Abstract
Search over encrypted data is a technique of great interest in the cloud computing era, because many believe that sensitive data has to be encrypted before outsourcing to the cloud servers in order to ensure user data privacy. Devising an efficient and secure search scheme over encrypted data involves techniques from multiple domains – information retrieval for index representation, algorithms for search efficiency, and proper design of cryptographic protocols to ensure the security and privacy of the overall system. This chapter provides a basic introduction to the problem definition, system model, and reviews the state-of-the-art mechanisms for implementing privacy-preserving keyword search over encrypted data. We also present one integrated solution, which hopefully offer more insights into this important problem.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Precision is defined to be the fraction of returned top-k documents that are included in the real top-k list, while rank privacy measures the rank order variation between the returned top-k documents and real top-k documents.
- 2.
We do not differentiate term and keyword hereafter.
- 3.
It is used to measure how important a specific term is to a particular document.
- 4.
It implies that this frequency of a term tends to be inversely proportional to its ranking.
- 5.
The background dataset is collected from the recent 10 years’ IEEE INFOCOM publications.
- 6.
All the experimental results in [39] are obtained from implementation of the proposed secure search system using JAVA on a Linux Server with Intel Core i3 Processor 3.3 GHz.
- 7.
The baseline search is with respect to the original MD-algorithm. The strategies 1 is proposed from the observation 1. Likewise, the strategy 2 is from the observation 2 and the strategy 3 from the observation 3.
References
Keyword and search engines statistics. http://www.keyworddiscovery.com/keyword-stats.html?date=2013-01-01 (2013)
Atallah, M.J., Frikken, K.B.: Securely outsourcing linear algebra computations. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, pp. 48–59. ACM (2010)
Atallah, M.J., Li, J.: Secure outsourcing of sequence comparisons. International Journal of Information Security 4(4), 277–287 (2005)
Attrapadung, N., Libert, B.: Functional encryption for inner product: Achieving constant-size ciphertexts with adaptive security or support for negation. In: Public Key Cryptography–PKC 2010, pp. 384–402. Springer (2010)
Azab, A.M., Ning, P., Zhang, X.: Sice: a hardware-level strongly isolated computing environment for x86 multi-core platforms. In: Proceedings of the 18th ACM conference on Computer and communications security, pp. 375–388. ACM (2011)
Bao, F., Deng, R.H., Ding, X., Yang, Y.: Private query on encrypted data in multi-user settings. In: Information Security Practice and Experience, pp. 71–85. Springer (2008)
Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: Advances in Cryptology-Eurocrypt 2004, pp. 506–522. Springer (2004)
Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Advances in Cryptology – CRYPTO 2001, pp. 213–229. Springer (2001)
Boneh, D., Waters, B.: Conjunctive, subset, and range queries on encrypted data. In: Proceedings of the 4th conference on Theory of cryptography, pp. 535–554. Springer-Verlag (2007)
Cao, N., Wang, C., Li, M., Ren, K., Lou, W.: Privacy-preserving multi-keyword ranked search over encrypted cloud data. In: Proceedings of IEEE INFOCOM, pp. 829–837 (2011)
Chang, Y.C., Mitzenmacher, M.: Privacy preserving keyword searches on remote encrypted data. In: Applied Cryptography and Network Security, pp. 442–455. Springer (2005)
Chor, B., Kushilevitz, E., Goldreich, O., Sudan, M.: Private information retrieval. Journal of the ACM 45(6), 965–981 (1998)
Chuah, M., Hu, W.: Privacy-aware bedtree based solution for fuzzy multi-keyword search over encrypted data. In: Distributed Computing Systems Workshops (ICDCSW), 2011 31st International Conference on, pp. 273–281. IEEE (2011)
Comer, D.: Ubiquitous b-tree. ACM computing surveys 11(2), 121–137 (1979)
Curtmola, R., Garay, J., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. In: Proceedings of the 13th ACM conference on Computer and communications security, pp. 79–88. ACM (2006)
Gentry, C.: A fully homomorphic encryption scheme. Ph.D. thesis, Stanford University (2009)
Goh, E.J.: Secure indexes. Cryptology ePrint Archive. http://eprint.iacr.org/2003/216 (2003)
Golle, P., Staddon, J., Waters, B.: Secure conjunctive keyword search over encrypted data. In: ACNS 04: 2nd International Conference on Applied Cryptography and Network Security, pp. 31–45. Springer-Verlag (2004)
Hohenberger, S., Lysyanskaya, A.: How to securely outsource cryptographic computations. In: Theory of Cryptography, pp. 264–282. Springer (2005)
Hwang, Y.H., Lee, P.J.: Public key encryption with conjunctive keyword search and its extension to a multi-user system. In: Pairing-Based Cryptography–Pairing 2007, pp. 2–22. Springer (2007)
Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Cryptography from anonymity. In: the 47th Annual IEEE Symposium on Foundations of Computer Science, pp. 239–248. IEEE (2006)
Kamara, S., Papamanthou, C., Roeder, T.: Dynamic searchable symmetric encryption. In: Proceedings of the 2012 ACM conference on Computer and communications security, pp. 965–976. ACM (2012)
Katz, J., Sahai, A., Waters, B.: Predicate encryption supporting disjunctions, polynomial equations, and inner products. In: Advances in Cryptology–EUROCRYPT 2008, pp. 146–162. Springer (2008)
