一种支持前向安全更新和验证的加密搜索算法

doi:10.19665/j.issn1001-2400.2020.05.007

Abstract

Abstract:

Recent advances in cloud computing are further pushing forward the development of the technique known as searchable encryption. However, existing encrypted search schemes mainly consider a centralized setting, where a search is conducted in a traditional client-server model. How to apply searchable encryption schemes to an untrusted distributed setting like the blockchain environment remains to be explored. Meanwhile, the advanced security property like forward security is posing new challenges that traditional technologies are no longer sufficient to cope with. In this work, we explore the potential of the blockchain technique and propose a novel dual index structure for forward-secure encrypted search with dynamic file updates. We show how to synthesize this design strategy in the context of blockchain-based storage systems and achieve both optimal search and update complexity. We also propose a verification scheme to verify the correctness of search results and customize an encrypted on-chain checklist to achieve strong data protection and lower the blockchain overhead. We implement the prototype on a Redis cluster and conduct performance evaluations on the Amazon Cloud. Extensive experiments demonstrate the security and efficiency of the design.

Key words: encrypted search, forward security, blockchain system, dynamic searchable encryption

CLC Number:

TP301.6

LI Han,ZHANG Chen,HUANG Hejiao,GUO Yu. Algorithm for encrypted search with forward secure updates and verification[J].Journal of Xidian University, 2020, 47(5): 48-56.

Figures/Tables 2

References 22

[1]	CURTMOLA R, GARAY J, KAMARA S, et al. Ostrovsky. Searchable Symmetric Encryption: Improved Definitions and Efficient Constructions[J]. Journal of Computer Security, 2011,19(5):895-934.
[2]	KAMARA S, PAPAMANTHOU C, ROEDER T. Dynamic Searchable Symmetric Encryption [C]//Proceedings of the 2012 ACM Conference on Computer and Communications Security. New York: ACM, 2012: 965-976.
[3]	CASH D, JAEGER J, JARECKI S, et al. Dynamic Searchable Encryption in Very-large Databases: Data Structures and Implementation [C]//Proceedings of 2014 Network and Distributed System Security Symposium. Piscataway: IEEE, 2014: 23-26.
[4]	WILKINSON S, BOSHEVSKI T, BRANDOF J, et al. Storj: a Peer-to-peer Cloud Storage Network[EB/OL]. [2020-03-26]. https://storj.io/storjv2.pdf.
[5]	PRZYDATEK B, SONG D, PERRIG A. Sia: Secure Information Aggregation in Sensor Networks [C]//Proceedings of the First International Conference on Embedded Networked Sensor Systems. New York: ACM, 2003: 255-265.
[6]	Protocol Labs. Filecoin: a decentralized storage network[EB/OL].[2020-03-26]. https://ipfser.org/2019/08/16/filecoin-a-decentralized-storage-network-3/.
[7]	HU S, CAI C, WANG Q, et al. Searching an Encrypted Cloud Meets Mlockchain: A Decentralized, Reliable and Fair Realization [C]//Proceedings of the 2018 IEEE INFOCOM. Piscataway: IEEE, 2018: 792-800.
[8]	CAI C J, WENG J, YUAN X L, et al. Enabling Reliable Keyword Search in Encrypted Decentralized Storage with Fairness[J]. IEEE Transactions on Dependable and Secure Computing, 2018, DOI: 10.1109/TDSC.2018.2877332. doi: 10.1109/TDSC.2012.11 pmid: 24489520
[9]	CLARKE D, DEVADAS S, VAN DIJK M, et al. Incremental Multiset Hash Functions and Their Application to Memory Integrity Checking [C]//Lecture Notes in Computer Science: 2894. Heidelberg: Springer Verlag, 2003: 188-207.
[10]	NAKAMOTO S. Bitcoin: a Peer-to-peer Electronic Cash System[EB/OL]. [2020-03-26]. https://bitcoin.org/bitcoin.pdf.
[11]	WOOD G. et al. Ethereum: a Secure Decentralised Generalised Transaction Ledger[J]. Ethereum Project Yellow Paper, 2014,151(2014):1-32.
[12]	YAO J, ZHENG Y, GUO Y, et al. A Privacy Preserving System for Targeted Coupon Service[J]. IEEE ACCESS, 2019,7:120817-120830.
[13]	WILKINSON S, LOWRY J. Metadisk a blockchain-based decentralized file storage application[EB/OL]. [2020-03-26]. https://storj.io/metadisk.pdf.
[14]	BOST R. Sophos: Forward Secure Searchable Encryption [C]//Proceedings of the 2016 23^rd ACM Conference on Computer and Communications Security. New York: ACM , 2016: 1143-1154.
[15]	BOST R, MINAUD B, OHRIMENKO O. Forward and Backward Private Searchable Encryption from Constrained Cryptographic Primitives [C]//Proceedings of the 2017 ACM Conference on Computer and Communications Security. New York: ACM, 2017: 1465-1482.
[16]	KIM K S, KIM M, LEE D, et al. Forward Secure Dynamic Searchable Symmetric Encryption with Efficient Updates [C]//Proceedings of the 2017 ACM Conference on Computer and Communications Security. New York: ACM, 2017: 1449-1463.
[17]	GUO Y, YUAN X, WANG X, et al. Enabling Encrypted Rich Queries in Distributed Key-value Stores[J]. IEEE Transactions on Parallel and Distributed Systems, 2019,30(6):1283-1297.
[18]	WANG Q, GUO Y, HUANG H, et al. Multi-user Forward Secure Dynamic Searchable Symmetric Encryption [C]//Lecture Notes in Computer Science: 11058. Heidelberg:Springer Verlag, 2018: 125-140.
[19]	YUAN X, GUO Y, WANG X, et al. Enckv: An Encrypted Key-value Store with Rich Queries [C]//Proceedings of the 2017 ACM Asia Conference on Computer and Communications Security. New York: ACM, 2017: 423-435.
[20]	LI H, TIAN H, ZHANG F, et al. Blockchain-based Searchable Symmetric Encryption Scheme[J]. Computers and Electrical Engineering, 2019,73:32-45.
[21]	PRENEEL B, GOVAERTS R, VANDEWALLE J. Hash Functions Based on Block Ciphers: a Synthetic Approach [C]//Lecture Notes in Computer Science: 773. Heidelberg: Springer Verlag, 1994: 368-378.
[22]	BLUM M, MICALI S. How to Generate Cryptographically Strong Sequence of Pseudo-random Bits[J]. SIAM Journal on Computing, 1984,13(4):850-864.

Algorithm for encrypted search with forward secure updates and verification

RichHTML

PDF (PC)

Like

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 2

References 22

Related Articles 2

Metrics

Comments

Recommended 10

[1]	QIU Gang;WANG Hong;XIAO Hong;XIAO Guo-zhen. Security analysis of two forward-secure blind signature schemes [J]. J4, 2010, 37(1): 107-112+147.
[2]	CHEN Jing;YANG Bo;TIAN Chun-qi. Security analysis of a key management scheme for multicast based on the one-way function tree [J]. J4, 2004, 31(6): 959-962.