Skip to main content
SpringerLink
Log in

Private Keyword-Search for Database Systems Against Insider Attacks

  • Regular Paper
  • Published:
Journal of Computer Science and Technology Aims and scope Submit manuscript

Abstract

The notion of searchable encrypted keywords introduced an elegant approach to retrieve encrypted data without the need of decryption. Since the introduction of this notion, there are two main searchable encrypted keywords techniques, symmetric searchable encryption (SSE) and public key encryption with keyword search (PEKS). Due to the complicated key management problem in SSE, a number of concrete PEKS constructions have been proposed to overcome it. However, the security of these PEKS schemes was only weakly defined in presence of outsider attacks; therefore they suffer from keyword guessing attacks from the database server as an insider. How to resist insider attacks remains a challenging problem. We propose the first searchable encrypted keywords against insider attacks (SEK-IA) framework to address this problem. The security model of SEK-IA under public key environment is rebuilt. We give a concrete SEK-IA construction featured with a constant-size trapdoor and the proposed scheme is formally proved to be secure against insider attacks. The performance evaluations show that the communication cost between the receiver and the server in our SEK-IA scheme remains constant, independent of the sender identity set size, and the receiver needs the minimized computational cost to generate a trapdoor to search the data from multiple senders.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Song D X, Wagner D, Perrig A. Practical techniques for searches on encrypted data. In Proc. the IEEE Symposium on Security and Privacy, May 2000, pp.44-55.

  2. Boneh D, Di Crescenzo G, Ostrovsky R, Persiano G. Public key encryption with keyword search. In Lecture Notes in Computer Science 3027, Cachin C, Camenisch J L (eds.), Springer, 2004, pp.506-522.

  3. Yau WC, Heng S H, Goi B M. Off-line keyword guessing attacks on recent public key encryption with keyword search schemes. In Lecture Notes in Computer Science 5060, Rong C M, Jaatun M C, Sandnes F E, Yang L T, Ma J H (eds.), Springer, 2008, pp.100-105.

  4. Baek J, Safavi-Naini R, Susilo W. Public key encryption with keyword search revisited. In Lecture Notes in Computer Science 5072, Gervasi O, Murgante B, Laganà A, Taniar D, Mun Y, Gavrilova M L (eds.), Springer, 2008, pp.1249-1259.

  5. Rhee H S, Park J H, Susilo W, Lee D H. Improved searchable public key encryption with designated tester. In Proc the 4th International Symposium on Information, Computer and Communications Security, March 2009, pp.376-379.

  6. Fang L M, Susilo W, Ge C P, Wang J D. Public key encryption with keyword search secure against keyword guessing attacks without random oracle. Information Sciences, 2013, 238: 221-241.

    Article  MathSciNet  MATH  Google Scholar 

  7. Curtmola R, Garay J A, Kamara S, Ostrovsky R. Searchable symmetric encryption: Improved definitions and efficient constructions. In Proc. the 13th ACM Conference on Computer and Communications Security, October 30-November 3, 2006, pp.79-88.

  8. Kamara S, Papamanthou C, Roeder T. Dynamic searchable symmetric encryption. In Proc. the ACM Conference on Computer and Communications Security, October 2012, pp.965-976.

  9. Cash D, Jarecki S, Jutla C, Krawczyk H, Rosu M, Steiner M. Highly-scalable searchable symmetric encryption with support for Boolean queries. In Lecture Notes in Computer Science 8042, Canetti R, Garay J A (eds.), Springer, 2013, pp.353-373.

  10. Tang Q. Nothing is for free: Security in searching shared and encrypted data. IEEE Transactions on Information Forensics and Security, 2014, 9(11): 1943-1952.

    Article  Google Scholar 

  11. Park D J, Kim K, Lee P J. Public key encryption with conjunctive field keyword search. In Lecture Notes in Computer Science 3325, Lim C H, Yung M (eds.), Springer, 2005, pp.73-86.

  12. Bethencourt J, Song D X, Waters B. New constructions and practical applications for private stream searching (extended abstract). In Proc. IEEE Symposium on Security and Privacy, May 2006, pp.132-139.

