Abstract
Cloud computing facilitates convenient and on-demand network access to a centralized pool of resources. Currently, many users prefer to outsource data to the cloud in order to mitigate the burden of local storage. However, storing sensitive data on remote servers poses privacy challenges and is currently a source of concern. SE (Searchable Encryption) is a positive way to protect users sensitive data, while preserving search ability on the server side. SE allows the server to search encrypted data without leaking information in plaintext data. The two main branches of SE are SSE (Searchable Symmetric Encryption) and PEKS (Public key Encryption with Keyword Search). SSE allows only private key holders to produce ciphertexts and to create trapdoors for search, whereas PEKS enables a number of users who know the public key to produce ciphertexts but allows only the private key holder to create trapdoors. This article surveys the two main techniques of SE: SSE and PEKS. Different SE schemes are categorized and compared in terms of functionality, efficiency, and security. Moreover, we point out some valuable directions for future work on SE schemes.
Article PDF
Similar content being viewed by others
Avoid common mistakes on your manuscript.
References
CURTMOLA R, GARAY J, KAMARA S, et al. Searchable symmetric encryption: improved definitions and efficient constructions[C]//Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, USA, 2016: 79–88.
SONG D X, WAGNER D, PERRIG A. Practical techniques for searches on encrypted data[C]//2000 IEEE Symposium on Security and Privacy, Berkeley, California, USA, 2000: 44–55.
GOH E J. Secure indexes[J]. IACR cryptology eprint archive, 2003: 216.
BLOOM, B H. Space/time trade-offs in hash coding with allowable errors[J]. Communications of the ACM, 1970, 131(5): 451–459.
VAN LIESDONK P, SEDGHI S, DOUMEN J, et al. Computationally efficient searchable symmetric encryption[C]//Proceedings of the 7th VLDB Workshop on Secure Data Management, Singapore, 2010: 87–100.
KAMARA S, PAPAMANTHOU C, ROEDER T. Dynamic searchable symmetric encryption[C]//The ACM Conference on Computer and Communications Security, Raleigh, USA, 2012: 965–976.
KAMARA S, PAPAMANTHOU C. Parallel and dynamic searchable symmetric encryption[C]//The 17th International Conference on Financial Cryptography and Data Security, Okinawa, Japan, 2013: 258–274.
STEFANOV E, PAPAMANTHOU C, SHI E. Practical dynamic searchable encryption with small leakage[C]//The 21st Annual Network and Distributed System Security Symposium, California, USA, 2014: 23–26.
CASH D, JAEGER J, JARECKI S, et al. Dynamic searchable encryption in very-large databases: data structures and implementation[J]. IACR cryptology eprint archive, 2014: 853.
NAVEED M, PRABHAKARAN M, GUNTER C A. Dynamic searchable encryption via blind storage[C]//2014 IEEE Symposium on Security and Privacy, Berkeley, USA, 2014: 639–654.
HAHN F, KERSCHBAUM F. Searchable encryption with secure and efficient updates[C]//Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, USA, 2014: 310–320.
GAJEK S. Dynamic symmetric searchable encryption from constrained functional encryption[C]//The Cryptographers Track at the RSA Conference, San Francisco, USA, 2016: 75–89.
CASH D, GRUBBS P, PERRY J, et al. Leakage-abuse attacks against searchable encryption[C]//Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, USA, 2015: 668–679.
ZHANG Y, KATZ J, PAPAMANTHOU C. All your queries are belong to us: the power of file-injection attacks on searchable encryption[C]//The 25th USENIX Security Symposium, Austin, USA, 2016: 707–720.
ISHAI Y, KUSHILEVITZ E, LU S, et al. Private large-scale databases with distributed searchable symmetric encryption[C]//Cryptographers Track at the RSA Conference, San Francisco, USA, 2016: 90–107.
KAMARA S, MOATAZ T. SQL on structurally-encrypted databases[R]. Cryptology ePrint Archive, Report 2016/453, 2016.
ASHAROV G, NAOR M, SEGEV G, et al. Searchable symmetric encryption: optimal locality in linear space via two-dimensional balanced allocations [C]//Proceedings of the 48th Annual ACM SIGACT Symposium on Theory of Computing, Cambridge, USA, 2016: 1101–1114.
LI J, WANG Q, WANG C, et al. Fuzzy keyword search over encrypted data in cloud computing[C]//The 29th IEEE International Conference on Computer, San Diego, USA, 2010: 441–445.
