Leakage-Suppressed Range Query Scheme for Structured Data in IoT

The structured data collected by the Internet of Things can be encrypted for protecting the user's privacy. Range query can be used to get the expected data with some specific attributes among the encrypted data, that is, given the upper and lower limits $(x, y)$ of a certain attribute, the range query will get all the records whose corresponding attribute values are in $(x, y)$. However, in the structured encryption scheme with range query, there is a certain amount of information leakage, which will lead to the so-called inference attacks, i.e., the attacker can obtain the user's attribute values. To hide attribute values and their relationship, this article transformed the problem of the numerical comparison between two attribute values into the problem of the intersection of two sets. By using the Bloom filter, the elements in the attribute value collection are recorded and determined whether the intersection of the two sets is empty. This ensures that our scheme effectively resists inference attacks. Besides, by multiplying the endpoints of the range interval by a large number, we gave an improved scheme to hide the user's search pattern. In the query process, our scheme will not leak the upper and lower limits of the range value and will not leak the relationship between the attribute value and the range interval. This will prevent the attacker from inducing the relationship of attribute values by multiple range queries. Finally, we conducted a simulation evaluation of the scheme by using the published novel coronavirus pneumonia data, and the results show that our scheme has a better performance than the existing schemes.

Automated summary

This article encrypts attribute values using methods such as Bloom filters to effectively prevent inference attacks, while hiding user search patterns by multiplying by a large number to protect user privacy. The simulation evaluation showed better performance compared to existing schemes, demonstrating the effectiveness of the proposed encryption methods in protecting user data.