Document Type : Original Article
Authors
Dep. Of Computer Engineering, University Of Guilan, P.O. Box 3756
Abstract
As organizations increasingly outsource data to cloud storage, ensuring the security and integrity of this data becomes paramount. Searchable encryption (SE) offers a promising solution by enabling secure searches on encrypted data, thereby preserving privacy and confidentiality. However, existing SE schemes often overlook the issue of data integrity, particularly when the cloud server, an external and potentially untrusted entity, returns invalid or malicious results. This paper proposes a novel technique for validating the results returned by the cloud server in asymmetric searchable encryption schemes. The proposed method introduces minimal efficiency overhead and is easily applicable to existing schemes. By applying this technique to the dPEKS (designated Public Key Encryption with Keyword Search) scheme, we demonstrate a significant reduction in search time while enhancing the ability to validate results across multiple servers. Our approach ensures that the integrity of returned data is preserved, even in scenarios where the cloud server may act maliciously. The proposed technique is particularly effective in private scenarios, such as e-care and banking, where only authorized users can send and retrieve data. This work contributes to the ongoing effort to improve the security and reliability of searchable encryption in cloud environments.
Keywords
[1] Fei Han, Jing Qin, Jiankun Hu, (2016). Secure searches in the cloud: A survey. Future Generation of Computer Systems, Volume 62, Pages 66-75, https://doi.org/10.1016/j.future.2016.01.007.
[2] Bösch, C., Hartel, P., Jonker, W., Peter, A., (2014). A Survey of Provably Secure Searchable Encryption. ACM Computing Surveys, Vol. 47, 2, pages 1-51, https://doi.org/10.1145/2636328.
[3] Arabnouri, A., Ebrahimi Atani, R., Azizzadeh, S., (2020). Security Analysis of Public Key Searchable Encryption Schemes against Injection Attacks”, Cryptology ePrint Archive, Report 2020/1530, https://eprint.iacr.org/2020/1530.
[4] Song, D.X., Wagner, D., Perrig, A., (2000). Practical techniques for searches on encrypted data. Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000, Berkeley, CA, USA, 2000, pp. 44-55, https://doi.org/10.1109/SECPRI.2000.848445.
[5] Goh, E., .Secure indexes. Cryptology ePrint Archive, Rep. 2003/216, https://eprint.iacr.org/2003/216.
[6] Chang, YC., Mitzenmacher, M., (2005) “Privacy Preserving Keyword Searches on Remote Encrypted Data. Applied Cryptography and Network Security (ACNS), Lecture Notes in Computer Science, Vol 3531. Springer, Berlin, Heidelberg, https://doi.org/10.1007/11496137_30.
[7] Curtmola, R., Garay, J., Kamara, S., Ostrovsky, R., (2011). Searchable Symmetric Encryption: Improved Definitions and Efficient Constructions., Journal of Computer Security, Vol. 19, No. 5, Pages: 895-934, https://doi.org/10.3233/JCS-2011-0426.
[8] Golle, P., Staddon, J., Waters, B., (2004). Secure Conjunctive Keyword Search over Encrypted Data. Applied Cryptography and Network Security. ACNS 2004. Lecture Notes in Computer Science, Vol 3089. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24852-1_3.
[9] Kurosawa, K., Ohtaki, Y., (2012). UC-Secure Searchable Symmetric Encryption. Financial Cryptography and Data Security. FC 2012. Lecture Notes in Computer Science, Vol 7397. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32946-3_21.
[10] Chai, Q., Gong, G., (2012). Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers. IEEE International Conference on Communications (ICC), Ottawa, ON, pages: 917-922, https://doi.org/10.1109/ICC.2012.6364125.
[11] Moataz, T., Shikfa, A., (2013). Boolean symmetric searchable encryption”, ASIA CCS '13: Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security, Pages 265–276, https://doi.org/10.1145/2484313.2484347.
[12] Chamani, J., Papadopoulos, D., Papamanthou, C., Jalili, r., (2018) .New Constructions for Forward and Backward Private Symmetric Searchable Encryption. CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, Pages 1038–1055, https://doi.org/10.1145/3243734.3243833.
[13] Boneh, D., Crescenzo, G, Ostrovsky, R., Persiano, G., (2004). Public Key Encryption with Keyword Search”, Advances in Cryptology - EUROCRYPT 2004. Lecture Notes in Computer Science, Vol 3027. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24676-3_30.
[14] Tang, Q., Chen, L., (2010). Public-Key Encryption with Registered Keyword Search. Public Key Infrastructures, Services and Applications. EuroPKI 2009. Lecture Notes in Computer Science, Vol 6391. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16441-5_11.