KUZU M, ISLAM M S, KANTARCIOGLU M. Efficient similarity search over encrypted data[C]//The 28th IEEE International Conference on Data Engineering, Washington, USA, 2012: 1156–1167.
WANG J, MA H, TANG Q, et al. Efficient verifiable fuzzy keyword search over encrypted data in cloud computing[J]. Computer science and information systems, 2013, 10(2): 667–684.
ADJEDJ M, BRINGER J, CHABANNE H, et al. Biometrie identification over encrypted data made feasible[C]//The 5th International Conference on Information Systems Security, Kolkata, India, 2009: 86–100.
WANG C, REN K, YU S, et al. Achieving usable and privacy-assured similarity search over outsourced cloud data[C]//Proceedings of the IEEE INFOCOM, Orlando, USA, 2012: 451–459.
GOLLE P, STADDON J, WATERS B. Secure conjunctive keyword search over encrypted data[C]//The 2nd International Conference on Applied Cryptography and Network Security, Yellow Mountain, China, 2004: 31–45.
BALLARD L, KAMARA S, MONROSE F. Achieving ecient conjunctive keyword searches over encrypted data[C]//The 7th International Conference on Information and Communications Security, Beijing, China, 2005: 414–426.
CASH D, JARECKI S, JUTLA C, et al. Highly-scalable searchable symmetric encryption with support for Boolean queries[C]//The 33rd Annual Cryptology Conference (CRYPTO), Santa Barbara, USA, 2013: 353–373.
FABER S, JARECKI S, KRAWCZYK H, et al. Rich queries on encrypted data: beyond exact matches[C]//The 20th European Symposium on Research in Computer Security, Vienna, Austria, 2015: 123–145.
BYUN J W, LEE D H, LIM J. Efficient conjunctive keyword search on encrypted data storage system[C]//The 3rd European Public Key Infrastructure Workshop on Theory and Practice, Turin, Italy, 2006: 184–196.
WANG P, WANG H, PIEPRAYK J. Keyword field-fiee conjunctive keyword searches on encrypted data and extension for dynamic groups[C]//The 7th International Conference on Cryptology and Network Security, Hong-Kong, China, 2008: 178–195.
SWAMINATHAN A, MAO Y, SU G M, et al. Confidentiality-preserving rank-ordered search[C]//Proceedings of the 2007 ACM Workshop on Storage Security and Survivability, Alexandria, USA, 2007: 7–12.
ZERR S, OLMEDILLA D, NEJDL W, et al. Zerber+ r: Top-k retrieval from a confidential index[C]//Proceedings of the 12th International Conference on Extending Database Technology: Advances in Database Technology, Saint Petersburg, Russia, 2009: 439–449.
WANG C, CAO N, LI J, et al. Secure ranked keyword search over encrypted cloud data[C]//2010 International Conference on Distributed Computing Systems, Genova, Italy, 2010: 253–262.
WANG C, CAO N, REN K, et al. Enabling secure and efficient ranked keyword search over outsourced cloud data[J]. IEEE transactions on parallel and distributed systems, 2012, 23(8): 1467–1479.
CAO N, WANG C, LI M, et al. Privacy preserving multi-keyword ranked search over encrypted cloud data[C]//The 30th International Conference on Computer Communications, Shanghai, China, 2011: 829–837.
SUN W, WANG B, CAO N, et al. Verifiable privacy-preserving multi-keyword text search in the cloud supporting similarity based ranking[J]. IEEE transactions on parallel and distributed systems, 2014, 25(11): 3025–3035.
XIA Z, WANG X, SUN X, et al. A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data[J]. IEEE transactions on parallel and distributed systems, 2016, 27(2): 340–352.
CHEN C, ZHU X, SHEN P, et al. An efficient privacy-preserving ranked keyword search method[J]. IEEE Transactions on Parallel and Distributed Systems, 2016, 27(4): 951–963.
ORENCIK C, KANTARCIOGLU M, SAVAS E. A practical and secure multi-keyword search method over encrypted cloud data[C]//The 6th IEEE International Conference on Cloud Computing, Santa Clara, USA, 2013: 390–397.
ZHANG W, XIAO S, LIN Y, et al. Secure ranked multi-keyword search for multiple data owners in cloud computing[C]//The 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, Atlanta, USA, 2014: 276–286.
