127 research outputs found
FEASE: Fast and Expressive Asymmetric Searchable Encryption
Asymmetric Searchable Encryption (ASE) is a promising cryptographic mechanism that enables a semi-trusted cloud server to perform keyword searches over encrypted data for users. To be useful, an ASE scheme must support expressive search queries, which are expressed as conjunction, disjunction, or any Boolean formulas. In this paper, we propose a fast and expressive ASE scheme that is adaptively secure, called FEASE. It requires only 3 pairing operations for searching any conjunctive set of keywords independent of the set size and has linear complexity for encryption and trapdoor algorithms in the number of keywords.
FEASE is based on a new fast Anonymous Key-Policy Attribute-Based Encryption (A-KP-ABE) scheme as our first proposal, which is of independent interest. To address optional protection against keyword guessing attacks, we extend FEASE into the first expressive Public-Key Authenticated Encryption with Keyword Search (PAEKS) scheme.
We provide implementations and evaluate the performance of all three schemes, while also comparing them with the state of the art. We observe that FEASE outperforms all existing expressive ASE constructions and that our A-KP-ABE scheme offers anonymity with efficiency comparable to the currently fastest yet non-anonymous KP-ABE schemes FAME (ACM CCS 2017) and FABEO (ACM CCS 2022)
Efficient and expressive keyword search over encrypted data in the cloud
National Research Foundation (NRF) Singapor
Recommended from our members
Fuzzy matching: multi-authority attribute searchable encryption without central authority
Attribute-based keyword search (ABKS) supports the access control on the search result based upon fuzzy identity over encrypted data, when the search operation is performed over outsourced encrypted data in cloud. However, almost ABKS schemes trust a single authority to monitor the attribute key for users. In practice, we usually have different entities responsible for monitoring different attribute keys to a user. Thus, it is not realistic to trust a single authority to monitor all attributes keys for ABKS scheme in practical situation. Although a large body of ABKS schemes have been proposed, few works have been done on multi-authority attribute searchable encryption. We propose a multi-authority attribute searchable encryption without central authority in this paper. Comparing previous ABKS schemes, we extend the single-authority ABKS scheme to multi-authority ABKS scheme and remove the central authority in multi-authority ABKS scheme. We analyze our scheme in terms of security and efficiency
Privacy-Preserving and Regular Language Search Over Encrypted Cloud Data
Using cloud-based storage service, users can remotely store their data to clouds but also enjoy the high quality data retrieval services, without the tedious and cumbersome local data storage and maintenance. However, the sole storage service cannot satisfy all desirable requirements of users. Over the last decade, privacy-preserving search over encrypted cloud data has been a meaningful and practical research topic for outsourced data security. The fact of remote cloud storage service that users cannot have full physical possession of their data makes the privacy data search a formidable mission. A naive solution is to delegate a trusted party to access the stored data and fulfill a search task. This, nevertheless, does not scale well in practice as the fully data access may easily yield harm for user privacy. To securely introduce an effective solution, we should guarantee the privacy of search contents, i.e., what a user wants to search, and return results, i.e., what a server returns to the user. Furthermore, we also need to guarantee privacy for the outsourced data, and bring no additional local search burden to user. In this paper, we design a novel privacy-preserving functional encryption-based search mechanism over encrypted cloud data. A major advantage of our new primitive compared with the existing public key based search systems is that it supports an extreme expressive search mode, regular language search. Our security and performance analysis show that the proposed system is provably secure and more efficient than some searchable systems with high expressiveness
Recommended from our members
Privacy-protecting attribute-based conjunctive keyword search scheme in Cloud storage
Cloud storage has been deployed in various real-world applications. But how to enable Internet users to search over encrypted data and to enable data owners to perform fine- grained search authorization are of huge challenge. Attribute-based keyword search (ABKS) is a well-studied solution to the challenge, but there are some drawbacks that prevent its practical adoption in cloud storage context. First, the access policy in the index and the attribute set in the trapdoor are both in plaintext, they are likely to reveal the privacy of data owners and users. Second, the current ABKS schemes cannot provide multi-keyword search under the premise of ensuring security and efficiency. We explore an efficient way to connect the inner product encryption with the access control mechanism and search process in ABKS, and propose a privacy-protecting attribute- based conjunctive keyword search scheme. The proposed scheme provides conjunctive keyword search and ensures that the access policy and attribute set are both fully hidden. Formal security models are defined and the scheme is proved IND-CKA, IND-OKGA, access policy hiding and attribute set hiding. Finally, empirical simulations are carried out on real-world dataset, and the results demonstrate that our design outperforms other existing schemes in security and efficiency
Searchable encryption algorithm in computer big data processing application
With the continuous development of computer technology, the amount of data has increased sharply, which has promoted more and more diversified data transportation and processing methods. At the same time, computer data analysis technology can effectively process data. This is reflected in the computer big data analysis technology not only can realize data visualization analysis, but also has data prediction and data quality management. The development of cloud computing network technology can not only provide convenience points for individuals, but also provide space for enterprises to store data. The emergence of keyword search encryption algorithms solves this problem. When users use keywords to search encryption algorithms, they can search for cipher text keywords to find the files or data they want in the cloud environment. At present, it has been widely used. In addition, this article also improves the keyword search plan and the user\u27s query plan according to the dynamic changes of keywords, and proposes a user\u27s multi-dynamic keyword search encryption plan. Through this program, users can search for encrypted files by keywords and change them, and the changed data will be dynamically updated. In this way, the program can realize multi-user data sharing, and can realize efficient search and dynamics
Lightweight sharable and traceable secure mobile health system
National Research Foundation (NRF) Singapor
- …