Abstract
Attribute-based multi-keyword search (ABMKS) facilitates searching with fine-grained access control over outsourced ciphertexts. However, two critical issues impede wide application of ABMKS. Firstly, the majority of ABMKS schemes have suffered huge computation and communication costs in the process of ciphertexts matching and transmission. Secondly, the contents of data file containing sensitive information are encrypted as a whole, and data users with varying roles should have different access rights to the ciphertext returned by cloud, thereby preventing sensitive information in data files from being leaked to semi-trusted data users. In this paper, we tackle the issue of content access rights by introducing sensitive information hiding, a novel concept in the field of attribute-based keyword search. Specifically, we propose a practical multi-keyword search scheme with sensitive information hiding by integrating a modified blindness filtering technique into ciphertext policy attribute-based encryption under the multi-keyword search model. To minimize communication costs in the ciphertext transmission process, we utilize a super-increasing sequence to aggregate multiple blinding data blocks into a single ciphertext. The ciphertext can be recovered by using a recursive algorithm. Security analysis proves that our scheme is provably secure within the random oracle model, it guarantees keyword secrecy and selective security against chosen-keyword attacks. Performance evaluations demonstrate that our scheme surpasses state-of-the-art ABMKS schemes, making it highly suitable for cloud storage systems.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The PBC library defines the Type A curve as \(E(F_{p}): <y^2 = x^3 + x>\). It includes two multiplicative cyclic groups \(\mathbb {G}\) and \(\mathbb {G}_T\), both of order q, which are subgroups of E(F p). Two large primes p and q have sizes of 512 bits and 160 bits, respectively.
References
Gan, Q., Wang, X., Huang, D., Li, J., Zhou, D., Wang, C.: Towards multi-client forward private searchable symmetric encryption in cloud computing. IEEE Trans. Serv. Comput. 15(6), 3566–3576 (2022)
Bao, Y., Qiu, W., Tang, P.: Efficient, revocable, and privacy-preserving fine-grained data sharing with keyword search for the cloud-assisted medical IoT system. IEEE J. Biomed. Health Inform. 26(5), 2041–2051 (2021)
Wang, M., Miao, Y., Guo, Y., Huang, H., Wang, C., Jia, X.: Aesm\(^2\) attribute-based encrypted search for multi-owner and multi-user distributed systems. IEEE Trans. Parallel Distrib. Syst. 1(34), 92–107 (2023)
Zhao, J., Zheng, Y., Huang, H., Wang, J., Zhang, X., He, D.: Lightweight certificateless privacy-preserving integrity verification with conditional anonymity for cloud-assisted medical cyberCphysical systems. J. Syst. Architect. 138, 102860 (2023)
Xu, C., Wang, N., Zhu, L., Sharif, K., Zhang, C.: Achieving searchable and privacy-preserving data sharing for cloud-assisted E-healthcare system. IEEE Internet Things J. 5(6), 8345–8356 (2019)
Song, D., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 44–55. IEEE, Berkeley (2000). https://doi.org/10.1109/SECPRI.2000.848445
Goh, E. J.: Secure indexes. Cryptology ePrint Archive, pp. 1–18 (2003)
Wang, C., Cao, N., Li, J., Ren, K., Lou, W.: Secure ranked keyword search over encrypted cloud data. In 2010 IEEE 30th International Conference on Distributed Computing Systems ICDCS, pp. 253–262. IEEE (2011). https://doi.org/10.1109/SECPRI.2000.848445
Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004). https://doi.org/10.1109/ICDCS.2010.34
Cui, B., Liu, Z., Wang, L.: Key-aggregate searchable encryption (KASE) for group data sharing via cloud storage. IEEE Trans. Comput. 65(8), 2374–2385 (2015)
Zhang, X., Huang, C., Gu, D., Wang, H.: BIB-MKS: post-quantum secure biometric identity-based multi-keyword search over encrypted data in cloud storage systems. IEEE Trans. Serv. Comput. 16(1), 122–133 (2023)
Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_27
Sun, W., Liu, X., Lou, W., Hou, Y. T., Li, H.: Catch you if you lie to me: efficient verifiable conjunctive keyword search over large dynamic encrypted cloud data. In 2015 IEEE Conference on Computer Communications (INFOCOM), pp. 2110–2118. IEEE (2015). https://doi.org/10.1109/INFOCOM.2015.7218596
Zheng, Q., Xu, S., Ateniese, G.: VABKS: verifiable attribute-based keyword search over outsourced encrypted data. In: IEEE INFOCOM 2014-IEEE Conference on Computer communications, pp. 522–530 (2014). https://doi.org/10.1109/INFOCOM.2014.6847976
Huang, Q., Yan, G., Yang, Y.: Privacy-preserving traceable attribute-based keyword search in multi-authority medical cloud. IEEE Trans. Cloud Comput. 11(1), 678–691 (2023)
Chen, Y., Li, W., Gao, F., Wen, Q., Wang, H.: Practical attribute-based multi-keyword ranked search scheme in cloud computing. IEEE Trans. Serv. Comput. 2(15), 724–735 (2022)
Wan, Z., Deng, R.H.: VPSearch: achieving verifiability for privacy-preserving multi-keyword search over encrypted cloud data. IEEE Trans. Depend. Secure Comput. 15(6), 1083–1095 (2018)
Miao, Y., Ma, J., Liu, X., Li, X., Liu, Z., Li, H.: Practical attribute-based multi-keyword search scheme in mobile crowdsourcing. IEEE Internet Things J. 5(4), 3008–3018 (2018)
Liu, J., Wu, M., Sun, R., Du, X., Guizani, M.: BMDS: a blockchain-based medical data sharing scheme with attribute-based searchable encryption. ICC 2021, IEEE International Conference on Communications, pp. 14–23. IEEE (2021). https://doi.org/10.1109/ICC42927.2021.9500966
Liu, Z., Liu, Y., Xu, J., Wang, B.: Privacy-preserving attribute-based multi-keyword search encryption scheme with user tracing. In: Vaidya, J., Zhang, X., Li, J. (eds.) CSS 2019. LNCS, vol. 11983, pp. 382–397. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-37352-8_34
Yin, H., Zhang, W., Deng, H., Qin, Z., Li, K.: An attribute-based searchable encryption scheme for cloud-assisted IIoT. IEEE Internet Things J. 10(12), 11014–11023 (2023)
Wu, J.M.T., Srivastava, G., Jolfaei, A., Fournier-Viger, P., Lin, J.C.W.: Hiding sensitive information in eHealth datasets. Futur. Gener. Comput. Syst. 1(117), 169–180 (2021)
Acknowledgments
This work is supported by the Shenzhen Science and Technology Program under Grant No. GXWD20220817124827001, and No. JCYJ202- 10324132406016.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Zhao, J., Huang, H., Xu, Y., Zhang, X., Du, H. (2024). Practical Attribute-Based Multi-keyword Search Scheme with Sensitive Information Hiding for Cloud Storage Systems. In: Wu, W., Guo, J. (eds) Combinatorial Optimization and Applications. COCOA 2023. Lecture Notes in Computer Science, vol 14462. Springer, Cham. https://doi.org/10.1007/978-3-031-49614-1_14
Download citation
DOI: https://doi.org/10.1007/978-3-031-49614-1_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-49613-4
Online ISBN: 978-3-031-49614-1
eBook Packages: Computer ScienceComputer Science (R0)