Enabling verifiable multiple keywords search over encrypted cloud data

doi:10.1016/j.ins.2018.06.066

Information Sciences

Volume 465, October 2018, Pages 21-37

https://doi.org/10.1016/j.ins.2018.06.066 Get rights and content

Abstract

Searchable Encryption (SE) enables a user to search over encrypted data, such as data stored in a remote cloud server. Existing certificate-, identity-, and attribute-based SE schemes suffer from certificate management or key escrow limitations. Furthermore, the semi-honest-but-curious cloud may conduct partial search operations and return a fraction of the search results (i.e., incomplete results) in order to reduce costs. In this paper, we present a secure cryptographic primitive, Verifiable Multiple Keywords Search (VMKS) over ciphertexts, which leverages the Identity-Based Encryption (IBE) and certificateless signature techniques. The VMKS scheme allows the user to verify the correctness of search results and avoids both certificate management or key escrow limitations. We then demonstrate the security of proposed VMKS scheme (i.e., the scheme achieves both ciphertext indistinguishability and signature unforgeability). We also use a real-world dataset to evaluate its feasibility and efficiency.

Introduction

During the outsourcing of data (e.g. text, image, video) to a remote cloud service provider, data owners (individuals and organizations) generally encrypt their (sensitive) data in order to ensure data confidentiality [7], [20], [24], [27], [36], [37], [38], [40]. In addition, some organizations may need to ensure that they are compliant with the relevant industry regulations and privacy requirements (e.g. the new European Union’s General Data Protection Regulation).

Despite the benefits of encrypting the data prior to outsourcing, searching over encrypted data (and dataset) remains a challenge. Searchable encryption (SE) was designed to allow users to securely search over ciphertexts, based on pre-defined keywords, and selectively retrieve files of interest [1], [25], [26], [29]. Examples of SE schemes include public key encryption with keyword search (PEKS), and the latter can be broadly categorize into certificate-based keyword search [3], [5] and identity (or attribute)-based keyword search [32], [43] schemes. In certificate-based keyword search schemes, the data owner shares his/her data by encrypting them with a specific data user’s public key. The key limitation is certificate management, as one needs to verify the certificates and public keys via the certificate management system. In other words, scalability can be a challenge in practice. The key limitation with identity (or attribute)-based keyword search schemes is key escrow, since the trusted authority center can decrypt any ciphertext in the system.

A number of researchers have attempted to address such limitations. For example, the keyword search scheme presented in [42] was designed to mitigate limitations in most existing SE schemes, such as those of [12], [13], [16]. However, the keyword search scheme presented in [42] assumes that the cloud is honest-but-curious, in the sense that the cloud service provider will faithfully follow the established protocols but at the same time, it is curious to deduce valuable information. Such an assumption is usually insufficient in practical applications, since the cloud may be financially motivated to return incomplete search results (e.g. to minimize computation and bandwidth resources). Therefore, we consider a semi-honest-but-curious cloud [2], which executes a fraction of the requested search operations and returns incomplete search results in practice. We then provide a result verification mechanism to guarantee the accuracy of the search results by appending a signature to each file stored in a cloud. We also observe that for verifiable keyword search schemes, there is a need to support multiple-keyword search in order to minimize bandwidth resources and improve user search experience (as a single keyword search returns many irrelevant search results [21], [30]).

To realize the above search functionalities simultaneously, we design a cryptographic primitive – hereafter referred to as Verifiable Multiple Keywords Search (VMKS). The latter allows one to perform a search over encrypted (cloud) data scheme by leveraging existing public auditing techniques, such as those presented in [33], [34]. In other words, a specific data user can issue multi-keyword search and verify the search results’ correctness with expressive index construction and certificateless signature. Moreover, the VMKS scheme can mitigate certificate management and key escrow limitations, and has constant trapdoor and ciphertexts retrieval sizes (both of which are important features when deploying on resource-constrained devices). We summarize the key features of the proposed VMKS scheme to be as follows:

•
Multiple keywords search. The proposed VMKS scheme allows a specific data user to issue multiple keywords search¹ which includes conjunctive keyword search and disconjunctive keyword search in a single search query without increasing the trapdoor size² and ciphertexts search size, which improves the user search experience.
•
Search results verification. The VMKS scheme allows one to verify the search results’ accuracy by appending a signature to each file.
•
Certificateless. To eliminate the certificate management and key escrow limitations in the existing SE schemes, the VMKS scheme is certificateless.

