4.7 Article

SAP-SSE: Protecting Search Patterns and Access Patterns in Searchable Symmetric Encryption

IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY (2021)

Get Full Text
Add to Collection

Journal

IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY
Volume 16, Issue -, Pages 1795-1809

Publisher

IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
DOI: 10.1109/TIFS.2020.3042058

Keywords

Indexes; Cryptography; Encryption; Databases; Cloud computing; Protocols; Transforms; Searchable symmetric encryption; access pattern leakage; search pattern leakage

Categories

Computer Science, Theory & Methods Engineering, Electrical & Electronic

Funding

  1. National Key Research and Development Program of China [2018YFB1800304]
  2. NSFC [61572278]
  3. U.S. ONR [N00014-16-1-3214, N00014-18-2893]
  4. U.S. ARO [W911NF-17-1-0447]
  5. Research Grants Council of Hong Kong [CityU 11217819, CityU 11217620]

Ask authors/readers for more resources

Protocol

Community support

Reagent

Community support

The proposed SAP-SSE scheme in this paper protects both access patterns and search patterns in a generic database setting by leveraging re-encryption cryptosystems to shuffle index entries over multiple clouds for protecting search patterns, and distributing secure indexes to multiple clouds along with an index redistribution protocol for protecting access patterns. Additionally, it provides a configurable security policy to balance security and efficiency while preventing pattern leakage with low overhead, as demonstrated by formal security analysis and experimental evaluation.
Searchable symmetric encryption (SSE) enables users to search over encrypted documents in untrusted clouds without leaking the search keywords to the clouds. Existing SSE schemes achieve high search efficiency at the expense of leaking access patterns and search patterns, where clouds can recover a large percentage of queried keywords using the leaked access patterns and search patterns. To prevent clouds from recovering users' keywords, researchers have proposed a number of solutions to protect either search patterns or access patterns. However, none of them can protect both access patterns and search patterns. Moreover, existing SSE schemes cannot work in the generic database setting that allows multiple users to write or read over encrypted documents. In this paper, we propose an efficient searchable symmetric encryption scheme, called SAP-SSE, which protects both access patterns and search patterns in the generic database setting. The main idea of protecting search patterns is to leverage re-encryption cryptosystems to shuffle index entries over multiple clouds. To protect access patterns, we distribute secure indexes to multiple clouds and then propose an index redistribution protocol that allows users to renew index entries in clouds. Furthermore, SAP-SSE provides a configurable security policy to balance security and efficiency. Formal security analysis and experimental evaluation show that SAP-SSE can prevent pattern leakage with low overhead.

Authors

I am an author on this paper
Click your name to claim this paper and add it to your profile.

Reviews

Primary Rating

4.7
Not enough ratings

Secondary Ratings

Novelty
-
Significance
-
Scientific rigor
-
Rate this paper

Recommended

No Data Available
No Data Available
Webinars Posters Questions Hubs Funding Journals Papers Connect Collections Reviewers About Us FAQs Mobile App Privacy Policy Terms of Use
© Peeref 2019-2024. All rights reserved.