Abstract
The notion of searchable encrypted keywords introduced an elegant approach to retrieve encrypted data without the need of decryption. Since the introduction of this notion, there are two main searchable encrypted keywords techniques, symmetric searchable encryption (SSE) and public key encryption with keyword search (PEKS). Due to the complicated key management problem in SSE, a number of concrete PEKS constructions have been proposed to overcome it. However, the security of these PEKS schemes was only weakly defined in presence of outsider attacks; therefore they suffer from keyword guessing attacks from the database server as an insider. How to resist insider attacks remains a challenging problem. We propose the first searchable encrypted keywords against insider attacks (SEK-IA) framework to address this problem. The security model of SEK-IA under public key environment is rebuilt. We give a concrete SEK-IA construction featured with a constant-size trapdoor and the proposed scheme is formally proved to be secure against insider attacks. The performance evaluations show that the communication cost between the receiver and the server in our SEK-IA scheme remains constant, independent of the sender identity set size, and the receiver needs the minimized computational cost to generate a trapdoor to search the data from multiple senders.
Article PDF
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.Avoid common mistakes on your manuscript.
References
Song D X, Wagner D, Perrig A. Practical techniques for searches on encrypted data. In Proc. the IEEE Symposium on Security and Privacy, May 2000, pp.44-55.
Boneh D, Di Crescenzo G, Ostrovsky R, Persiano G. Public key encryption with keyword search. In Lecture Notes in Computer Science 3027, Cachin C, Camenisch J L (eds.), Springer, 2004, pp.506-522.
Yau WC, Heng S H, Goi B M. Off-line keyword guessing attacks on recent public key encryption with keyword search schemes. In Lecture Notes in Computer Science 5060, Rong C M, Jaatun M C, Sandnes F E, Yang L T, Ma J H (eds.), Springer, 2008, pp.100-105.
Baek J, Safavi-Naini R, Susilo W. Public key encryption with keyword search revisited. In Lecture Notes in Computer Science 5072, Gervasi O, Murgante B, Laganà A, Taniar D, Mun Y, Gavrilova M L (eds.), Springer, 2008, pp.1249-1259.
Rhee H S, Park J H, Susilo W, Lee D H. Improved searchable public key encryption with designated tester. In Proc the 4th International Symposium on Information, Computer and Communications Security, March 2009, pp.376-379.
Fang L M, Susilo W, Ge C P, Wang J D. Public key encryption with keyword search secure against keyword guessing attacks without random oracle. Information Sciences, 2013, 238: 221-241.
Curtmola R, Garay J A, Kamara S, Ostrovsky R. Searchable symmetric encryption: Improved definitions and efficient constructions. In Proc. the 13th ACM Conference on Computer and Communications Security, October 30-November 3, 2006, pp.79-88.
Kamara S, Papamanthou C, Roeder T. Dynamic searchable symmetric encryption. In Proc. the ACM Conference on Computer and Communications Security, October 2012, pp.965-976.
Cash D, Jarecki S, Jutla C, Krawczyk H, Rosu M, Steiner M. Highly-scalable searchable symmetric encryption with support for Boolean queries. In Lecture Notes in Computer Science 8042, Canetti R, Garay J A (eds.), Springer, 2013, pp.353-373.
Tang Q. Nothing is for free: Security in searching shared and encrypted data. IEEE Transactions on Information Forensics and Security, 2014, 9(11): 1943-1952.
Park D J, Kim K, Lee P J. Public key encryption with conjunctive field keyword search. In Lecture Notes in Computer Science 3325, Lim C H, Yung M (eds.), Springer, 2005, pp.73-86.
Bethencourt J, Song D X, Waters B. New constructions and practical applications for private stream searching (extended abstract). In Proc. IEEE Symposium on Security and Privacy, May 2006, pp.132-139.
Boneh D, Waters B. Conjunctive, subset, and range queries on encrypted data. In Lecture Notes in Computer Science 4392, Vadhan S P (ed.), Springer, 2007, pp.535-554.
Sedghi S, van Liesdonk P, Nikova S, Hartel P, Jonker W. Searching keywords with wildcards on encrypted data. In Lecture Notes in Computer Science 6280, Garay J A, De Prisco R (eds.), Springer, 2010, pp.138-153.
Abdalla M, Bellare M, Catalano D, Kiltz E, Kohno T, Lange T, Malone-Lee J, Neven G, Paillier P, Shi H X. Searchable encryption revisited: Consistency properties, relation to anonymous IBE, and extensions. In Lecture Notes in Computer Science 3621, Shoup V (ed.), Springer, 2005, pp.205-222.
Xu P, Jin H, Wu Q H, Wang W. Publickey encryption with fuzzy keyword search: A provably secure scheme under keyword guessing attack. IEEE Transactions on Computers, 2013, 62(11): 2266-2277.
Camenisch J, Kohlweiss M, Rial A, Sheedy C. Blind and anonymous identity-based encryption and authorised private searches on public key encrypted data. In Lecture Notes in Computer Science 5443, Jarecki S, Tsudik G (eds.), Springer, 2009, pp.196-214.
Zheng Q J, Xu S H, Ateniese G. VABKS: Verifiable attribute-based keyword search over outsourced encrypted data. In Proc. IEEE INFOCOM, April 27-May 2, 2014, pp.522-530.
Shi J, Lai J Z, Li Y J, Deng R H, Weng J. Authorized keyword search on encrypted data. In Lecture Notes in Computer Science 8712, Kutyłowski M, Vaidya J (eds.), Springer, 2014, pp.419-435.
Li J W, Li J, Chen X F, Jia C F, Liu Z L. Efficient keyword search over encrypted data with fine-grained access control in hybrid cloud. In Lecture Notes in Computer Science 7645, Xu L, Bertino E, Mu Y (eds.), Springer, 2012, pp.490-502.
Byun J W, Rhee H S, Park H A, Lee D H. Off-line keyword guessing attacks on recent keyword search schemes over encrypted data. In Lecture Notes in Computer Science 4165, Jonker W, Petković M (eds.), Springer, 2006, pp.75-83.
Bösch C, Hartel P, Jonker W, Peter A. A survey of provably secure searchable encryption. ACM Computing Surveys, 2015, 47(2): Article No. 18.
Shen E, Shi E, Waters B. Predicate privacy in encryption systems. In Lecture Notes in Computer Science 5444, Reingold O (ed.), Springer, 2009, pp.457-473.
Boneh D, Boyen X, Goh E J. Hierarchical identity based encryption with constant size ciphertext. In Lecture Notes in Computer Science 3494, Cramer R (ed.), Springer, 2005, pp.440-456.
Delerablée C, Pointcheval D. Dynamic threshold public-key encryption. In Lecture Notes in Computer Science 5157, Wagner D (ed.), Springer, 2008, pp.317-334.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Jiang, P., Mu, Y., Guo, F. et al. Private Keyword-Search for Database Systems Against Insider Attacks. J. Comput. Sci. Technol. 32, 599–617 (2017). https://doi.org/10.1007/s11390-017-1745-8
Received:
Revised:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11390-017-1745-8