The remainder of this paper is organized as follows. Sections 2 and 3 review the literature and background relevant to the proposed VMKS scheme. Section 4 presents the system model, threat model, scheme definition and security model. The concrete construction of VMKS scheme is given in Section 5. In Section 6, we demonstrate the correctness and evaluate the security and performance of the VMKS scheme. Section 7 concludes the paper.

Section snippets

Related work

As discussed earlier, there have been extensive research on SE as evidenced by the different types of SE schemes proposed in the literature (e.g. single keyword search [17], multi-keyword search [14], [15], and verifiable keyword search [21], [31]).

The first ciphertext retrieval scheme designed for a symmetric setting [9], [11] is first proposed by Song et al. [29], and a few years later Boneh et al. [1] presented the first PEKS scheme for a asymmetric setting [22], [23]. Since then, there have

Preliminaries

In this section, we review the relevant background materials required in the understanding of the VMKS scheme.

Let x ∈ _RX denote an element x being selected uniformly at random from the set X, [1, Υ] be an integer set ${1, 2, \dots, Υ},$ G₁, G₂ be two multiplicative cyclic groups of prime order p, and g be a generator of group G₁. e is the bilinear map G₁ × G₁ → G₂, with the following properties: (1) Bilinearlity. $e (a^{u}, b^{v}) = e (a^{v}, b^{u}) = e {(a, b)}^{u v}$ for all a, b ∈ _RG₁, $u, v \in_{R} Z_{p}^{*}$ ; (2) Non-degeneracy. e(g, g) ≠ 1;

Problem formulations

In this section, we present the system model, threat model, scheme definition and security model.

Construction of VMKS scheme

Based on the certificateless keyword search scheme [42], we aim to achieve a more practical SE scheme supporting both results verification and multi-keyword search. Specifically, the VMKS scheme should verify the search results’ validity and allow the DU to issue conjunctive keyword search. As for the certificateless results verification, the VMKS scheme appends a signature to each file and then verifies the search results’ correctness. Furthermore, the scheme needs to avoid both certificate

Analysis of VMKS scheme

In this section, we analyze the correctness, security and performance of the VMKS scheme.

Conclusions

The capability to search over encrypted data will be increasingly important as more of our data are being shared across services and organizations.

In this paper, we proposed a verifiable multiple keywords search scheme, which allows DUs to ensure the accuracy of search results with the help of PAS. Furthermore, the proposed scheme avoids certificate management and key escrow, as well as allowing the DUs to issue multiple keywords in a single search query. The latter feature significantly

Acknowledgment

This work was supported by the National Natural Science Foundation of China (No. 61702404, No. 61702105, No. 61672413, No. 61472310), the Project funded by China Postdoctoral Science Foundation (No. 2017M613080), the Fundamental Research Funds for the Central Universities (No. JB171504, No. 11618332), the Key Program of NSFC (No. U1405255), and the Shaanxi Science & Technology Coordination & Innovation Project (No. 2016TZC-G-6-3) and the 111 project (No. B16037).

References (43)

Z. Deng et al.
A multi-user searchable encryption scheme with keyword authorization in a cloud storage
Future Gen. Comput. Syst.
(2017)
J. Li et al.
Fuzzy keyword search over encrypted data in cloud computing
Proc. IEEE Conference on Computer Communications (INFOCOM’10)
(2010)
Y. Miao et al.
Vcksm: verifiable conjunctive keyword search over mobile e-health cloud in shared multi-owner settings
Pervasive Mob. Comput.
(2017)
D. Boneh et al.
Public key encryption with keyword search
Proc. International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT’04)
(2004)
Q. Chai et al.
Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers
Proc. IEEE International Conference on Communications (ICC’12)
(2012)
R. Chen et al.
Server-aided public key encryption with keyword search
IEEE Trans. Inf. Forensics Secur.
(2016)
R. Chen et al.
A new general framework for secure public key encryption with keyword search
Proc. Australasian Conference on Information Security and Privacy (ACISP’15)
(2015)
R. Chen et al.
Dual-server public-key encryption with keyword search for secure cloud storage
IEEE Trans. Inf. Forensics Secur.
(2016)
Y. Chen et al.
Certificateless signatures: structural extensions of security models and new provably secure schemes
IACR Cryptol. ePrint Arch.
(2013)
B. Kang et al.
Certificateless public auditing with privacy preserving for cloud-assisted wireless body area networks
Mobile Inf. Syst.
(2017)