[15] Rhee, H. S., Park, J. H., Susilo, W., Lee, D. H., (2010). Trapdoor security in a searchable public-key encryption scheme with a designated tester. Journal of Systems and Software, Vol. 83, Issue 5, Pages 763-771, ISSN 0164-1212, https://doi.org/10.1016/j.jss.2009.11.726.
[16] Yau, W., Phan, R., Heng, W., Goi, B., (2013). Keyword guessing attacks on secure searchable public key encryption schemes with a designated tester. International Journal of Computer Mathematics, Vol. 90(12), Pages: 2581-2587, https://doi.org/10.1080/00207160.2013.778985.
[17] Chen, Y., (2015). SPEKS: Secure Server-Designation Public Key Encryption with Keyword Search against Keyword Guessing Attacks. The Computer Journal, Vol. 58, Issue 4, Pages Pages: 922–933, https://doi.org/10.1093/comjnl/bxu013.
[18] Chen, R., Mu, Y., Yang, G., Guo, F., Huang, X., Wang, X., Wang, Y., (2016). Server-Aided Public Key Encryption With Keyword Search. IEEE Transactions on Information Forensics and Security, Vol. 11, No. 12, pages: 2833-2842, https://doi.org/10.1109/TIFS.2016.2599293.
[19] Sun, L., XU, C., Zhang, M., Chen, K., (2018). Hongwei LI, “Secure searchable public key encryption against insider keyword guessing attacks from indistinguishability obfuscation. Journal of Science China Information Sciences, Vol. 61, Issue 3, https://doi.org/10.1007/s11432-017-9124-0.
[20] Zhang, J., Song, C., Wang, Z., Yang, T., Ma, W., (2018). Efficient and Provable Security Searchable Asymmetric Encryption in the Cloud. IEEE Access, Vol. 6, pp. 68384-68393, https://doi.org/10.1109/ACCESS.2018.2872743.
[21] Chen, R., Mu, Y., Yang, G., Guo, F., Wang, X., (2015). A New General Framework for Secure Public Key Encryption with Keyword Search. Information Security and Privacy. ACISP 2015, Lecture Notes in Computer Science, Vol 9144. Springer, Cham. https://doi.org/10.1007/978-3-319-19962-7_4.
[22] Liu, P., Wang, J., Ma, H., Nie, H., (2014). Efficient Verifiable Public Key Encryption with Keyword Search Based on KP-ABE. Ninth International Conference on Broadband and Wireless Computing, Communication and Applications, Pages: 584-589, https://doi.org/10.1109/BWCCA.2014.119.
[23] Hwang, Y., Lee, P., (2007). Public Key Encryption with Conjunctive Keyword Search and Its Extension to a Multi-user System. Pairing-Based Cryptography – Pairing 2007, Lecture Notes in Computer Science, Vol 4575, Springer, https://doi.org/10.1007/978-3-540-73489-5_2.
[24] Shi, E., Bethencourt, J., Chan, T. H., Song, D., Perrig, A., (2007). Multi-Dimensional Range Query over Encrypted Data. IEEE Symposium on Security and Privacy (SP'07), Berkeley, CA, 2007, pp. 350-364, https://doi.org/10.1109/SP.2007.29.
[25] Boneh, D., Waters, B., (2007). Conjunctive, Subset, and Range Queries on Encrypted Data. Theory of Cryptography. TCC 2007, Lecture Notes in Computer Science, Vol 4392. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-70936-7_29.
[26] Boneh, D., Kushilevitz, E., Ostrovsky, R., Skeith, W.E., (2007). Public Key Encryption That Allows PIR Queries. Advances in Cryptology - CRYPTO 2007. Lecture Notes in Computer Science, Vol 4622. Springer, Berlin, Heidelberg, https://doi.org/10.1007/978-3-540-74143-5_4.
[27] Arabnouri, A., Security Evaluation of Searchable Encryption protocols. MSc Thesis, University of Guilan, 2019, (in Persian).
[28] Arabnouri, A., Ebrahimi Atani, R., Azizzadeh, S., (2020). Security Analysis of Public Key Searchable Encryption Schemes against Injection Attacks”, Cryptology ePrint Archive, Report 2020/1553, https://eprint.iacr.org/2020/1530.
[29] Arabnouri, A., Shafieinejad, A., (2024). BACASE-SH: Blockchain-based authenticated certificate-less asymmetric searchable encryption for smart healthcare. Peer-to-Peer Networking and Applications, Vol.17, Pages: 2298–2314, https://doi.org/10.1007/s12083-024-01687-x.
