Abstract
Secret sharing is a promising approach to protecting the confidentiality of outsourced data. However, the existing secret sharing-based data outsourcing schemes involve several security and performance issues, including vulnerability to some inferences and attacks. In particular, most of them leak the order of the secret values. In this paper, a nondeterministic encryption scheme, called order-shuffling encryption (OSE), is first proposed. It generates searchable encrypted values that do not leak the order of the secret values. Then, a new secure data outsourcing scheme is elaborated on secret sharing and OSE. The proposed data outsourcing scheme generates some searchable shares using OSE and some other non-searchable and random shares from each secret value to be outsourced. It provides resistance to various inferences and attacks and supports the server-side execution of a wide variety of queries. Extensive evaluations and analyses demonstrate that the proposed secure data outsourcing scheme is quite practical and efficient.
Similar content being viewed by others
Data availability
The dataset used in the current study is not publicly available but is available from the corresponding author upon reasonable request.
References
Hacigümüş H, Iyer B, Li C, Mehrotra S (2002) Executing SQL over encrypted data in the database-service-provider model. In: Proceedings of the 2002 ACM SIGMOD International Conference on Management of Data, pp. 216–227. https://doi.org/10.1145/564691.564717
Hore B, Mehrotra S, Tsudik G (2004) A privacy-preserving index for range queries. In: Proceedings of the Thirtieth International Conference on Very Large Data Bases, Vol 30, pp 720–731
Mei Z, Zhu H, Cui Z et al (2018) Executing multi-dimensional range query efficiently and flexibly over outsourced ciphertexts in the cloud. Inf Sci (Ny) 432:79–96. https://doi.org/10.1016/j.ins.2017.11.065
Boldyreva A, Chenette N, Lee Y, O’Neill A (2009) Order-preserving symmetric encryption. In: Joux A (ed) Advances in Cryptology - EUROCRYPT 2009. Lecture Notes in Computer Science, vol 5479. Springer, Berlin, pp 224–241. https://doi.org/10.1007/978-3-642-01001-9_13
Wang C, Cao N, Ren K, Lou W (2012) Enabling secure and efficient ranked keyword search over outsourced cloud data. IEEE Trans Parallel Distrib Syst 23:1467–1479. https://doi.org/10.1109/tpds.2011.282
Jho N-S, Chang K-Y, Hong D, Seo C (2016) Symmetric searchable encryption with efficient range query using multi-layered linked chains. J Supercomput 72:4233–4246. https://doi.org/10.1007/s11227-015-1497-6
Xu L, Weng C-Y, Yuan L-P et al (2018) A shareable keyword search over encrypted data in cloud computing. J Supercomput 74:1001–1023. https://doi.org/10.1007/s11227-015-1515-8
Najafi A, Bayat M, Haj Seyyed Javadi H (2021) Fair multi-owner search over encrypted data with forward and backward privacy in cloud-assisted internet of things. Futur Gener Comput Syst 124:285–294. https://doi.org/10.1016/j.future.2021.06.010
Awais M, Tahir S, Khan F et al (2022) A novel searchable encryption scheme to reduce the access pattern leakage. Futur Gener Comput Syst 133:338–350. https://doi.org/10.1016/j.future.2022.03.031
Paillier P (1999) Public-key cryptosystems based on composite degree residuosity classes. In: Stern J (ed) Advances in Cryptology — EUROCRYPT ’99. Lecture Notes in Computer Science, vol 1592. Springer, Berlin, pp 223–238. https://doi.org/10.1007/3-540-48910-X_16
Youn T-Y, Jho N-S, Chang K-Y (2018) Design of additive homomorphic encryption with multiple message spaces for secure and practical storage services over encrypted data. J Supercomput 74:3620–3638. https://doi.org/10.1007/s11227-016-1796-6
Boomija MD, Raja SVK (2023) Securing medical data by role-based user policy with partially homomorphic encryption in AWS cloud. Soft Comput 27:559–568. https://doi.org/10.1007/s00500-022-06950-y
Gentry C (2009) Fully homomorphic encryption using ideal lattices. In: Proceedings of the 41st Annual ACM Symposium on Theory of Computing, pp 169–178. https://doi.org/10.1145/1536414.1536440
Brakerski Z, Vaikuntanathan V (2011) Fully homomorphic encryption from ring-LWE and security for key dependent messages. In: Rogaway P (ed) Advances in Cryptology – CRYPTO 2011. Lecture Notes in Computer Science, vol 6841. Springer, Berlin, pp 505–524. https://doi.org/10.1007/978-3-642-22792-9_29
