Threshold Privacy Preserving Keyword Searches

Wang, Peishun; Wang, Huaxiong; Pieprzyk, Josef

doi:10.1007/978-3-540-77566-9_56

Cited by 35 publications

(29 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We find that both schemes [10,13] are limited to a fixed number of users and fixed threshold value at the key generation stage. It makes adding or removing a user impossible, and changing the threshold value for individual ciphertext impossible.…”

Section: Related Workmentioning

confidence: 96%

“…Wang et al [13] decentralised the ability of trapdoor generation to multi-user in a threshold manner, which requires at least k of n users to generate the trapdoor. Siad [10] gave a formal definition of threshold public key encryption with keyword search (TPEKS), and generically constructed a TPEKS scheme with threshold (n, t)-IBE but no concrete scheme is provided.…”

Section: Related Workmentioning

confidence: 99%

“…Siad [10] gave a formal definition of threshold public key encryption with keyword search (TPEKS), and generically constructed a TPEKS scheme with threshold (n, t)-IBE but no concrete scheme is provided. In Wang et al's scheme [13], a trusted centralised manager is required to generate the private keys for all users. To enhance the security, Siad's scheme [10] leverages a distributed protocol in private keys generation instead of a trusted third party.…”

Section: Related Workmentioning

confidence: 99%

“…Our scheme does not fix the user group and the threshold value at the system setup, and only one private-public key pair is required for each user. Thus we solve Wang et al's open problem for dynamic group [13].…”

Section: Our Contributionmentioning

confidence: 99%

See 3 more Smart Citations

Threshold Broadcast Encryption with Keyword Search

Zhang

Yang

2016

Information Security and Cryptology

View full text Add to dashboard Cite

Many users store their data in a cloud, which might not be fully trusted, for the purpose of convenient data access and sharing. For efficiently accessing the stored data, keyword search can be performed by the cloud server remotely with a single query from the user. However, the cloud server cannot directly search the data if it is encrypted. One of solutions could be to allow the user to download the encrypted data, in order to carry out a search; however, it might consume huge network bandwidth. To solve this problem, the notion of keyword search on encrypted data (searchable encryption) has been proposed. In this paper, a special variant of searchable encryption with threshold access is studied. Unlike some previous proposals which have fixed group and fixed threshold value, we define a new notion named Threshold Broadcast Encryption with Keyword Search (TBEKS) for dynamic groups and flexible threshold values. We formalize the security of a TBEKS scheme via a new security model named IND-T-CKA which captures indistinguishability against chosen keyword attacks in the threshold setting. We also propose the first practical TBEKS scheme with provable security in our IND-T-CKA security model, assuming the hardness of the Decisional Bilinear DiffieHellman problem. Abstract. Many users store their data in a cloud, which might not be fully trusted, for the purpose of convenient data access and sharing. For efficiently accessing the stored data, keyword search can be performed by the cloud server remotely with a single query from the user. However, the cloud server cannot directly search the data if it is encrypted. One of solutions could be to allow the user to download the encrypted data, in order to carry out a search; however, it might consume huge network bandwidth. To solve this problem, the notion of keyword search on encrypted data (searchable encryption) has been proposed. In this paper, a special variant of searchable encryption with threshold access is studied. Unlike some previous proposals which have fixed group and fixed threshold value, we define a new notion named Threshold Broadcast Encryption with Keyword Search (TBEKS) for dynamic groups and flexible threshold values. We formalize the security of a TBEKS scheme via a new security model named IND-T-CKA which captures indistinguishability against chosen keyword attacks in the threshold setting. We also propose the first practical TBEKS scheme with provable security in our IND-T-CKA security model, assuming the hardness of the Decisional Bilinear Diffie-Hellman problem.

show abstract

Section: Related Workmentioning

confidence: 96%

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Our Contributionmentioning

confidence: 99%

See 2 more Smart Citations

Threshold Broadcast Encryption with Keyword Search

Zhang

Yang

2016

Information Security and Cryptology

View full text Add to dashboard Cite

show abstract

“…Several techniques have been proposed allowing authorised users to perform efficient queries on the encrypted data while not revealing information on the data and the query [33,7,15,10,18,8,35,5,28,32,14]. However, these techniques do not support the case of users having different access rights over the protected data.…”

Section: Related Workmentioning

confidence: 99%

ESPOONERBAC: Enforcing security policies in outsourced environments

Asghar¹,

Ion²,

Russello³

et al. 2013

Computers & Security

View full text Add to dashboard Cite

Data outsourcing is a growing business model offering services to individuals and enterprises for processing and storing a huge amount of data. It is not only economical but also promises higher availability, scalability, and more effective quality of service than in-house solutions. Despite all its benefits, data outsourcing raises serious security concerns for preserving data confidentiality. There are solutions for preserving confidentiality of data while supporting search on the data stored in outsourced environments. However, such solutions do not support access policies to regulate access to a particular subset of the stored data.For complex user management, large enterprises employ Role-Based Access Controls (RBAC) models for making access decisions based on the role in which a user is active in. However, RBAC models cannot be deployed in outsourced environments as they rely on trusted infrastructure in order to regulate access to the data. The deployment of RBAC models may reveal private information about sensitive data they aim to protect. In this paper, we aim at filling this gap by proposing ESPOON ERBAC for enforcing RBAC policies in outsourced environments. ESPOON ERBAC enforces RBAC policies in an encrypted manner where a curious service provider may learn a very limited information about RBAC policies. We have implemented ESPOON ERBAC and provided its performance evaluation showing a limited overhead, thus confirming viability of our approach.

show abstract

Searchable encryption: A survey on privacy‐preserving search schemes on encrypted outsourced data

Handa

Krishna

Aggarwal

2019

Concurrency and Computation

View full text Add to dashboard Cite

Outsourcing confidential data to cloud storage leads to privacy challenges that can be reduced using encryption. However, with encryption in place, the utilization of the data is reduced, which leads to reduced quality of experience of the users. To overcome this, searchable encryption (SE) schemes are utilized, which allow the end users to retrieve the relevant documents from the cloud, for which various researchers have worked utilizing different techniques. Despite the popularity of the searchable encryption schemes, most of the surveys either do not provide or present an incomplete taxonomy of SE schemes. Hence, in this paper, we attempt to present a complete taxonomy/classification of the searchable encryption schemes in terms of the type of search, type of index, results retrieved, implementation type, multiplicity of users, and the technique used. From the literature, it is observed that inner product similarity is widely adopted by researchers to compute the similarity of the query and the document index as it provides both conjunctive and disjunctive searching (ie, have better search capability) but requires high search time (ie, have lower search efficiency). On the other hand, schemes based on binary comparisons exist, which require less search time (ie, have better search efficiency) but support only conjunctive searching (ie, have limited search capability). Thus, a major conclusion drawn from our work is that there is an imbalance between search capability and search efficiency, ie, in the existing schemes, search capability can be improved at the cost of search time only. Therefore, we suggest that one direction where researchers should work on is to provide a balance between search capability and search efficiency.

show abstract

Threshold Privacy Preserving Keyword Searches

Cited by 35 publications

References 8 publications

Threshold Broadcast Encryption with Keyword Search

Threshold Broadcast Encryption with Keyword Search

ESPOONERBAC: Enforcing security policies in outsourced environments

Searchable encryption: A survey on privacy‐preserving search schemes on encrypted outsourced data

Contact Info

Product

Resources

About