[30] Amorim, I., Costa, I. (2023). Leveraging Searchable Encryption through Homomorphic Encryption: A Comprehensive Analysis. Mathematics, Vol.11(13), 2948. https://doi.org/10.3390/math11132948.
[31] Duan, G., Li, S., (2023). Verifiable and Searchable Symmetric Encryption Scheme Based on the Public Key Cryptosystem. Electronics, Vol. 2(18), 3965. https://doi.org/10.3390/electronics12183965
[32] Fugkeaw, S., Hak, L., Theeramunkong, T., (2024). Achieving Secure, Verifiable, and Efficient Boolean Keyword Searchable Encryption for Cloud Data Warehouse. IEEE Access, Vol. 12, pp. 49848-49864, https://doi.org/10.1109/ACCESS.2024.3383320.
[33] Shen, F., Shi, L., Zhang, J., Xu, C., Chen, Y., He, Y., (2024). BMSE: Blockchain-based multi-keyword searchable encryption for electronic medical records. Computer Standards & Interfaces, Vol. 89, 103824, ISSN 0920-5489, https://doi.org/10.1016/j.csi.2023.103824.
[34] Meng, L., Chen, L., Tian, Y., Manulis, M., Liu, S., (2024). FEASE: Fast and Expressive Asymmetric Searchable Encryption. 33rd USENIX Security Symposium, ISBN: 978-1-939133-44-1, pages = 2545-2562.
[35] Qingji Zheng, Shouhuai Xu, Giuseppe Ateniese, "VABKS: Verifiable attribute-based keyword search over outsourced encrypted data," IEEE INFOCOM 2014 - IEEE Conference on Computer Communications, Toronto, ON, (2014), pp. 522-530, https://doi.org/10.1109/INFOCOM.2014.6847976
[36] Binrui Zhu, Jiameng, SunJing Qin, Jixin Ma (2018) “The Public Verifiability of Public Key Encryption with Keyword Search”. In: Hu J., Khalil I., Tari Z., Wen S. (eds) Mobile Networks and Management. MONAMI 2017. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 235. Springer, Cham. https://doi.org/10.1007/978-3-319-90775-8_24
[37] Pengliang Liu, Jianfneg Wang, Hua Ma, Haixin Nie, “Efficient Verifiable Public Key Encryption with Keyword Search Based on KP-ABE”, 2014 Ninth International Conference on Broadband and Wireless Computing, Communication and Applications, Guangdong, 2014, pp. 584-589, https://doi.org/10.1109/BWCCA.2014.119
[38] Rui Zhang, Rui Xue, Ting Yu, Ling Liu, "PVSAE: A Public Verifiable Searchable Encryption Service Framework for Outsourced Encrypted Data," 2016 IEEE International Conference on Web Services (ICWS), San Francisco, CA, 2016, pp. 428-435, https://doi.org/10.1109/ICWS.2016.62
[39] Shengshan Hu, Chengjun Cai, Qian Wang, Cong Wang, Xiangyang Luo, Kui Ren, "Searching an Encrypted Cloud Meets Blockchain: A Decentralized, Reliable and Fair Realization," IEEE INFOCOM 2018 - IEEE Conference on Computer Communications, Honolulu, HI, 2018, pp. 792-800, https://doi.org/10.1109/INFOCOM.2018.8485890
[40] Yinghui Zhang, Robert H. Deng, Jiangang Shu, Kan Yang, Dong Zheng, "TKSE: Trustworthy Keyword Search Over Encrypted Data With Two-Side Verifiability via Blockchain," in IEEE Access, vol. 6, pp. 31077-31087, 2018, https://doi.org/10.1109/ACCESS.2018.2844400
[41] Shahzaib Tahir, Muttukrishnan Rajarajan, "Privacy-Preserving Searchable Encryption Framework for Permissioned Blockchain Networks," 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), Halifax, NS, Canada, 2018, pp. 1628-1633, https://doi.org/10.1109/Cybermatics_2018.2018.00272
[42] Rahnama Lashkami, S., Ebrahimi Atani, R., Arabnouri, A., Salemi, G., (2020). A Blockchain Based Framework for Complete Secure Data Outsourcing with Malicious Behavior Prevention. 28th Iranian Conference on Electrical Engineering (ICEE), Tabriz, Iran, 2020, pp. 1-7, https://doi.org/10.1109/ICEE50131.2020.9260866
[43] Arabnouri, A., Ebrahimi Atani, R., (2018). Asymmetric searchable encryption secure against Insider Key Guessing Attacks. The 26th Iranian Conference on Electrical Engineering (ICEE) 08-10 May 2018, Mashhad, Iran.
)