Naehrig M, Lauter K, Vaikuntanathan V (2011) Can homomorphic encryption be practical?. In: Proceedings of the 3rd ACM Workshop on Cloud Computing Security Workshop, pp 113–124. https://doi.org/10.1145/2046660.2046682
Aggarwal G, Bawa M, Ganesan P, et al (2005) Two can keep a secret: a distributed architecture for secure database services. In: The Second Biennial Conference on Innovative Data Systems Research (CIDR 2005), Asilomar, California
Wiese L (2010) Horizontal fragmentation for data outsourcing with formula-based confidentiality constraints. In: Echizen I, Kunihiro N, Sasaki R (eds) Advances in Information and Computer Security. IWSEC 2010. Lecture Notes in Computer Science, vol 6434. Springer, Berlin, pp 101–116. https://doi.org/10.1007/978-3-642-16825-3_8
Blakley GR (1979) Safeguarding cryptographic keys. In: Proceedings of the 1979 International Workshop on Managing Requirements Knowledge (MARK), pp 313–313. https://doi.org/10.1109/mark.1979.8817296
Shamir A (1979) How to share a secret. Commun ACM 22:612–613. https://doi.org/10.1145/359168.359176
Tian X, Sha C, Wang X, Zhou A (2011) Privacy preserving query processing on secret share based data storage. In: Yu JX, Kim MH, Unland R (eds) Database Systems for Advanced Applications. DASFAA 2011. Lecture Notes in Computer Science, vol 6587. Springer, Berlin, pp 108–122. https://doi.org/10.1007/978-3-642-20149-3_10
Hadavi MA, Noferesti M, Jalili R, Damiani E (2012) Database as a service: towards a unified solution for security requirements. In: Proceedings of the 2012 IEEE 36th Annual Computer Software and Applications Conference Workshops, pp 415–420. https://doi.org/10.1109/COMPSACW.2012.79
Xiang T, Li X, Chen F et al (2016) Processing secure, verifiable and efficient SQL over outsourced database. Inf Sci (Ny) 348:163–178. https://doi.org/10.1016/j.ins.2016.02.018
Bahrami S, Ghasemi R (2022) A new secure and searchable data outsourcing leveraging a bucket-chain index tree. J Inf Secur Appl 67:103206. https://doi.org/10.1016/j.jisa.2022.103206
Emekci F, Methwally A, Agrawal D, El AA (2014) Dividing secrets to secure data outsourcing. Inf Sci (Ny) 263:198–210. https://doi.org/10.1016/j.ins.2013.10.006
Hadavi MA, Jalili R, Damiani E, Cimato S (2015) Security and searchability in secret sharing-based data outsourcing. Int J Inf Secur 14:513–529. https://doi.org/10.1007/s10207-015-0277-x
Ghasemi R (2019) Resolving a common vulnerability in secret sharing scheme–based data outsourcing schemes. Concurr Comput Pract Exp 32:e5363. https://doi.org/10.1002/cpe.5363
Tang Z (2021) Secret sharing-based IoT text data outsourcing: a secure and efficient scheme. IEEE Access 9:76908–76920. https://doi.org/10.1109/ACCESS.2021.3075282
Sobati Moghadam S, Fayoumi A, Vafadoost P (2021) Pavan: a privacy-preserving system for DB-as-a-service. ICT Express 7:259–264. https://doi.org/10.1016/j.icte.2020.11.003
Rahmani P, Fakhrahmad SM, Taheri M (2022) New attacks on secret sharing-based data outsourcing: toward a resistant scheme. J Supercomput 78:15749–15785. https://doi.org/10.1007/s11227-022-04467-7
Sobati-Moghadam S (2021) Efficient information-theoretically secure schemes for cloud data outsourcing. Cluster Comput 24:3591–3606. https://doi.org/10.1007/s10586-021-03344-x
Dautrich JL, Ravishankar CV (2012) Security limitations of using secret sharing for data outsourcing. In: Cuppens-Boulahia N, Cuppens F, Garcia-Alfaro J (eds) Data and Applications Security and Privacy XXVI. DBSec 2012. Lecture Notes in Computer Science, vol 7371. Springer, Berlin, pp 145–160. https://doi.org/10.1007/978-3-642-31540-4_12
Acknowledgements
The authors would like to thank Ms. Sara Ansari Nejad for her support.
Funding
The authors did not receive support from any organization for the submitted work.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Competing interests
The authors have no relevant financial or non-financial interests to disclose.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Rahmani, P., Fakhrahmad, S.M. & Taheri, M. Secure data outsourcing based on seed-residual shares and order-shuffling encryption. J Supercomput 79, 10442–10480 (2023). https://doi.org/10.1007/s11227-023-05048-y
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-023-05048-y