Skip to main content
SpringerLink
Log in

Secure, flexible and high-efficient similarity search over encrypted data in multiple clouds

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

Abstract

In cloud computing, a cloud user can improve a system’s reliability by utilizing services from multiple clouds, known as the multi-cloud service model. This model, however, causes serious security concerns since multi-clouds increase the chance of being attacked. To maintain data security, a commonly-used strategy is to encrypt data stored in clouds. Yet, issues such as inconsistent data storage (Byzantine faults), dynamic data update, and inefficient data retrieval among multiple clouds, have remained as open challenges. In this paper, we propose a multi-cloud secure similarity search (MC3S) method to effectively and efficiently utilize the encrypted data over multiple clouds. To achieve secure, flexible and high-efficient data search, MC3S utilizes two novel data structures, called gram-filter and prefix-ring. Different from prior works in secure data search, we address the problem of Byzantine faults among multiple clouds, and our algorithm enables dynamic data index insertion and revocation without decryption. We prove that MC3S can resist chosen-keyword attacks and achieve non-adaptive semantic security. Finally, we evaluate the efficiency of MC3S with real world datasets.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11

Similar content being viewed by others

References

  1. Mell P, Grance T (2011) The nist definition of cloud computing [recommendations of the national institute of standards and technology-special publication 800-145]. URL Recuperado de http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145

  2. Armbrust M, Fox A, Griffith R, Joseph AD, Katz R, Konwinski A, Lee G, Patterson D, Rabkin A, Stoica I (2010) A view of cloud computing. Commun ACM 53(4):50

    Article  Google Scholar 

  3. Kuang L, Yang L, Feng J, Dong M (2018) Secure tensor decomposition using fully homomorphic encryption scheme. IEEE Trans Cloud Comput 6(3):868

    Article  Google Scholar 

  4. Chang S, Zhu H, Dong M, Ota K, Liu X, Shen X (2016) Private and flexible urban message delivery. IEEE Trans Veh Technol 65(7):4900

    Article  Google Scholar 

  5. He J, Dong M, Ota K, Fan M, Wang G (2016) Netseccc: a scalable and fault-tolerant architecture for cloud computing security. Peer-to-Peer Netw Appl 9(1):67

    Article  Google Scholar 

  6. Zhang L, Wei L, Huang D, Zhang K, Dong M, Ota K (2016) Medaps: secure multi-entities delegated authentication protocols for mobile cloud computing. Secur Commun Netw 9(16):3777

    Article  Google Scholar 

  7. Li M, Yu S, Zheng Y, Ren K, Lou W (2013) Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans Parallel Distrib Syst 24(1):131

    Article  Google Scholar 

  8. Song DX, Wagner D, Perrig A (2000) In: Proc. of IEEE symposium on security and privacy. Oakland, pp 44–55

  9. Wang C, Cao N, Ren K, Lou W (2012) Enabling secure and efficient ranked keyword search over outsourced cloud data. IEEE Trans Parallel Distrib Syst 23(8):1467

    Article  Google Scholar 

  10. Cao N, Wang C, Li M, Ren K, Lou W (2014) Privacy-preserving multi-keyword ranked search over encrypted cloud data. IEEE Trans Parallel Distrib Syst 25(1):222

    Article  Google Scholar 

  11. Li J, Wang Q, Wang C, Cao N, Ren K, Lou W (2010) In: Proc. of IEEE INFOCOM. San Diego, pp 1–5

  12. Wang C, Ren K, Yu S, Urs KMR (2012) In: Proc. of IEEE INFOCOM. Orlando, pp 451–459

  13. Wen M, Lu R, Zhang K, Lei J, Liang X, Shen X (2013) Parq: a privacy-preserving range query scheme over encrypted metering data for smart grid. IEEE Trans Emerg Topics Comput 1(1):178

    Article  Google Scholar 

  14. Zhang W, Lin Y, Xiao S, Liu Q, Zhou T (2014) In: Proc. of IEEE international symposium of quality of service (IWQoS). HongKong, pp 370–379

  15. AlZain MA, Soh B, Pardede E (2013) In: IEEE international conference on computational science and engineering. Sydney, pp 130–137

  16. Veronese GS, Correia M, Bessani AN, Lung LC, Verissimo P (2013) Efficient byzantine fault-tolerance. IEEE Trans Comput 62(1):16

    Article  MathSciNet  MATH  Google Scholar 

  17. Goh EJ (2003) Secure indexes. IACR Cryptol ePrint Archive 2003:216

    Google Scholar 

  18. Chang YC, Mitzenmacher M (2005) In: Proc. of applied cryptography and network security. New York, pp 442–455

  19. Boneh D, Di Crescenzo G, Ostrovsky R, Persiano G (2004) In: Proc. of advances in cryptology-eurocrypt. Interlaken, pp 506–522

  20. Duan S, Peisert S, Levitt KN (2015) hbft: speculative byzantine fault tolerance with minimum cost. IEEE Trans Depend Sec Comput 12(1):58