BOUABANA-TEBIBEL T, KACI A. Parallel search over encrypted data under attribute based encryption on the Cloud Computing[J]. Computers & security, 2015, 54: 77–91.
PANG H H, TAN K L. Authenticating query results in edge computing[C]//Proceedings of the 20th International Conference on Data Engineering, Boston, USA, 2004: 560–571.
LI F, HADJILEFTHERIOU M, KOLLIOS G, et al. Authenticated index structures for outsourced databases[M]. Handbook of database security-applications and trends, Springer US, 2008: 115–136.
MOURATIDIS K, SACHARIDIS D, PANG H H. Partially materialized digest scheme: an efficient verification method for outsourced databases[J]. The International journal on very large data bases, 2009, 18(1): 363–381.
KUROSAWA K, OHTAKI Y. UCsecure searchable symmetric encryption[C]//International Conference on Financial Cryptography and Data Security, Kralendijk, Bonaire, 2012: 285–298.
CHAI Q, GONG G. Verifiable symmetric searchable encryption for semi-honest but-curious cloud servers[C]//Proceedings of IEEE International Conference on Communications, Ottawa, Canada, 2012: 917–922.
WANG J, CHEN X, HUANG X, et al. Verifiable auditing for outsourced database in cloud computing[J]. IEEE transactions on computers, 2015, 64(11): 3293–3303.
BONEH D, DI CRESCENZO G, OSTROVSKY R, et al. Public key encryption with keyword search[C]//International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, 2004: 506–522.
BONEH D, FRANKLIN M. Identity-based encryption from the Weil pairing[J]. SIAM journal on computing, 2003, 32(3): 586–615.
SHAMIR A. Identity-based cryptosystems and signature schemes[C]//Workshop on the Theory and Application of Cryptographic Techniques Santa, Barbara, California, USA, 1984: 47–53.
ABDALL M, BELLARE M, CATALANO D, et al. Searchable encryption revisited: consistency properties, relation to anonymous IBE, and extensions[J]. Journal of cryptology, 2008, 21(3): 350–391.
DI CRESCENZO G, SARASWAT V. Public key encryption with searchable keywords based on Jacobi symbols[C]//International Conference on Cryptology in India, Chennai, India, 2007: 282–296.
COCKS C. An identity based encryption scheme based on quadratic residues[C]//The 8th IMA International Conference on Cryptography and Coding, Cirencester, UK, 2001: 360–363.
KHADER D. Public key encryption with keyword search based on k-resilient IBE[C]//International Conference on Computational Science and Its Applications, Kuala Lumpur, Malaysia, 2007: 1086–1095.
BAEK J, SAFAVI-NAINI R, SUSILO W. Public key encryption with keyword search revisited[C]//International conference on Computational Science and Its Applications, Perugia, Italy, 2008: 1249–1259.
RHEE H S, PARK J H, AUSILO W, et al. Improved searchable public key encryption with designated tester[C]//Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, Sydney, Australia, 2009: 376–379.
EMURA K, MRYAJI A, RAHMAN M S, et al. Generic constructions of secure channel free searchable encryption with adaptive security[J]. Security and communication networks, 2015, 8(8): 1547–1560.
BYUN J W, RHEE H S, PARK H A, et al. O_-line keyword guessing attacks on recent keyword search schemes over encrypted data[C]//The 3rd VLDB Workshop on Secure Data Management. Springer Berlin Heidelberg, 2006: 75–83.
YAU W C, HENG S H, GOIB M. O_-line keyword guessing attacks on recent public key encryption with keyword search schemes[C]//International Conference on Autonomic and Trusted Computing, Seoul, Korea, 2008: 100–105.
BAEK J, SAFAVI-NAINI R, SUSILO W. On the integration of public key data en cryption and public key encryption with keyword search[C]//The 9th International Conference on Information Security, Samos Island, Greece, 2006: 217–232.
RHEE H S, PARK J H, SUSILO W, et al. Trapdoor security in a searchable publickey encryption scheme with a designated tester[J]. Journal of systems and software, 2010, 83(5): 763–771.
FANG L, SUSILO W, GE C, et al. Public key encryption with keyword search secure against keyword guessing attacks without random oracle[J]. Information sciences, 2013, 238: 221–241.
JEONG I R, KWON J O, HONG D, et al. Constructing PEKS schemes secure against keyword guessing attacks is possible?[J]. Computer communications, 2009, 32(2): 394–396.
