Multi-User Private Keyword Search for Cloud Computing

Yang, Yanjiang; Lu, Haibing; Weng, Jian

doi:10.1109/cloudcom.2011.43

Cited by 92 publications

(53 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The trend of distributing searchable encryption schemes into cloud [16,25,23,24] highlights the potential risks of search pattern leakage (as well as access pattern leakage). That is because large amounts of data centralizing into the cloud servers affiliates effective statistic attacks.…”

Section: Related Workmentioning

confidence: 99%

Search pattern leakage in searchable encryption: Attacks and new construction

Liu¹,

Zhu²,

Wang³

et al. 2014

Information Sciences

177

107

View full text Add to dashboard Cite

Searching on remote encrypted data (commonly known as searchable encryption) has become an important issue in secure data outsourcing, since it allows users to outsource encrypted data to an untrusted third party while maintains the capability of keyword search on the data.Searchable encryption can be achieved using the classical method called oblivious RAM, but the resultant schemes are too inefficient to be applied in the real-world scenarios (e.g., cloud computing). Recently, a number of efficient searchable encryption schemes have been proposed under weaker security guarantees. Such schemes, however, still leak statistical information about the users' search pattern.In this paper, we first present two concrete attack methods to show that the search pattern leakage will result in such a situation: an adversary who has some auxiliary knowledge can uncover the underlying keywords of user queries. To address this issue, we then develop a grouping-based construction (GBC) to transform an existing searchable encryption scheme to a new scheme hiding the search pattern. Finally, experiments based on the realworld dataset demonstrate the effectiveness of our attack methods and the feasibility of our construction.

show abstract

Section: Related Workmentioning

confidence: 99%

Search pattern leakage in searchable encryption: Attacks and new construction

Liu¹,

Zhu²,

Wang³

et al. 2014

Information Sciences

177

107

View full text Add to dashboard Cite

show abstract

“…MUSE is a recent but active research topic [3,4,11,14,24,25,27,30,31,33]. We note however that despite the obvious risk that the CSP obtains some prior knowledge in a MUSE system through colluding users, only few schemes on MUSE [24,25,27] consider this risk in their security model.…”

Section: Multi-user Searchable Encryptionmentioning

confidence: 99%

“…A large number of MUSE schemes [3,4,11,14,24,25,30,31,33] share a common algorithmic structure regarding the application of queries on encrypted indices. In this structure, which we call iterative testing, an encrypted index denoted as C i is built by encrypting each keyword of W i separately.…”

Section: Common Weakness For Many Muse Schemesmentioning

confidence: 99%

A Leakage-Abuse Attack Against Multi-User Searchable Encryption

Rompay

Molva

Önen

2017

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

Searchable Encryption (SE) allows a user to upload data to the cloud and to search it in a remote fashion while preserving the privacy of both the data and the queries. Recent research results describe attacks on SE schemes using the access pattern, denoting the ids of documents matching search queries, which most SE schemes reveal during query processing. However SE schemes usually leak more than just the access pattern, and this extra leakage can lead to attacks (much) more harmful than the ones using basic access pattern leakage only. We remark that in the special case of Multi-User Searchable Encryption (MUSE), where many users upload and search data in a cloud-based infrastructure, a large number of existing solutions have a common leakage in addition to the well-studied access pattern leakage. We show that this seemingly small extra leakage allows a very simple yet powerful attack, and that the privacy degree of the affected schemes have been overestimated. We also show that this new vulnerability affects existing software. Finally we formalize the newly identified leakage profile and show how it relates to previously defined ones.

show abstract

“…Yanjiang Yang et al [16], Dan Boneh et al [2] and others proposed research work in the Searchable Encryption field. Most of these researches are based on creating an index of keywords for the searchable encrypted file and mapping the indexes to the words when searched.…”

Section: Related Workmentioning

confidence: 99%

“…This approach for searchable encryption uses deterministic encryption in which case the same word gets encrypted to the same cipher text each time. Unlike usual approaches of using indexes for searching keywords, implementation of searchable encryption by Song et al [16] is based on sequential scan of the entire document for the keyword.…”

Section: Searchable Symmetric Encryptionmentioning

confidence: 99%

A Practical Security Framework for Cloud Storage and Computation

Premkumar¹,

Kumar²,

Mukherjee³

2015

IJCCE

View full text Add to dashboard Cite

Cloud computing is a fast growing technology that transforms the way IT services is used in businesses. Collaborative cloud or federated cloud extends this potential even more by offering true unlimited capacity. Despite its potential to provide millions of organizations with storage and computational power at low costs and great speed, many organizations are still skeptical to use these services due to security concerns. This is because "privacy" in cloud has not been well defined and involves trust on the Cloud Service Provider. The objective of this paper is to propose a novel method, which provides a secure way of storing data in the cloud, and at the same time, allows the user to perform some computation on the stored data without compromising the security of the data. This method combines the ideas of searchable encryption with partial homomorphism. The applicability of this idea and its strengths has been tested with appropriate experiments.

show abstract

Multi-User Private Keyword Search for Cloud Computing

Cited by 92 publications

References 7 publications

Search pattern leakage in searchable encryption: Attacks and new construction

Search pattern leakage in searchable encryption: Attacks and new construction

A Leakage-Abuse Attack Against Multi-User Searchable Encryption

A Practical Security Framework for Cloud Storage and Computation

Contact Info

Product

Resources

About