Keller, E., Szefer, J., Rexford, J., Lee, R.B.: Nohype: virtualized cloud infrastructure without the virtualization. In: ACM SIGARCH Computer Architecture News, vol. 38, pp. 350–361. ACM (2010)
Krebs, B.: Payment processor breach may be largest ever. http://voices.washingtonpost.com/securityfix/2009/01/payment_processor_breach_may_b.html (2009)
Li, J., Wang, Q., Wang, C., Cao, N., Ren, K., Lou, W.: Fuzzy keyword search over encrypted data in cloud computing. In: INFOCOM, 2010 Proceedings IEEE, pp. 1–5. IEEE (2010)
Li, M., Yu, S., Cao, N., Lou, W.: Authorized private keyword search over encrypted data in cloud computing. In: Distributed Computing Systems (ICDCS), 2011 31st International Conference on, pp. 383–392. IEEE (2011)
Li, M., Yu, S., Zheng, Y., Ren, K., Lou, W.: Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Transactions on Parallel and Distributed Systems 24(1), 131–143 (2013)
Liu, C., Zhu, L., Li, L., Tan, Y.: Fuzzy keyword search on encrypted cloud storage data with small index. In: Cloud Computing and Intelligence Systems (CCIS), 2011 IEEE International Conference on, pp. 269–273. IEEE (2011)
Lu, Y.: Privacy-preserving logarithmic-time search on encrypted data in cloud. In: 19th Annual Network and Distributed System Security Symposium (NDSS Symposium’12) (2012)
NIST: NIST’s dictionary of algorithms and data structures: inverted index. http://xlinux.nist.gov/dads/HTML/invertedIndex.html
Ondreička, M., Pokornỳ, J.: Extending fagin’s algorithm for more users based on multidimensional b-tree. In: Advances in Databases and Information Systems, pp. 199–214. Springer (2008)
Scheuermann, P., Ouksel, M.: Multidimensional b-trees for associative searching in database systems. Information systems 7(2), 123–137 (1982)
Shen, E., Shi, E., Waters, B.: Predicate privacy in encryption systems. In: Theory of Cryptography, pp. 457–473. Springer (2009)
Sheridan, J., Cooper, C.: Defending the cloud. http://www.reactionpenetrationtesting.co.uk/Defending%20the%20Cloud%20v1.0.pdf (2012)
Shi, E., Bethencourt, J., Chan, H., Song, D., Perrig, A.: Multi-dimensional range query over encrypted data. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 350–364 (2007)
Slocum, Z.: Your google docs: Soon in search results? http://news.cnet.com/8301-17939_109-1035713%207-2.html (2009)
Song, D., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 44–55 (2000)
Sun, W., Wang, B., Cao, N., Li, M., Lou, W., Hou, Y.T., Li, H.: Privacy-preserving multi-keyword text search in the cloud supporting similarity-based ranking. In: Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security, pp. 71–82. ACM (2013)
Swaminathan, A., Mao, Y., Su, G.M., Gou, H., Varna, A.L., He, S., Wu, M., Oard, D.W.: Confidentiality-preserving rank-ordered search. In: Proceedings of the 2007 ACM Workshop on Storage Security and Survivability, pp. 7–12 (2007)
Szefer, J., Keller, E., Lee, R.B., Rexford, J.: Eliminating the hypervisor attack surface for a more secure cloud. In: Proceedings of the 18th ACM conference on Computer and communications security, pp. 401–412. ACM (2011)
Van Liesdonk, P., Sedghi, S., Doumen, J., Hartel, P., Jonker, W.: Computationally efficient searchable symmetric encryption. In: Secure Data Management, pp. 87–100. Springer (2010)
Wang, C., Cao, N., Ren, K., Lou, W.: Enabling secure and efficient ranked keyword search over outsourced cloud data. IEEE Transactions on Parallel and Distributed Systems 23(8), 1467–1479 (2012)
Wang, C., Ren, K., Wang, J.: Secure and practical outsourcing of linear programming in cloud computing. In: INFOCOM, 2011 Proceedings IEEE, pp. 820–828. IEEE (2011)
Witten, I.H., Moffat, A., Bell, T.C.: Managing gigabytes: Compressing and indexing documents and images. Morgan Kaufmann Publishing, San Francisco, May 1999
Wong, W.K., Cheung, D.W.l., Kao, B., Mamoulis, N.: Secure knn computation on encrypted databases. In: Proceedings of the 2009 ACM SIGMOD International Conference on Management of data, pp. 139–152. ACM (2009)
Yang, Y., Lu, H., Weng, J.: Multi-user private keyword search for cloud computing. In: Cloud Computing Technology and Science (CloudCom), 2011 IEEE Third International Conference on, pp. 264–271. IEEE (2011)
Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: Proceedings of IEEE INFOCOM, pp. 1–9 (2010)
Zerr, S., Olmedilla, D., Nejdl, W., Siberski, W.: Zerber+ r: Top-k retrieval from a confidential index. In: Proceedings of the 12th International Conference on Extending Database Technology: Advances in Database Technology, pp. 439–449. ACM (2009)
Zhang, N., Li, M., Lou, W., Hou, Y.T.: Mushi: Toward multiple level security cloud with strong hardware level isolation. In: MILITARY COMMUNICATIONS CONFERENCE, 2012-MILCOM 2012, pp. 1–6. IEEE (2012)
Acknowledgments
This work was supported in part by the NSFC 61272457, the FRFCU K50511010001, the PCSIRT 1078, the National 111 Project B08038, and the U.S. NSF grant CNS-1217889.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer Science+Business Media New York
About this chapter
Cite this chapter
Sun, W., Lou, W., Hou, Y.T., Li, H. (2014). Privacy-Preserving Keyword Search Over Encrypted Data in Cloud Computing. In: Jajodia, S., Kant, K., Samarati, P., Singhal, A., Swarup, V., Wang, C. (eds) Secure Cloud Computing. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-9278-8_9
Download citation
DOI: https://doi.org/10.1007/978-1-4614-9278-8_9
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4614-9277-1
Online ISBN: 978-1-4614-9278-8
eBook Packages: Computer ScienceComputer Science (R0)