alter geo-tags. Third, such a system may be vulnerable to
intensive spam activities, where dishonest owners flood the system with fake
advertisements. We propose a geo-marketplace that addresses all these concerns.
We employ searchable encryption, digital commitments, and blockchain to protect
the location privacy of owners while at the same time incorporating
accountability and spam-resilience mechanisms. We implement a prototype with
two alternative designs that obtain distinct trade-offs between trust
assumptions and performance. Our experiments on real location data show that
one can achieve the above design goals with practical performance and
reasonable financial overhead.Comment: SIGSPATIAL'19, 10 page
Exclusion-intersection encryption
Identity-based encryption (IBE) has shown to be a useful cryptographic scheme enabling secure yet flexible role-based access control. We propose a new variant of IBE named as exclusion-intersection encryption: during encryption, the sender can specify the targeted groups that are legitimate and interested in reading the documents; there exists a trusted key generation centre generating the intersection private decryption keys on request. This special private key can only be used to decrypt the ciphertext which is of all the specified groups' interests, its holders are excluded from decrypting when the documents are not targeted to all these groups (e.g., the ciphertext of only a single group's interest). While recent advances in cryptographic techniques (e.g., attribute-based encryption or wicked IBE) can support a more general access control policy, the private key size may be as long as the number of attributes or identifiers that can be specified in a ciphertext, which is undesirable, especially when each user may receive a number of such keys for different decryption power. One of the applications of our notion is to support an ad-hoc joint project of two or more groups which needs extra helpers that are not from any particular group. © 2011 IEEE.published_or_final_versionThe 1st IEEE International Workshop on Security in Computers, Networking and Communications (SCNC 2011) in conjuntion with IEEE INFOCOM 2011, Shanghai, China, 10-15 April 2011. In Conference Proceedings of INFOCOM WKSHPS, 2011, p. 1048-1053The 1st IEEE International Workshop on Security in Computers, Networking and Communications (SCNC 2011) in conjuntion with IEEE INFOCOM 2011, Shanghai, China, 10-15 April 2011. In Conference Proceedings of INFOCOM WKSHPS, 2011, p. 1048-105
- …