Searchable symmetric encryption : attacks, constructions, and extensions

Publication Type:
Issue Date:
Full metadata record
Data outsourcing has become one of the most successful applications of cloud computing, as it significantly reduces data owners’ costs on data storage and management. To prevent privacy disclosure, sensitive data has to be encrypted before outsourcing. Traditional encryption tools such as AES, however, destroy the data searchability because keyword searches cannot be performed over encrypted data. Though the above issue has been addressed by an advanced cryptographic primitive, called searchable symmetric encryption (SSE), we observe that the existing SSE schemes still suffer security, efficiency or functionality flaws. In this research, we further study SSE on three aspects. First, we address the search pattern leakage issue. We demonstrate that potential attacks exist as long as an adversary with some background knowledge learns users’ search pattern. We then develop a general countermeasure to transform an existing SSE scheme to a new scheme where the search pattern is hidden. Second, motivated by the practical phenomenon in data outsourcing scenarios that user data is distributed over multiple data sources, we propose efficient SSE constructions which allow each data source to build a local index individually and enable the storage provider to merge all local indexes into a global one. Third, we offer an efficient fuzzy keyword generation method to enable SSE supporting fuzzy keyword searches. Fourth, we extend SSE into graph encryption with support for specific graph queries. For example, we investigate how to perform shortest distance queries and top-k nearest keyword searches on an encrypted graph.
Please use this identifier to cite or link to this item: