An Efficient Queries Processing Model Based on Multi Broadcast Searchable Keywords Encryption (MBSKE)

Cloud computing is a technology which has enabled many organizations to outsource their data in an encrypted form to improve processing times. The public Internet was not initially designed to handle massive quantities of data flowing through millions of networks. So the rapid increase of broadcast users and the growth of the amount broadcasted information leads to slow sending quires and receiving encrypted data from the cloud. In order to solve this problem Next Generation Internet (NGI) is developed with high speed, while keeping the privacy of data. This research proposes a novel search algorithm called Multi-broadcast Searchable Keywords Encryption, which processes queries having a set of keywords. This set of keywords is sent from the users to the cloud server in an encrypted form, thus hiding all information about the user or the content of the queries from the cloud server. The proposed method uses caching algorithm and provide an improvement of 40% in terms of runtime and trapdoor. In addition, the method minimizes computational costs, complexity, and maximizes throughput, in the cloud environment, whilst maintaining privacy and confidentiality of both the user and the cloud. The cloud returns encrypted query results to the user, where data is decrypted using the users’ private keys

Searchable Encryption for Cloud and Distributed Systems

The vast development in information and communication technologies has spawned many new computing and storage architectures in the last two decades. Famous for its powerful computation ability and massive storage capacity, cloud services, including storage and computing, replace personal computers and software systems in many industrial applications. Another famous and influential computing and storage architecture is the distributed system, which refers to an array of machines or components geographically dispersed but jointly contributes to a common task, bringing premium scalability, reliability, and efficiency. Recently, the distributed cloud concept has also been proposed to benefit both cloud and distributed computing. Despite the benefits of these new technologies, data security and privacy are among the main concerns that hinder the wide adoption of these attractive architectures since data and computation are not under the control of the end-users in such systems. The traditional security mechanisms, e.g., encryption, cannot fit these new architectures since they would disable the fast access and retrieval of remote storage servers. Thus, an urgent question turns to be how to enable refined and efficient data retrieval on encrypted data among numerous records (i.e., searchable encryption) in the cloud and distributed systems, which forms the topic of this thesis. Searchable encryption technologies can be divided into Searchable Symmetric Encryption (SSE) and Public-key Encryption with Keyword Search (PEKS). The intrinsical symmetric key hinders data sharing since it is problematic and insecure to reveal one’s key to others. However, SSE outperforms PEKS due to its premium efficiency and is thus is prefered in a number of keyword search applications. Then multi-user SSE with rigorous and fine access control undoubtedly renders a satisfactory solution of both efficiency and security, which is the first problem worthy of our much attention. Second, functions and versatility play an essential role in a cloud storage application but it is still tricky to realize keyword search and deduplication in the cloud simultaneously. Large-scale data usually renders significant data redundancy and saving cloud storage resources turns to be inevitable. Existing schemes only facilitate data retrieval due to keywords but rarely consider other demands like deduplication. To be noted, trivially and hastily affiliating a separate deduplication scheme to the searchable encryption leads to disordered system architecture and security threats. Therefore, attention should be paid to versatile solutions supporting both keyword search and deduplication in the cloud. The third problem to be addressed is implementing multi-reader access for PEKS. As we know, PEKS was born to support multi-writers but enabling multi-readers in PEKS is challenging. Repeatedly encrypting the same keyword with different readers’ keys is not an elegant solution. In addition to keyword privacy, user anonymity coming with a multi-reader setting should also be formulated and preserved. Last but not least, existing schemes targeting centralized storage have not taken full advantage of distributed computation, which is considerable efficiency and fast response. Specifically, all testing tasks between searchable ciphertexts and trapdoor/token are fully undertaken by the only centralized cloud server, resulting in a busy system and slow response. With the help of distributed techniques, we may now look forward to a new turnaround, i.e., multiple servers jointly work to perform the testing with better efficiency and scalability. Then the intractable multi-writer/multi-reader mode supporting multi-keyword queries may also come true as a by-product. This thesis investigates searchable encryption technologies in cloud storage and distributed systems and spares effort to address the problems mentioned above. Our first work can be classified into SSE. We formulate the Multi-user Verifiable Searchable Symmetric Encryption (MVSSE) and propose a concrete scheme for multi-user access. It not only offers multi-user access and verifiability but also supports extension on updates as well as a non-single keyword index. Moreover, revocable access control is obtained that the search authority is validated each time a query is launched, different from existing mechanisms that once the search authority is granted, users can search forever. We give simulation-based proof, demonstrating our proposal possesses Universally Composable (UC)-security. Second, we come up with a redundancy elimination solution on top of searchable encryption. Following the keyword comparison approach of SSE, we formulate a hybrid primitive called Message-Locked Searchable Encryption (MLSE) derived in the way of SSE’s keyword search supporting keyword search and deduplication and present a concrete construction that enables multi-keyword query and negative keyword query as well as deduplication at a considerable small cost, i.e., the tokens are used for both search and deduplication. And it can further support Proof of Storage (PoS), testifying the content integrity in cloud storage. The semantic security is proved in Random Oracle Model using the game-based methodology. Third, as the branch of PEKS, the Broadcast Authenticated Encryption with Keyword Search (BAEKS) is proposed to bridge the gap of multi-reader access for PEKS, followed by a scheme. It not only resists Keyword Guessing Attacks (KGA) but also fills in the blank of anonymity. The scheme is proved secure under Decisional Bilinear Diffie-Hellman (DBDH) assumption in the Random Oracle Model. For distributed systems, we present a Searchable Encryption based on Efficient Privacy-preserving Outsourced calculation framework with Multiple keys (SE-EPOM) enjoying desirable features, which can be classified into PEKS. Instead of merely deploying a single server, multiple servers are employed to execute the test algorithm in our scheme jointly. The refined search, i.e., multi-keyword query, data confidentiality, and search pattern hiding, are realized. Besides, the multi-writer/multi-reader mode comes true. It is shown that under the distributed circumstance, much efficiency can be substantially achieved by our construction. With simulation-based proof, the security of our scheme is elaborated. All constructions proposed in this thesis are formally proven according to their corresponding security definitions and requirements. In addition, for each cryptographic primitive designed in this thesis, concrete schemes are initiated to demonstrate the availability and practicality of our proposal

Blind Web Search: How far are we from a privacy preserving search engine?

Recent rapid progress in fully homomorphic encryption (FHE) and somewhat homomorphic encryption (SHE) has catalyzed renewed efforts to develop efficient privacy preserving protocols. Several works have already appeared in the literature that provide solutions to these problems by employing FHE or SHE techniques. In this work, we focus on a natural application where privacy is a major concern: web search. An estimated 5 billion web queries are processed by the world\u27s leading search engines each day. It is no surprise, then, that privacy-preserving web search was proposed as the paragon FHE application in Gentry\u27s seminal FHE paper. Indeed, numerous proposals have emerged in the intervening years that attack various privatized search problems over encrypted user data, e.g. private information retrieval (PIR). Yet, there is no known work that focuses on implementing a completely blind web search engine using an FHE/SHE construction. In this work, we focus first on single keyword queries with exact matches, aiming toward real-world viability. We then discuss multiple-keyword searches and tackle a number of issues currently hindering practical implementation, such as communication and computational efficiency

Data Service Outsourcing and Privacy Protection in Mobile Internet

Mobile Internet data have the characteristics of large scale, variety of patterns, and complex association. On the one hand, it needs efficient data processing model to provide support for data services, and on the other hand, it needs certain computing resources to provide data security services. Due to the limited resources of mobile terminals, it is impossible to complete large-scale data computation and storage. However, outsourcing to third parties may cause some risks in user privacy protection. This monography focuses on key technologies of data service outsourcing and privacy protection, including the existing methods of data analysis and processing, the fine-grained data access control through effective user privacy protection mechanism, and the data sharing in the mobile Internet

Efficient Public Key Encryption with Disjunctive Keywords Search Using the New Keywords Conversion Method

Public key encryption with disjunctive keyword search (PEDK) is a public key encryption scheme that allows disjunctive keyword search over encrypted data without decryption. This kind of scheme is crucial to cloud storage and has received a lot of attention in recent years. However, the efficiency of the previous scheme is limited due to the selection of a less efficient converting method which is used to change query and index keywords into a vector space model. To address this issue, we design a novel converting approach with better performance, and give two adaptively secure PEDK schemes based on this method. The first one is built on an efficient inner product encryption scheme with less searching time, and the second one is constructed over composite order bilinear groups with higher efficiency on index and trapdoor construction. The theoretical analysis and experiment results verify that our schemes are more efficient in time and space complexity as well as more suitable for the mobile cloud setting compared with the state-of-art schemes

Efficient Public Key Encryption with Disjunctive Keywords Search Using the New Keywords Conversion Method

Public key encryption with disjunctive keyword search (PEDK) is a public key encryption scheme that allows disjunctive keyword search over encrypted data without decryption. This kind of scheme is crucial to cloud storage and has received a lot of attention in recent years. However, the efficiency of the previous scheme is limited due to the selection of a less efficient converting method which is used to change query and index keywords into a vector space model. To address this issue, we design a novel converting approach with better performance, and give two adaptively secure PEDK schemes based on this method. The first one is built on an efficient inner product encryption scheme with less searching time, and the second one is constructed over composite order bilinear groups with higher efficiency on index and trapdoor construction. The theoretical analysis and experiment results verify that our schemes are more efficient in time and space complexity as well as more suitable for the mobile cloud setting compared with the state-of-art schemes

AstroGrid-D: Grid Technology for Astronomical Science

We present status and results of AstroGrid-D, a joint effort of astrophysicists and computer scientists to employ grid technology for scientific applications. AstroGrid-D provides access to a network of distributed machines with a set of commands as well as software interfaces. It allows simple use of computer and storage facilities and to schedule or monitor compute tasks and data management. It is based on the Globus Toolkit middleware (GT4). Chapter 1 describes the context which led to the demand for advanced software solutions in Astrophysics, and we state the goals of the project. We then present characteristic astrophysical applications that have been implemented on AstroGrid-D in chapter 2. We describe simulations of different complexity, compute-intensive calculations running on multiple sites, and advanced applications for specific scientific purposes, such as a connection to robotic telescopes. We can show from these examples how grid execution improves e.g. the scientific workflow. Chapter 3 explains the software tools and services that we adapted or newly developed. Section 3.1 is focused on the administrative aspects of the infrastructure, to manage users and monitor activity. Section 3.2 characterises the central components of our architecture: The AstroGrid-D information service to collect and store metadata, a file management system, the data management system, and a job manager for automatic submission of compute tasks. We summarise the successfully established infrastructure in chapter 4, concluding with our future plans to establish AstroGrid-D as a platform of modern e-Astronomy.Comment: 14 pages, 12 figures Subjects: data analysis, image processing, robotic telescopes, simulations, grid. Accepted for publication in New Astronom