    Article  Google Scholar 

  21. Curtmola R, Garay J, Kamara S, Ostrovsky R (2011) Searchable symmetric encryption: improved definitions and efficient constructions. J Comput Secur 19(5):895

    Article  Google Scholar 

  22. Zhang Z, Hadjieleftheriou M, Ooi BC, Srivastava D (2010) In: Proc. of ACM SIGMOD international conference on management of data. Indianapolis, pp 915–926

  23. Chuah M, Hu W (2011) In: Proc. of international conference on distributed computing systems workshops (ICDCSW). Minneapolis, pp 273–281

  24. Broder A, Mitzenmacher M (2004) Network applications of bloom filters: a survey. Internet Math 1(4):485

    Article  MathSciNet  MATH  Google Scholar 

  25. Carter JL, Wegman MN (1977) In: Proc. of the annual ACM symposium on theory of computing. Boulder, pp 106–112

  26. Ramakrishna M (1989) Practical performance of bloom filters and parallel free-text searching. Commun ACM 32(10):1237

    Article  Google Scholar 

  27. Stoica I, Morris R, Liben-Nowell D, Karger DR, Kaashoek MF, Dabek F, Balakrishnan H (2003) Chord: a scalable peer-to-peer lookup protocol for internet applications. IEEE/ACM Trans Network 11(1):17

    Article  Google Scholar 

  28. Sahin OD, Emekci F, Agrawal D, Abbadi AE (2004) In: Proc. of databases, information systems, and peer-to-peer computing. Toronto, pp 61–78

  29. Cheng J, Hao Y, Wong SHY, Zerfos P, Songwu L (2007) In: Proc. of IEEE international conference on network protocols (ICNP). Bejing, pp 284–293

  30. Chen F, Liu AX (2012) Privacy- and integrity-preserving range queries in sensor networks. IEEE/ACM Trans Network 20(6):1774

    Article  Google Scholar 

  31. Chang YK (2007) Fast binary and multiway prefix searches for packet forwarding. Comput Netw 51(3):588

    Article  MATH  Google Scholar 

  32. Song H, Dharmapurikar S, Turner J, Lockwood J (2005) In: Proc. of the conference on applications, technologies, architectures, and protocols for computer communications (SIGCOMM’05). Philadelphia, pp 181–192

  33. Fan L, Cao P, Almeida J, Broder AZ (2000) Summary cache: a scalable wide-area web cache sharing protocol. IEEE/ACM Trans Network 8(3):281

    Article  Google Scholar 

  34. Furukawa J, Sako K (2001) In: Advances in cryptology- proc. of CRYPTO. Santa Barbara, pp 368–387

  35. Krawczyk H, Canetti R, Bellare M (1997) Hmac: keyed-hashing for message authentication. RFC 2104

  36. Rivest R (1992) The md5 message-digest algorithm. RFC, 1321

  37. Eastlake 3rd D, Jones P (2001) Us secure hash algorithm 1 (sha1). Report 2070–1721

  38. Xu P, Jin H, Wu Q, Wang W (2013) Public-key encryption with fuzzy keyword search: a provably secure scheme under keyword guessing attack. IEEE Trans Comput 62(11):2266

    Article  MathSciNet  MATH  Google Scholar 

  39. Baek J, Safavi-Naini R, Susilo W (2008) Public key encryption with keyword search revisited. Computational Science and Its Applications–ICCSA 2008, pp 1249–1259

  40. Katz J, Lindell Y (2014) Introduction to modern cryptography, 2nd edn. CRC Press

  41. AMS (2016) Request for comments database. http://www.rfc-editor.org/rfc.html http://www.rfc-editor.org/rfc.html

Download references

Acknowledgements

This work was supported by the National Natural Science Foundation of China (No.61702321, 61772327, 61602295, 61572311, 61872230), the Excellent Young Teachers Program of Shanghai (No. ZZsdl15152), the Project of Shanghai Science and Technology Committee (No. 15110500700), the Dawn Program of Shanghai Education Commission (No. 16SG47).

Author information

Authors and Affiliations

  1. College of Computer Science and Technology, Shanghai University of Electric Power, Shanghai, 200090, China

    Jinguo Li, Mi Wen, Kui Wu, Kejie Lu, Fengyong Li & Hongjiao Li

  2. Computer Science Department, University of Victoria, Victoria, BC, V8W 3P6, Canada

    Kui Wu

  3. Department of Electrical and Computer Engineering, University of Puerto Rico, Puerto Rico, 00681, USA

    Kejie Lu

Authors
  1. Jinguo Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mi Wen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kui Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Kejie Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Fengyong Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Hongjiao Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jinguo Li.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Li, J., Wen, M., Wu, K. et al. Secure, flexible and high-efficient similarity search over encrypted data in multiple clouds. Peer-to-Peer Netw. Appl. 12, 893–911 (2019). https://doi.org/10.1007/s12083-018-0691-8

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12083-018-0691-8

Keywords

Search

Navigation