XU P, JIN H, WU Q, et al. Public-key encryption with fuzzy keyword search: a provably secure scheme under keyword guessing attack[J]. IEEE transactions on computers, 2013, 62(11): 2266–2277.
CHEN R, MU Y, YANG G, et al. Dual-server public-key encryption with keyword search for secure cloud storage[J]. IEEE transactions on information forensics and security, 2016, 11(4): 789–798.
PARK D J, KIM K, LEE P J. Public key encryption with conjunctive field keyword search[C]//The 5th International Workshop on Information Security Applications, Jeju Island, Korea, 2004: 73–86.
BONEH D, WATERS B. Conjunctive, subset, and range queries on encrypted data[C]//The 4th Theory of Cryptography Conference, Amsterdam, Netherlands, 2007: 535–554.
SHI E, BETHENCOURT J, CHAN T H H, et al. Multi-dimensional range query over encrypted data[C]//2007 IEEE Symposium on Security and Privacy (SP’07). Oakland, California, USA, 2007: 350–364.
HWANG Y H, LEE P J. Public key encryption with conjunctive keyword search and its extension to a multi-user system[C]//The 1st International Conference on Pairing- Based Cryptography, Tokyo, Japan, 2007: 2–22.
KATZ J, SAHAI A, WATERS B. Predicate encryption supporting disjunctions, polynomial equations, and inner products[C]//The 27th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Istanbul, Turkey, 2008: 146–162.
LAI J, ZHOU X, DENG R H, et al. Expressive search on encrypted data[C]//The 8th ACM symposium on Information, computer and communications security, Hangzhou, China, 2013: 243–252.
LEWKO A, OKAMOTO T, SAHAI A, et al. Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption[C]//The 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, French Riviera, 2010: 62–91.
BRINGER J, CHABANNE H, KINDARJI B. Error-tolerant searchable encryption[C]//2009 IEEE International Conference on Communications, Dresden, Germany, 2009: 1–6.
INDYK P, MOTWANI R. Approximate nearest neighbors: towards removing the curse of dimensionality[C]//Proceedings of the 30th annual ACM symposium on Theory of computing, Dallas, Texas, USA, 1998: 604–613.
BONEH D, KUSHILEVITZ E, OSTROVSKY R, et al. Public key encryption that allows PIR queries[C]//The 27th Annual International Cryptology Conference, Santa Barbara, USA, 2007: 50–67.
ZHENG Q, XU S, ATENIESE G. VABKS: verifiable attribute-based keyword search over outsourced encrypted data[C]//2014 IEEE Conference on Computer Communications, Toronto, Canada, 2014: 522–530.
LIU P, WANG J, MA H, et al. Efficient verifiable public key encryption with keyword search based on KP-ABE[C]//The 9th International Conference on Broadband and Wireless Computing, Communication and Applications (BWCCA), Guangdong, China, 2014: 584–589.
Author information
Authors and Affiliations
Additional information
This work is supported by Guangxi Cooperative Innovation Center of Cloud Computing and Big Data (No.YD16506)
WANG Yunling [corresponding author] received a masters degree in electronics and communication engineering from Xidian University, China, in 2015. She is now a Ph.D. candidate in the area of cryptography at Xidian University, China. Her research interests include cloud computing and applied cryptography. (Email: ylwang0304@ 163.com)
WANG Jianfeng received an M.S. degree in mathematics and a Ph.D. degree in cryptography from Xidian University, in 2013 and 2016, respectively. He currently works at Xidian University. His research interests include applied cryptography and secure outsourced storage. (E-mail: jfw01@163.com)
CHEN Xiaofeng received B.S. and M.S. degrees in mathematics from Northwest University, Xi’an, China, in 1998 and 2000, respectively, and a Ph.D. degree in cryptography from Xidian University, Xi’an, in 2003, where he is currently a Professor. His research interests include applied cryptography and cloud computing security. He has authored over 100 research papers in refereed international conferences and journals. His work has been cited over 5 300 times in Google scholar. He is on the editorial board of IEEE Transactions on dependable and secure computing security and communication networks, telecommunication systems, etc. He has served as the program/general chair or a program committee member for over 30 international conferences. (Email: xfchen@xidian.edu.cn)
Rights and permissions
About this article
Cite this article
Wang, Y., Wang, J. & Chen, X. Secure searchable encryption: a survey. J. Commun. Inf. Netw. 1, 52–65 (2016). https://doi.org/10.1007/BF03391580
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/BF03391580