Searchable Encryption with Optimal Locality: Achieving Sublogarithmic Read Efficiency

  • Ioannis DemertzisEmail author
  • Dimitrios Papadopoulos
  • Charalampos Papamanthou
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10991)


We propose the first linear-space searchable encryption scheme with constant locality and sublogarithmic read efficiency, strictly improving the previously best known read efficiency bound (Asharov et al., STOC 2016) from \(\varTheta (\log N \log \log N)\) to \(O(\log ^{\gamma } N)\) where \(\gamma =\frac{2}{3}+\delta \) for any fixed \(\delta >0\) and where N is the number of keyword-document pairs. Our scheme employs four different allocation algorithms for storing the keyword lists, depending on the size of the list considered each time. For our construction we develop (i) new probability bounds for the offline two-choice allocation problem; (ii) and a new I/O-efficient oblivious RAM with \(\tilde{O}(n^{1/3})\) bandwidth overhead and zero failure probability, both of which can be of independent interest.



We thank Jiaheng Zhang for indicating a tighter analysis for Theorem 6 and for his feedback on the algorithm for allocating large keyword lists, and the reviewers for their comments. Work supported in part by NSF awards #1526950, #1514261 and #1652259, HKUST award IGN16EG16, a Symantec PhD fellowship, and a NIST award.


  1. 1.
  2. 2.
    Enron Email Dataset.
  3. 3.
  4. 4.
    USPS Dataset.
  5. 5.
    Asharov, G., Chan, T.H., Nayak, K., Pass, R., Ren, L., Shi, E.: Oblivious computation with data locality. IACR Cryptology ePrint (2017)Google Scholar
  6. 6.
    Asharov, G., Naor, M., Segev, G., Shahaf, I.: Searchable symmetric encryption: optimal locality in linear space via two-dimensional balanced allocations. In: STOC (2016)Google Scholar
  7. 7.
    Asharov, G., Segev, G., Shahaf, I.: Tight tradeoffs in searchable symmetric encryption. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10991, pp. 407–436. Springer, Heidelberg (2018)Google Scholar
  8. 8.
    Batcher, K.E.: Sorting networks and their applications. In: AFIPS (1968)Google Scholar
  9. 9.
    Berenbrink, P., Czumaj, A., Steger, A., Vöcking, B.: Balanced allocations: the heavily loaded case. In: STOC (2000)Google Scholar
  10. 10.
    Cash, D., et al.: Dynamic searchable encryption in very-large databases: data structures and implementation. In: NDSS (2014)Google Scholar
  11. 11.
    Cash, D., Tessaro, S.: The locality of searchable symmetric encryption. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 351–368. Springer, Heidelberg (2014). Scholar
  12. 12.
    Curtmola, R., Garay, J.A., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. JCS 9(5), 895–934 (2011)CrossRefGoogle Scholar
  13. 13.
    Demertzis, I., Papadopoulos, D., Papamanthou, C.: Searchable encryption with optimal locality: achieving sublogarithmic read efficiency. In: CRYPTO 2018 (2018).
  14. 14.
    Demertzis, I., Papadopoulos, S., Papapetrou, O., Deligiannakis, A., Garofalakis, M.: Practical private range search revisited. In: SIGMOD (2016)Google Scholar
  15. 15.
    Demertzis, I., Papadopoulos, S., Papapetrou, O., Deligiannakis, A., Garofalakis, M., Papamanthou, C.: Practical private range search in depth. In: TODS (2018)Google Scholar
  16. 16.
    Demertzis, I., Papamanthou, C.: Fast searchable encryption with tunable locality. In: SIGMOD (2017)Google Scholar
  17. 17.
    Dubhashi, D.P., Ranjan, D.: Balls and bins: a study in negative dependence. Random Struct. Algorithms 13(2), 99–124 (1998)MathSciNetCrossRefGoogle Scholar
  18. 18.
    Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious rams. J. ACM 43(3), 431–473 (1996)MathSciNetCrossRefGoogle Scholar
  19. 19.
    Goodrich, M.T.: Data-oblivious external-memory algorithms for the compaction, selection, and sorting of outsourced data. In: SPAA (2011)Google Scholar
  20. 20.
    Goodrich, M.T., Mitzenmacher, M.: Privacy-preserving access of outsourced data via oblivious RAM simulation. In: Aceto, L., Henzinger, M., Sgall, J. (eds.) ICALP 2011. LNCS, vol. 6756, pp. 576–587. Springer, Heidelberg (2011). Scholar
  21. 21.
    Goodrich, M.T., Mitzenmacher, M., Ohrimenko, O., Tamassia, R.: Oblivious RAM simulation with efficient worst-case access overhead. In: CCSW (2011)Google Scholar
  22. 22.
    Granboulan, L., Pornin, T.: Perfect block ciphers with small blocks. In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 452–465. Springer, Heidelberg (2007). Scholar
  23. 23.
    Kamara, S., Papamanthou, C.: Parallel and dynamic searchable symmetric encryption. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 258–274. Springer, Heidelberg (2013). Scholar
  24. 24.
    Kamara, S., Papamanthou, C., Roeder, T.: Dynamic searchable symmetric encryption. In: CCS (2012)Google Scholar
  25. 25.
    Miers, I., Mohassel, P.: IO-DSSE: scaling dynamic searchable encryption to millions of indexes by improving locality. In: NDSS (2017)Google Scholar
  26. 26.
    Morris, B., Rogaway, P.: Sometimes-recurse shuffle - almost-random permutations in logarithmic expected time. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 311–326. Springer, Heidelberg (2014). Scholar
  27. 27.
    Ohrimenko, O., Goodrich, M.T., Tamassia, R., Upfal, E.: The Melbourne shuffle: improving oblivious storage in the cloud. In: Esparza, J., Fraigniaud, P., Husfeldt, T., Koutsoupias, E. (eds.) ICALP 2014. LNCS, vol. 8573, pp. 556–567. Springer, Heidelberg (2014). Scholar
  28. 28.
    Sanders, P., Egner, S., Korst, J.H.M.: Fast concurrent access to parallel disks. Algorithmica 35(1), 21–55 (2003)MathSciNetCrossRefGoogle Scholar
  29. 29.
    Schoenmakers, L.A.: A new algorithm for the recognition of series parallel graphs. Technical report, Amsterdam, The Netherlands (1995)Google Scholar
  30. 30.
    Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: SP (2000)Google Scholar
  31. 31.
    Stefanov, E., Papamanthou, C., Shi, E.: Practical dynamic searchable encryption with small leakage. In: NDSS (2014)Google Scholar
  32. 32.
    Stefanov, E., Shi, E.: FastPRP: fast pseudo-random permutations for small domains. IACR Cryptology ePrint (2012)Google Scholar
  33. 33.
    Stefanov, E., et al.: Path ORAM: an extremely simple oblivious RAM protocol. In: CCS (2013)Google Scholar
  34. 34.
    Zahur, S., et al.: Revisiting square-root ORAM: efficient random access in multi-party computation. In: SP (2016)Google Scholar

Copyright information

© International Association for Cryptologic Research 2018

Authors and Affiliations

  • Ioannis Demertzis
    • 1
    Email author
  • Dimitrios Papadopoulos
    • 2
  • Charalampos Papamanthou
    • 1
  1. 1.University of MarylandCollege ParkUSA
  2. 2.Hong Kong University of Science and TechnologyKowloonHong Kong

Personalised recommendations