Security analysis of secure kNN and ranked keyword search over encrypted data

In cloud computing, enabling search directly over encrypted data is an important technique to effectively utilize encrypted data. Most of the existing techniques are focusing on fuzzy keyword search as it helps achieve more robust search performance by tolerating misspelling or typos of data users. Existing works always build index without classifying keywords in advance. They suffer from efficiency issue. Furthermore, Euclidean distance or Hamming distance is often chosen to evaluate strings’ similarity, ignoring prefixes matching and the influence of strings’ length on the accuracy. We propose an efficient fuzzy keyword search scheme with lower computation cost and higher accuracy to address the aforementioned problems. We employ the sub-dictionaries technique and the Bed-tree structure to build an index with three layers for achieving better search efficiency. With this index structure, the server could locate the keyword and could narrow the search scope quickly. The Jaro-Winkler distance is introduced to qualify the strings’ similarity by considering the prefixes matching and string length. The secure privacy mechanism is incorporated into the design of our work. Security analysis and performance evaluation demonstrate our scheme is more efficient compared to the existing one while guaranteeing security.

Download Full-text

A Survey on Secure Ranked Keyword Search over Outsourced Encrypted Cloud Data

International Journal for Research in Applied Science and Engineering Technology ◽

10.22214/ijraset.2021.35184 ◽

2021 ◽

Vol 9 (VI) ◽

pp. 949-952

Author(s):

Akash Tidke

Keyword(s):

Comparative Study ◽

Keyword Search ◽

Encrypted Data ◽

Cloud Data ◽

Ranked Search ◽

Ranked Keyword Search ◽

Cloud Servers

In this paper we present a survey on keyword based searching algorithms. Various searching techniques are used for retrieving the encrypted data from cloud servers. This survey work involves a comparative study of these keyword based searching algorithms. It concludes that till now multi-keyword ranked search MRSE scheme is the best methodology for searching the encrypted data.

Download Full-text

What If Keys Are Leaked? towards Practical and Secure Re-Encryption in Deduplication-Based Cloud Storage

Information ◽

10.3390/info12040142 ◽

2021 ◽

Vol 12 (4) ◽

pp. 142

Author(s):

Weijing You ◽

Lei Lei ◽

Bo Chen ◽

Limin Liu

Keyword(s):

Experimental Evaluation ◽

Cloud Storage ◽

Security Analysis ◽

Encrypted Data ◽

Cloud Data ◽

Storage Cost ◽

Outsourced Data ◽

Proof Of Ownership ◽

Client Side ◽

Over Time

By only storing a unique copy of duplicate data possessed by different data owners, deduplication can significantly reduce storage cost, and hence is used broadly in public clouds. When combining with confidentiality, deduplication will become problematic as encryption performed by different data owners may differentiate identical data which may then become not deduplicable. The Message-Locked Encryption (MLE) is thus utilized to derive the same encryption key for the identical data, by which the encrypted data are still deduplicable after being encrypted by different data owners. As keys may be leaked over time, re-encrypting outsourced data is of paramount importance to ensure continuous confidentiality, which, however, has not been well addressed in the literature. In this paper, we design SEDER, a SEcure client-side Deduplication system enabling Efficient Re-encryption for cloud storage by (1) leveraging all-or-nothing transform (AONT), (2) designing a new delegated re-encryption (DRE), and (3) proposing a new proof of ownership scheme for encrypted cloud data (PoWC). Security analysis and experimental evaluation validate security and efficiency of SEDER, respectively.

Download Full-text

Privacy-Preserving Sorting Algorithms Based on Logistic Map for Clouds

Security and Communication Networks ◽

10.1155/2018/2373545 ◽

2018 ◽

Vol 2018 ◽

pp. 1-10

Author(s):

Hua Dai ◽

Hui Ren ◽

Zhiye Chen ◽

Geng Yang ◽

Xun Yi

Keyword(s):

Data Privacy ◽

Logistic Map ◽

Security Analysis ◽

Privacy Preserving ◽

Service Recommendation ◽

Sensitive Data ◽

Encrypted Data ◽

Sorting Algorithms ◽

Common Operation ◽

Cloud Servers

Outsourcing data in clouds is adopted by more and more companies and individuals due to the profits from data sharing and parallel, elastic, and on-demand computing. However, it forces data owners to lose control of their own data, which causes privacy-preserving problems on sensitive data. Sorting is a common operation in many areas, such as machine learning, service recommendation, and data query. It is a challenge to implement privacy-preserving sorting over encrypted data without leaking privacy of sensitive data. In this paper, we propose privacy-preserving sorting algorithms which are on the basis of the logistic map. Secure comparable codes are constructed by logistic map functions, which can be utilized to compare the corresponding encrypted data items even without knowing their plaintext values. Data owners firstly encrypt their data and generate the corresponding comparable codes and then outsource them to clouds. Cloud servers are capable of sorting the outsourced encrypted data in accordance with their corresponding comparable codes by the proposed privacy-preserving sorting algorithms. Security analysis and experimental results show that the proposed algorithms can protect data privacy, while providing efficient sorting on encrypted data.