K. Kurosawa

Garbled searchable symmetric encryption

Proc. International Conference on Financial Cryptography and Data Security (FC’14)

(2014)

K. Kurosawa et al.

How to update documents verifiably in searchable symmetric encryption

Proc. International Conference on Cryptology and Network Security (CANS’13)

(2013)

K. Kurosawa et al.

How to construct uc-secure searchable symmetric encryption scheme

IACR Cryptol. ePrint Arch.

(2015)

H. Li et al.

Personalized search over encrypted data with efficient and secure updates in mobile clouds

IEEE Trans. Emerg. Top Comput.

(2018)

H. Li et al.

Engineering searchable encryption of mobile cloud networks: when qoe meets qop

IEEE Wireless Commun.

(2015)

H. Li et al.

Enabling efficient multi-keyword ranked search over encrypted mobile cloud data through blind storage

IEEE Trans. Emerg. Top. Comput.

(2015)

H. Li et al.

Enabling fine-grained multi-keyword search supporting classified sub-dictionaries over encrypted cloud data

IEEE Trans. Dependable Secure Comput.

(2016)

J. Li et al.

Ksf-oabe: outsourced attribute-based encryption with keyword search function for cloud storage

IEEE Trans. Serv. Comput.

(2017)

J. Li et al.

Searchable ciphertext-policy attribute-based encryption with revocation in cloud storage

Int. J. Commun. Syst.

(2017)

J. Li et al.

User collusion avoidance cp-abe with efficient attribute revocation for cloud storage

IEEE Syst. J.

(2018)

J. Li et al.

Flexible and fine-grained attribute-based data storage in cloud computing

IEEE Trans. Serv. Comput.

(2017)

Cited by (63)