  13. Boneh D, Waters B. Conjunctive, subset, and range queries on encrypted data. In Lecture Notes in Computer Science 4392, Vadhan S P (ed.), Springer, 2007, pp.535-554.

  14. Sedghi S, van Liesdonk P, Nikova S, Hartel P, Jonker W. Searching keywords with wildcards on encrypted data. In Lecture Notes in Computer Science 6280, Garay J A, De Prisco R (eds.), Springer, 2010, pp.138-153.

  15. Abdalla M, Bellare M, Catalano D, Kiltz E, Kohno T, Lange T, Malone-Lee J, Neven G, Paillier P, Shi H X. Searchable encryption revisited: Consistency properties, relation to anonymous IBE, and extensions. In Lecture Notes in Computer Science 3621, Shoup V (ed.), Springer, 2005, pp.205-222.

  16. Xu P, Jin H, Wu Q H, Wang W. Publickey encryption with fuzzy keyword search: A provably secure scheme under keyword guessing attack. IEEE Transactions on Computers, 2013, 62(11): 2266-2277.

    Article  MathSciNet  Google Scholar 

  17. Camenisch J, Kohlweiss M, Rial A, Sheedy C. Blind and anonymous identity-based encryption and authorised private searches on public key encrypted data. In Lecture Notes in Computer Science 5443, Jarecki S, Tsudik G (eds.), Springer, 2009, pp.196-214.

  18. Zheng Q J, Xu S H, Ateniese G. VABKS: Verifiable attribute-based keyword search over outsourced encrypted data. In Proc. IEEE INFOCOM, April 27-May 2, 2014, pp.522-530.

  19. Shi J, Lai J Z, Li Y J, Deng R H, Weng J. Authorized keyword search on encrypted data. In Lecture Notes in Computer Science 8712, Kutyłowski M, Vaidya J (eds.), Springer, 2014, pp.419-435.

  20. Li J W, Li J, Chen X F, Jia C F, Liu Z L. Efficient keyword search over encrypted data with fine-grained access control in hybrid cloud. In Lecture Notes in Computer Science 7645, Xu L, Bertino E, Mu Y (eds.), Springer, 2012, pp.490-502.

  21. Byun J W, Rhee H S, Park H A, Lee D H. Off-line keyword guessing attacks on recent keyword search schemes over encrypted data. In Lecture Notes in Computer Science 4165, Jonker W, Petković M (eds.), Springer, 2006, pp.75-83.

  22. Bösch C, Hartel P, Jonker W, Peter A. A survey of provably secure searchable encryption. ACM Computing Surveys, 2015, 47(2): Article No. 18.

  23. Shen E, Shi E, Waters B. Predicate privacy in encryption systems. In Lecture Notes in Computer Science 5444, Reingold O (ed.), Springer, 2009, pp.457-473.

  24. Boneh D, Boyen X, Goh E J. Hierarchical identity based encryption with constant size ciphertext. In Lecture Notes in Computer Science 3494, Cramer R (ed.), Springer, 2005, pp.440-456.

  25. Delerablée C, Pointcheval D. Dynamic threshold public-key encryption. In Lecture Notes in Computer Science 5157, Wagner D (ed.), Springer, 2008, pp.317-334.

Download references

Author information

Authors and Affiliations

  1. State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, 100876, China

    Peng Jiang & Qiao-Yan Wen

  2. Centre for Computer and Information Security Research, School of Computing and Information Technology, University of Wollongong, Wollongong, NSW, 2522, Australia

    Peng Jiang, Yi Mu & Fuchun Guo

Authors
  1. Peng Jiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yi Mu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Fuchun Guo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Qiao-Yan Wen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Peng Jiang.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Jiang, P., Mu, Y., Guo, F. et al. Private Keyword-Search for Database Systems Against Insider Attacks. J. Comput. Sci. Technol. 32, 599–617 (2017). https://doi.org/10.1007/s11390-017-1745-8

Download citation

  • Received:

  • Revised:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11390-017-1745-8

Keywords

Search

Navigation