Download Full-text

PIMRS: achieving privacy and integrity-preserving multi-owner ranked-keyword search over encrypted cloud data

Security and Communication Networks ◽

10.1002/sec.1482 ◽

2016 ◽

Vol 9 (16) ◽

pp. 3765-3776 ◽

Cited By ~ 1

Author(s):

Jinguo Li ◽

Mi Wen ◽

Kejie Lu ◽

Chunhua Gu

Keyword(s):

Keyword Search ◽

Cloud Data ◽

Ranked Keyword Search

Download Full-text

A Secure Ciphertext Retrieval Scheme against Insider KGAs for Mobile Devices in Cloud Storage

Security and Communication Networks ◽

10.1155/2018/7254305 ◽

2018 ◽

Vol 2018 ◽

pp. 1-7 ◽

Cited By ~ 11

Author(s):

Run Xie ◽

Chanlian He ◽

Dongqing Xie ◽

Chongzhi Gao ◽

Xiaojun Zhang

Keyword(s):

Cloud Computing ◽

Mobile Devices ◽

Data Privacy ◽

Security Analysis ◽

Data Retrieval ◽

Sensitive Data ◽

Encrypted Data ◽

Security Issues ◽

Efficiency Comparison ◽

Cloud Servers

With the advent of cloud computing, data privacy has become one of critical security issues and attracted much attention as more and more mobile devices are relying on the services in cloud. To protect data privacy, users usually encrypt their sensitive data before uploading to cloud servers, which renders the data utilization to be difficult. The ciphertext retrieval is able to realize utilization over encrypted data and searchable public key encryption is an effective way in the construction of encrypted data retrieval. However, the previous related works have not paid much attention to the design of ciphertext retrieval schemes that are secure against inside keyword-guessing attacks (KGAs). In this paper, we first construct a new architecture to resist inside KGAs. Moreover we present an efficient ciphertext retrieval instance with a designated tester (dCRKS) based on the architecture. This instance is secure under the inside KGAs. Finally, security analysis and efficiency comparison show that the proposal is effective for the retrieval of encrypted data in cloud computing.

Download Full-text

Secure and flexible keyword search over encrypted data with outsourced decryption in Internet of things

annals of telecommunications - annales des télécommunications ◽

10.1007/s12243-018-0694-8 ◽

2018 ◽

Vol 74 (7-8) ◽

pp. 413-421 ◽

Cited By ~ 1

Author(s):

Yinghui Zhang ◽

Axin Wu ◽

Tiantian Zhang ◽

Dong Zheng

Keyword(s):

Internet Of Things ◽

Keyword Search ◽

Encrypted Data ◽

Outsourced Decryption

Download Full-text

R-OO-KASE: Revocable Online/Offline Key Aggregate Searchable Encryption

Data Science and Engineering ◽

10.1007/s41019-020-00136-y ◽

2020 ◽

Vol 5 (4) ◽

pp. 391-418

Author(s):

Mukti Padhya ◽

Devesh C. Jinwala

Keyword(s):

Radio Frequency Identification ◽

Keyword Search ◽

Electrical Power ◽

Computational Cost ◽

Security Analysis ◽

Searchable Encryption ◽

Resource Constrained ◽

Encryption Decryption ◽

Resource Constrained Devices ◽

Constrained Devices

Abstract The existing Key Aggregate Searchable Encryption (KASE) schemes allow searches on the encrypted dataset using a single query trapdoor, with a feature to delegate the search rights of multiple files using a constant size key. However, the operations required to generate the ciphertext and decrypt it in these schemes incur higher computational costs, due to the computationally expensive pairing operations in encryption/decryption. This makes the use of such schemes in resource-constrained devices, such as Radio Frequency Identification Devices, Wireless Sensor Network nodes, Internet of Things nodes, infeasible. Motivated with the goal to reduce the computational cost, in this paper, we propose a Revocable Online/Offline KASE (R-OO-KASE) scheme, based on the idea of splitting the encryption/decryption operations into two distinct phases: online and offline. The offline phase computes the majority of costly operations when the device is on an electrical power source. The online phase generates final output with the minimal computational cost when the message (or ciphertext) and keywords become known. In addition, the proposed scheme R-OO-KASE also offers multi-keyword search capability and allows the data owners to revoke the delegated rights at any point in time, the two features are not supported in the existing schemes. The security analysis and empirical evaluations show that the proposed scheme is efficient to use in resource-constrained devices and provably secure as compared to the existing KASE schemes.

Download Full-text