Skip to main content
SpringerLink
Log in

An enhanced wildcard-based fuzzy searching scheme in encrypted databases

  • Published:
World Wide Web Aims and scope Submit manuscript

Abstract

Under the overwhelming trend in Cloud Computing, Cloud Databases possessing high scalability / high availability / high parallel performance have become a prevalent paradigm of data outsourcing. In consideration of security and privacy, both individuals and enterprises prefer to outsource service data in encrypted form. Unfortunately, most encrypted databases cannot support such complicated queries as wildcard-based fuzzy searching, which, to some extent, limits the practicability in real applications. To explore more business logic in encrypted databases, an enhanced wildcard-based fuzzy searching scheme (enWFS) is proposed in this paper, which integrates specialized Adjacent Character Matrix/Tensor into proxy middleware, appends two types of ancillary columns into data tables, as well as designs an advanced adaptive overwriting method to revise query expressions with wildcards (‘%’ and ‘_’). Meanwhile, some security enhancements and TupleRank are added to enWFS scheme so as to achieve superior fuzzy searching experiences. Extensive experiments based on real datasets demonstrate effectiveness, feasibility of our proposal.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6
Figure 7
Figure 8
Figure 9
Figure 10
Figure 11
Figure 12
Figure 13
Figure 14
Figure 15
Figure 16
Figure 17

Similar content being viewed by others

Notes

  1. For the sake of simplicity, among illustrations of this paper, the beginning and the end of a string will be uniformly represented as ‘#’ (as you can see in Table 1). But these two cases will be treated respectively during the implementation.

  2. In many real applications, sensitive information may only contained in some of the columns in data tables, so data owners just need to focus on those specific columns. i.e. attribute values in those specific columns are regarded as the corpus.

  3. LSH dimension means the number of features returned from LSH corresponding to a word in attribute values. Details will be introduced in the next section.

  4. This is an offline process conducted by data owners regularly. After updates of CFA, ACM and ACT are completed locally, both will be outsourced to the cloud.

  5. After several tuples are matched via ancillary columns, corresponding DET ciphertext will be returned for decryption. i.e. Ancillary columns are used for fuzzy searching, and all matched results are achieved by decrypting DET ciphertext.

  6. A word’s signature on each dimension is assured of an equal width by padding zero.

  7. We use popular n-gram methods described in Section 3.1.1 .

  8. Remark: In the clause ‘a__le%’, ‘a__le’ may refer to ‘apple’, ‘ankle’, etc, so ‘a__le’ can be treated as an unbroken word in the clause ‘a__le%’; On the contrary, ‘app%’ may refer to ‘applaud’, ‘applicant’, etc, so ‘app’ in the clause ‘app%’ is reckoned to be a fragment of words.

  9. This flag array provides a reference for our algorithm, and it will be revised in the process.

  10. We don’t consider the number of total underscores. e.g.mcu = 2 for ‘a__l_’.

  11. This is a limitation of Searchable Symmetric Encryption constructions [6, 12, 15, 20, 21], which is out of the scope of our scheme.

  12. About 5000 rows of data are processed in the c-LSH experiment while nearly 50000 rows of data are processed here.

  13. We construct these three structures separately in the experiment. In fact, the construction can be conducted simultaneously in real applications.

  14. So we evaluate the FSE (LSH) and FSE (BF) respectively with regard to c-LSH and c-BF.

  15. Following the standard of good accuracy stated above the accuracy metrics, if the result set from a scheme has false negative phenomenon, we won’t evaluate its # of false positive tuples anymore.

  16. Results from experiments in Section 5.2.4 are used here.

  17. e.g. If the original clause is ‘a__le%’, attribute values satisfying ‘apple%’, ‘ankle%’, etc, should all be retrieved.

References

  1. Boldyreva, A., Chenette, N.: Efficient Fuzzy Search on Encrypted Data. In: FSE 2014 Workshop, pp. 613–633 (2014)

    Chapter  Google Scholar 

  2. Cash, D., Jaeger, J., Jarecki, S., Jutla, C.S., Krawczyk, H., Rosu, M., Steiner, M.: Dynamic Searchable Encryption in Very-Large Databases: Data Structures and Implementation. In: NDSS (2014)

  3. Cash, D., Jarecki, S., Jutla, C.S., Krawczyk, H., Rosu, M., Steiner, M.: Highly-Scalable Searchable Symmetric Encryption with Support for Boolean Queries. In: CRYPTO 2013, Proceedings, Part I, pp. 353–373 (2013)

    Chapter  Google Scholar 

  4. Chase, M., Kamara, S.: Structured Encryption and Controlled Disclosure. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 577–594 (2010)

    Chapter  Google Scholar 

  5. Chen, H., Tian, X., Jin, C.: Fuzzy Searching Encryption with Complex Wild-Cards Queries on Encrypted Database. In: APWeb-WAIM 2018, pp. 3–18 (2018)

    Google Scholar 

  6. Curtmola, R., Garay, J., Kamara, S., Ostrovsky, R.: Searchable Symmetric Encryption:Improved Definitions and Efficient Constructions. In: ACM Conference on Computer and Communications Security, pp. 79–88 (2006)

  7. Fan, K., Yin, J., Wang, J., Li, H., Yang, Y.: Multi-Keyword Fuzzy and Sortable Ciphertext Retrieval Scheme for Big Data. In: GLOBECOM 2017, pp. 1–6 (2017)

  8. Fu, Z., Wu, X., Guan, C., Sun, X., Ren, K.: Toward efficient multi-keyword fuzzy search over encrypted outsourced data with accuracy improvement. IEEE Trans. Inf. Forensic. Secur. 11(12), 2706–2716 (2017)

