Fast Multi-User Searchable Encryption with Forward and Backward Private Access Control

IF 4.3 3区材料科学 Q1 ENGINEERING, ELECTRICAL & ELECTRONIC

ACS Applied Electronic Materials Pub Date : 2024-02-02 DOI:10.3390/jsan13010012

Salim Sabah Bulbul, Z. Abduljabbar, Duaa Fadhel Najem, V. O. Nyangaresi, Junchao Ma, Abdulla J. Y. Aldarwish

{"title":"Fast Multi-User Searchable Encryption with Forward and Backward Private Access Control","authors":"Salim Sabah Bulbul, Z. Abduljabbar, Duaa Fadhel Najem, V. O. Nyangaresi, Junchao Ma, Abdulla J. Y. Aldarwish","doi":"10.3390/jsan13010012","DOIUrl":null,"url":null,"abstract":"Untrusted servers are servers or storage entities lacking complete trust from the data owner or users. This characterization implies that the server hosting encrypted data may not enjoy full trust from data owners or users, stemming from apprehensions related to potential security breaches, unauthorized access, or other security risks. The security of searchable encryption has been put into question by several recent attacks. Currently, users can search for encrypted documents on untrusted cloud servers using searchable symmetric encryption (SSE). This study delves deeply into two pivotal concepts of privacy within dynamic searchable symmetric encryption (DSSE) schemes: forward privacy and backward privacy. The former serves as a safeguard against the linkage of recently added documents to previously conducted search queries, whereas the latter guarantees the irretrievability of deleted documents in subsequent search inquiries. However, the provision of fine-grained access control is complex in existing multi-user SSE schemes. SSE schemes may also incur high computation costs due to the need for fine-grained access control, and it is essential to support document updates and forward privacy. In response to these issues, this paper suggests a searchable encryption scheme that uses simple primitive tools. We present a multi-user SSE scheme that efficiently controls access to dynamically encrypted documents to resolve these issues, using an innovative approach that readily enhances previous findings. Rather than employing asymmetric encryption as in comparable systems, we harness low-complexity primitive encryption tools and inverted index-based DSSE to handle retrieving encrypted files, resulting in a notably faster system. Furthermore, we ensure heightened security by refreshing the encryption key after each search, meaning that users are unable to conduct subsequent searches with the same key and must obtain a fresh key from the data owner. An experimental evaluation shows that our scheme achieves forward and Type II backward privacy and has much faster search performance than other schemes. Our scheme can be considered secure, as proven in a random oracle model.","PeriodicalId":3,"journal":{"name":"ACS Applied Electronic Materials","volume":"61 3","pages":""},"PeriodicalIF":4.3000,"publicationDate":"2024-02-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACS Applied Electronic Materials","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3390/jsan13010012","RegionNum":3,"RegionCategory":"材料科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}

引用次数: 0

Abstract

Untrusted servers are servers or storage entities lacking complete trust from the data owner or users. This characterization implies that the server hosting encrypted data may not enjoy full trust from data owners or users, stemming from apprehensions related to potential security breaches, unauthorized access, or other security risks. The security of searchable encryption has been put into question by several recent attacks. Currently, users can search for encrypted documents on untrusted cloud servers using searchable symmetric encryption (SSE). This study delves deeply into two pivotal concepts of privacy within dynamic searchable symmetric encryption (DSSE) schemes: forward privacy and backward privacy. The former serves as a safeguard against the linkage of recently added documents to previously conducted search queries, whereas the latter guarantees the irretrievability of deleted documents in subsequent search inquiries. However, the provision of fine-grained access control is complex in existing multi-user SSE schemes. SSE schemes may also incur high computation costs due to the need for fine-grained access control, and it is essential to support document updates and forward privacy. In response to these issues, this paper suggests a searchable encryption scheme that uses simple primitive tools. We present a multi-user SSE scheme that efficiently controls access to dynamically encrypted documents to resolve these issues, using an innovative approach that readily enhances previous findings. Rather than employing asymmetric encryption as in comparable systems, we harness low-complexity primitive encryption tools and inverted index-based DSSE to handle retrieving encrypted files, resulting in a notably faster system. Furthermore, we ensure heightened security by refreshing the encryption key after each search, meaning that users are unable to conduct subsequent searches with the same key and must obtain a fresh key from the data owner. An experimental evaluation shows that our scheme achieves forward and Type II backward privacy and has much faster search performance than other schemes. Our scheme can be considered secure, as proven in a random oracle model.

查看原文本刊更多论文

具有前向和后向私人访问控制的快速多用户可搜索加密技术

不受信任的服务器是指缺乏数据所有者或用户完全信任的服务器或存储实体。这种定性意味着托管加密数据的服务器可能得不到数据所有者或用户的完全信任，这源于对潜在安全漏洞、未经授权访问或其他安全风险的担忧。最近的几次攻击使可搜索加密的安全性受到质疑。目前，用户可以使用可搜索对称加密（SSE）在不受信任的云服务器上搜索加密文档。本研究深入探讨了动态可搜索对称加密（DSSE）方案中两个关键的隐私概念：前向隐私和后向隐私。前向隐私可防止将最近添加的文档与之前进行的搜索查询联系起来，而后向隐私则可保证在后续搜索查询中无法检索已删除的文档。然而，在现有的多用户 SSE 方案中，提供细粒度访问控制非常复杂。由于需要进行细粒度访问控制，SSE 方案也可能会产生很高的计算成本，而且必须支持文档更新和前向隐私。针对这些问题，本文提出了一种使用简单原始工具的可搜索加密方案。我们提出了一种多用户 SSE 方案，它能有效控制对动态加密文档的访问，从而解决这些问题。我们没有像同类系统那样采用非对称加密，而是利用低复杂度的原始加密工具和基于反索引的 DSSE 来处理检索加密文件的问题，从而大大加快了系统的运行速度。此外，我们在每次搜索后都会刷新加密密钥，这意味着用户无法使用相同的密钥进行后续搜索，而必须从数据所有者那里获得新的密钥，从而确保了更高的安全性。实验评估表明，与其他方案相比，我们的方案实现了前向和第二类后向隐私，并具有更快的搜索性能。在随机甲骨文模型中，我们的方案被认为是安全的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

ACS Applied Electronic Materials Multiple-

CiteScore

7.20

自引率

4.30%

发文量

567

期刊介绍： ACS Applied Electronic Materials is an interdisciplinary journal publishing original research covering all aspects of electronic materials. The journal is devoted to reports of new and original experimental and theoretical research of an applied nature that integrate knowledge in the areas of materials science, engineering, optics, physics, and chemistry into important applications of electronic materials. Sample research topics that span the journal's scope are inorganic, organic, ionic and polymeric materials with properties that include conducting, semiconducting, superconducting, insulating, dielectric, magnetic, optoelectronic, piezoelectric, ferroelectric and thermoelectric. Indexed/Abstracted： Web of Science SCIE Scopus CAS INSPEC Portico