Blockchain-assisted verifiable certificate-based searchable encryption against untrusted cloud server for Industrial Internet of Things
2024, Future Generation Computer Systems
The Industrial Internet of Things (IIoT) has brought practical application value to many industries, where significant amounts of IIoT data and resources are outsourced to cloud server (CS) via diverse networks for data fusion, monitoring, sharing, and calculation analysis. Considering privacy, there is a need to execute the encryption operation on the data before outsourcing, while how to retrieve the encrypted data from CS becomes a thorny issue. Furthermore, the untrusted CS in charge of storing and searching the ciphertexts may return incorrect or incomplete search results for some interest. Verifiable public key searchable encryption (VPKSE) provides the ability to encrypt data, retrieve ciphertext, and verify search results simultaneously. However, the malicious behavior of CS has not been sufficiently considered in most existing schemes, that is, their verifiability only ensures the correctness of search results, neglecting completeness. In this paper, the verifiability of VPKSE is re-examined, and three verifiability levels are defined detailedly. On this basis, a blockchain-assisted verifiable certificated-based searchable encryption (BVCBSE) scheme for IIoT is put forward. The integration of blockchain and cryptographic accumulator ensures that an untrusted CS must return correct and complete search results, achieving the highest level of verifiability. In addition, security analysis demonstrates that BVCBSE can resist keyword guessing attack. Performance evaluation illustrates that BVCBSE is efficient and practical.
Provably secure public key encryption with keyword search for data outsourcing in cloud environments
2023, Journal of Systems Architecture
In recent days, the application of cloud computing has been gaining significant popularity among people. A considerable amount of data are being stored in the cloud server. However, data owners outsource their encrypted data to the cloud for various security reasons. Unfortunately, encrypted data cannot be searched, like plaintext data. So how to search encrypted data is an interesting problem in this era. Many public key encryption with keyword search (PEKS) schemes have been designed in the literature. However, most of them cannot prevent keyword-guessing attacks. In this paper, we develop a provably secure PEKS scheme in the random oracle model. This scheme may be used for secure email access from an email server containing a list of encrypted keywords. The proposed scheme can resist keyword-guessing attacks, and offer ciphertext and trapdoor indistinguishability properties. We use the data owner’s private key during encryption to prevent keyword-guessing attacks. Using the data owner’s public key in the verification phase ensures the resilience of keyword-guessing attacks. Finally, the proposed scheme has been tested on a real testbed, and the results show that it can be used in the cloud computing scenario to search for keywords on encrypted data.
Edge-aided searchable data sharing scheme for IoV in the 5G environment
2023, Journal of Systems Architecture
The development of 5G technology provides huge potential for the Internet of Vehicles (IoV). In the IoV scenario, the secure exchange of traffic warning data is necessary to guarantee the safety of pedestrians, vehicles, and public transport facilities. However, there remain a series of challenging issues to achieve data secure sharing while ensuring efficiency. Current solutions such as the data outsourcing storage of traditional centralized cloud servers may cause information leakage due to their incomplete credibility. To address these problems mentioned above, this paper proposes an edge-aided searchable data sharing scheme based on blockchain for IoV in a 5G environment. First, the proposed scheme stores the search index of the keyword and the hash value of the data ciphertext on the blockchain to ensure its integrity and authenticity, and the smart contract automatically verifies the search trapdoor. And then, an edge caching mechanism is designed to quickly feedback on users’ retrieval needs based on a cloud-edge collaboration model. In addition, attribute-based searchable encryption is used to ensure that only the users who meet the access attributes and policy can decrypt the encrypted traffic warning data, which can achieve fine-grained access control and keyword search simultaneously. Finally, security analysis and performance evaluation demonstrate that our scheme is secure and more efficient compared with other schemes.
Blockchain-based verifiable and dynamic multi-keyword ranked searchable encryption scheme in cloud computing
2022, Journal of Information Security and Applications
Citation Excerpt :
However, in a pay-as-you-go cloud storage environment, the malicious server can cheat the client by returning inconsistent or incorrect results for some reason, and the user may blame CS for sending wrong results and refusing to pay, resulting in service-payment inequity. Hence, to prevent such an attack, Miao et al. [19] implemented a new efficient multi-keyword verifiable SE scheme. The scheme is proven to resist KGAs.
Rational miners in the blockchain may admit the validity of search results directly to conserve calculation overhead without executing the validation. Such phenomenon is known as the Verifier's Dilemma that the search results of the blockchain-based searchable encryption scheme would be claimed to have been verified but devoid of valid verification. Besides, the top-k query technique utilized by most existing searchable encryption schemes fails to filter the search results from the user demands during retrieval, which results in massive ineffective access lists with high complexity. Aiming at the two problems, we present a blockchain-based multi-keyword ranked searchable encryption scheme and design a fair payment protocol for multi-user scenarios. Our scheme may achieve public verifiability and user fairness by leveraging the TrueBit network, while the data owner (DO) can withdraw search privileges from the authorized data user (DU). Also, we extend the searchable encryption scheme based on inverted index to multi-DO/multi-DU scenarios, and the HashMap index is used to diminish the response time and space complexity. Moreover, the proposed scheme supports the update of index keywords and files dynamically. To enhance retrieval accuracy, we modify the information divergence algorithm in machine learning and utilize the monotonically weighted aggregation function, which improves retrieval accuracy to around 97%. Finally, Security analysis illustrates correctness and resilience against typical attacks to verify the robustness and utility of the proposed scheme.
Verifiable online/offline multi-keyword search for cloud-assisted Industrial Internet of Things
2022, Journal of Information Security and Applications
Citation Excerpt :
Indeed, in these schemes, it is assumed that the cloud server performs the search process accurately. To address this problem, several verifiable searchable encryption schemes have been put forward [24–26,32–34]. However, in these schemes, users have to download the search results completely to verify their correctness.
Attribute-based encryption (ABE) and attribute-based keyword search (ABKS) facilitate fine-grained access and search control for cloud-assisted Industrial Internet of Things (IIoT). However, existing schemes suffer from the following drawbacks: (1) their computational overhead in data outsourcing and retrieval is exceptionally high; (2) they obtain wrong search results if one or more of the queried keywords are wrongly selected; (3) in most existing ABKS, the untrustworthiness of the cloud server is not taken into account, and the correctness of the search results is not verified; (4) existing verifiable ABKS schemes do not support search results verification without the main data, and verifiers have to first download the search results and then check their correctness. In this paper, we design a verifiable online/offline multi-keyword search (VMKS) scheme providing high-level solutions to the aforementioned problems. We use the healthcare setting as a case study, and we demonstrate how our VMKS can be deployed in cloud-assisted Healthcare IIoT (HealthIIoT). We prove the security of our VMKS in the standard model and under the hardness assumption of the decisional bilinear Diffie-Hellman (DBDH) problem. Empirical results demonstrate that our VMKS speeds up encryption and verification processes by more than $70 %$ and $90 %$ , respectively. Moreover, our scheme reduces the communication overhead in the verification phase by more than $80 %$ .
Lattice-based public key searchable encryption with fine-grained access control for edge computing
2022, Future Generation Computer Systems
Citation Excerpt :
Public key encryption with keyword search (PEKS) [20] is a way to retrieve encrypted data that is uploaded to the edge devices without leaking any information. After that, many PEKS schemes [21–29] with novel functionality were proposed, for instance, multiple keyword search, proxy keyword search, cross-lingual ranked search. Specifically, Chen et al. [30] put forward a witness-based PEKS to resist internal attacks in the edge computing, using homomorphic encryption.
As a bridge between cloud computing platforms and the Internet of Things (IoT) devices, edge computing provides various on-demand data services to reduce latency and network congestion. To ensure data security in edge computing, sensitive data should be encrypted before being outsourced to edge servers. Public key encryption with keyword search (PEKS) can provide search service for encrypted data. Nevertheless, most existing PEKS schemes are susceptible to quantum attacks because their security assumptions are based on traditional hardness assumptions. Moreover, many lattice-based PEKS schemes only apply to the single-user scenario, limiting the range of applications. In this paper, we present an efficient lattice-based public key searchable encryption with fine-grained access control for edge computing. Our scheme achieves post-quantum security and highly flexible access control policies for multi-user applications, by utilizing the learning with errors (LWE) assumption and subset predicate encryption. The security proof illustrates that our proposed scheme is secure under chosen plaintext attacks and chosen keyword attacks. Finally, extensive experiments on real-world datasets illustrate that our encryption algorithm is faster than existing approaches.

View all citing articles on Scopus

View full text

Enabling verifiable multiple keywords search over encrypted cloud data

Abstract

Introduction

Section snippets

Related work

Preliminaries

Problem formulations

Construction of VMKS scheme

Analysis of VMKS scheme

Conclusions

Acknowledgment

Future Gen. Comput. Syst.

Pervasive Mob. Comput.

Public key encryption with keyword search

Proc. International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT’04)

Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers

Proc. IEEE International Conference on Communications (ICC’12)

Server-aided public key encryption with keyword search

IEEE Trans. Inf. Forensics Secur.

A new general framework for secure public key encryption with keyword search

Proc. Australasian Conference on Information Security and Privacy (ACISP’15)

Dual-server public-key encryption with keyword search for secure cloud storage

IEEE Trans. Inf. Forensics Secur.

Certificateless signatures: structural extensions of security models and new provably secure schemes

IACR Cryptol. ePrint Arch.

Certificateless public auditing with privacy preserving for cloud-assisted wireless body area networks

Mobile Inf. Syst.

Garbled searchable symmetric encryption

Proc. International Conference on Financial Cryptography and Data Security (FC’14)

How to update documents verifiably in searchable symmetric encryption

Proc. International Conference on Cryptology and Network Security (CANS’13)

How to construct uc-secure searchable symmetric encryption scheme

IACR Cryptol. ePrint Arch.

Personalized search over encrypted data with efficient and secure updates in mobile clouds

IEEE Trans. Emerg. Top Comput.

Engineering searchable encryption of mobile cloud networks: when qoe meets qop

IEEE Wireless Commun.

Enabling efficient multi-keyword ranked search over encrypted mobile cloud data through blind storage

IEEE Trans. Emerg. Top. Comput.

Enabling fine-grained multi-keyword search supporting classified sub-dictionaries over encrypted cloud data

IEEE Trans. Dependable Secure Comput.

Ksf-oabe: outsourced attribute-based encryption with keyword search function for cloud storage

IEEE Trans. Serv. Comput.

Searchable ciphertext-policy attribute-based encryption with revocation in cloud storage

Int. J. Commun. Syst.

User collusion avoidance cp-abe with efficient attribute revocation for cloud storage

IEEE Syst. J.

Flexible and fine-grained attribute-based data storage in cloud computing

IEEE Trans. Serv. Comput.