    Article  Google Scholar 

  9. Gonzalez, L.M.V., Rodero-merino, L., Caceres, J., Lindner, M.A.: A break in the clouds: towards a cloud definition. Comput. Commun. Rev. 39(1), 50–55 (2009)

    Google Scholar 

  10. Hahn, F., Kerschbaum, F.: Searchable encryption with secure and efficient updates. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 310–320 (2014)

  11. Kamara, S., Papamanthou, C.: Parallel and Dynamic Searchable Symmetric Encryption. In: International Conference on Financial Cryptography and Data Security, pp. 258–274 (2013)

    Chapter  Google Scholar 

  12. Kamara, S., Papamanthou, C., Roeder, T.: Dynamic Searchable Symmetric Encryption. In: Acm Conference on Computer and Communications Security, pp. 965–976 (2012)

  13. Kurosawa, K., Ohtaki, Y.: Uc-Secure Searchable Symmetric Encryption. In: International Conference on Financial Cryptography and Data Security, pp. 285–298 (2012)

    Chapter  Google Scholar 

  14. Kurosawa, K., Sasaki, K., Ohta, K., Yoneyama, K.: Uc-Secure Dynamic Searchable Symmetric Encryption Scheme. In: IWSEC, pp. 73–90 (2016)

  15. Kuzu, M., Islam, M.S., Kantarcioglu, M.: Efficient Similarity Search over Encrypted Data. In: IEEE International Conference on Data Engineering, pp. 1156–1167 (2012)

  16. Li, J., Liu, Z., Chen, X., Xhafa, F., Tan, X., Wong, D.S.: L-encdb: a lightweight framework for privacy-preserving data queries in cloud computing. Knowl.-Based Syst. 79, 18–26 (2015)

    Article  Google Scholar 

  17. Liu, Z., Li, J., Li, J., Jia, C., Yang, J., Yuan, K.: Sql-based fuzzy query mechanism over encrypted database. Int. J. Data Warehous. Min. (IJDWM) 10 (4), 71–87 (2014)

    Article  Google Scholar 

  18. Liu, Z., Ma, H., Li, J., Jia, C., Li, J., Yuan, K.: Secure Storage and Fuzzy Query over Encrypted Databases. In: International Conference on Network and System Security, pp. 439–450 (2013)

    Chapter  Google Scholar 

  19. Popa, R.A., Li, F.H., Zeldovich, N.: An ideal-security protocol for order-preserving encoding. IEEE Symposium on Security and Privacy, pp. 463–477 (2013)

  20. Popa, R.A., Redfield, C.M.S., Zeldovich, N., Balakrishnan, H.: Cryptdb: Protecting Confidentiality with Encrypted Query Processing. In: ACM SOSP, pp. 85–100 (2011)

  21. Song, D.X., Wagner, D.A., Perrig, A.: Practical Techniques for Searches on Encrypted Data. In: IEEE Symposium on Security and Privacy, pp. 44–55 (2000)

  22. Tetali, S.D., Lesani, M., Majumdar, R., Millstein, T.D.: Mrcrypt: Static Analysis for Secure Cloud Computations. In: ACM SIGPLAN OOPSLA, pp. 271–286 (2013)

    Article  Google Scholar 

  23. Wang, B., Yu, S., Lou, W., Hou, Y.T.: Privacy-Preserving Multi-Keyword Fuzzy Search over Encrypted Data in the Cloud. In: IEEE INFOCOM, pp. 2112–2120 (2014)

  24. Wang, C., Cao, N., Li, J., Ren, K.: Secure Ranked Keyword Search over Encrypted Cloud Data. In: IEEE International Conference on Distributed Computing Systems (ICDCS), pp. 253–262 (2010)

  25. Wang, J., Ma, H., Tang, Q., Li, J., Zhu, H., Ma, S., Chen, X.: Efficient verifiable fuzzy keyword search over encrypted data in cloud computing. Comput. Sci. Inf. Syst. 10(2), 667–684 (2013)

    Article  Google Scholar 

  26. Wang, Q., He, M., Du, M., Chow, S.S.M., Lai, R.W.F., Zou, Q.: Searchable encryption over feature-rich data. IEEE Trans. Dependable Sec. Comput. 15(3), 496–510 (2018)

    Article  Google Scholar 

  27. Wei, X., Zhang, H.: Verifiable Multi-Keyword Fuzzy Search over Encrypted Data in the Cloud. In: International Conference on Advanced Materials and Information Technology Processing, pp. 271–277 (2016)

Download references

Acknowledgments

Supported by the National Key Research and Development Program of China (No. 2016YFB1000905), NSFC (Nos. 61772327, 61532021, U1501252, U1401256 and 61402180).

Author information

Authors and Affiliations

  1. Faculty of Information, East China Normal University, Shanghai, 200062, China

    Jiaxun Hua, Yu Liu, He Chen & Cheqing Jin

  2. College of Computer Science & Technology, Shanghai University of Electric Power, Shanghai, 200090, China

    Xiuxia Tian

Authors
  1. Jiaxun Hua
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yu Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. He Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Xiuxia Tian
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Cheqing Jin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Xiuxia Tian.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This article belongs to the Topical Collection: Special Issue on Web Information Management and Applications

Guest Editors: Yi Cai and Jianliang Xu

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Hua, J., Liu, Y., Chen, H. et al. An enhanced wildcard-based fuzzy searching scheme in encrypted databases. World Wide Web 23, 2185–2214 (2020). https://doi.org/10.1007/s11280-019-00774-x

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11280-019-00774-x

Keywords

Search

Navigation