Oblivious Keyword Search With Authorization and Verification for IoT Devices in Untrusted Cloud Environments

IF 8.9 1区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Internet of Things Journal Pub Date : 2025-03-12 DOI:10.1109/JIOT.2025.3550198

Zhongkai Wei;Bo Zhao;Haining Yang;Jing Qin;Jixin Ma

{"title":"Oblivious Keyword Search With Authorization and Verification for IoT Devices in Untrusted Cloud Environments","authors":"Zhongkai Wei;Bo Zhao;Haining Yang;Jing Qin;Jixin Ma","doi":"10.1109/JIOT.2025.3550198","DOIUrl":null,"url":null,"abstract":"With the rapid advancement of Internet of Things (IoT) technology, large volumes of data are exchanged among users via cloud servers. However, in an untrusted cloud server environment, the risk of data tampering is significant. For instance, a cloud server may fail to update its records promptly after receiving updated data from a data sender. Consequently, when the data receiver retrieves the relevant information, the cloud server may return outdated data, leading to security issues in data utilization. To address this problem, we propose a scheme that facilitates efficient verification in untrustworthy cloud environments. Our research approach is to utilize cryptographic accumulators within the oblivious searchable encryption model to achieve efficient verification. The data sender first uses a cryptographic accumulator to calculate the cumulative value of all messages to be uploaded, which are publicly accessible. In addition, the accumulator generates witness values for messages authorized to the data recipient. Before retrieving data, the data receiver can leverage the cryptographic accumulator to verify the timeliness of incoming messages, ensuring that the data is current and free from tampering. Furthermore, the data sender retains the flexibility to dynamically update the data stored in the cloud and efficiently refresh both the encrypted accumulator and its corresponding witness value. This article presents a rigorous security proof and a comparative experiment was carried out, supported by both analytical evaluations and experimental results, which collectively confirm the practical applicability of the proposed scheme in the context of the IoT.","PeriodicalId":54347,"journal":{"name":"IEEE Internet of Things Journal","volume":"12 12","pages":"21793-21805"},"PeriodicalIF":8.9000,"publicationDate":"2025-03-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Internet of Things Journal","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10924154/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

With the rapid advancement of Internet of Things (IoT) technology, large volumes of data are exchanged among users via cloud servers. However, in an untrusted cloud server environment, the risk of data tampering is significant. For instance, a cloud server may fail to update its records promptly after receiving updated data from a data sender. Consequently, when the data receiver retrieves the relevant information, the cloud server may return outdated data, leading to security issues in data utilization. To address this problem, we propose a scheme that facilitates efficient verification in untrustworthy cloud environments. Our research approach is to utilize cryptographic accumulators within the oblivious searchable encryption model to achieve efficient verification. The data sender first uses a cryptographic accumulator to calculate the cumulative value of all messages to be uploaded, which are publicly accessible. In addition, the accumulator generates witness values for messages authorized to the data recipient. Before retrieving data, the data receiver can leverage the cryptographic accumulator to verify the timeliness of incoming messages, ensuring that the data is current and free from tampering. Furthermore, the data sender retains the flexibility to dynamically update the data stored in the cloud and efficiently refresh both the encrypted accumulator and its corresponding witness value. This article presents a rigorous security proof and a comparative experiment was carried out, supported by both analytical evaluations and experimental results, which collectively confirm the practical applicability of the proposed scheme in the context of the IoT.

查看原文本刊更多论文

不可信云环境中物联网设备的授权和验证遗忘关键字搜索

随着物联网（IoT）技术的快速发展，用户之间通过云服务器交换大量数据。但是，在不受信任的云服务器环境中，数据篡改的风险非常大。例如，云服务器在从数据发送方接收到更新后的数据后，可能无法及时更新其记录。因此，当数据接收方检索相关信息时，云服务器可能返回过时的数据，从而导致数据利用中的安全问题。为了解决这一问题，我们提出了一种在不可信的云环境中促进有效验证的方案。我们的研究方法是利用可遗忘搜索加密模型中的密码累加器来实现有效的验证。数据发送方首先使用加密累加器计算要上传的所有消息的累加值，这些消息是可公开访问的。此外，累加器为授权给数据接收方的消息生成见证值。在检索数据之前，数据接收方可以利用加密累加器来验证传入消息的时效性，确保数据是当前的并且不受篡改。此外，数据发送方保留了动态更新存储在云中的数据的灵活性，并有效地刷新加密累加器及其相应的见证值。本文提出了严格的安全性证明，并进行了对比实验，并得到了分析评估和实验结果的支持，共同证实了所提出方案在物联网背景下的实际适用性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Internet of Things Journal Computer Science-Information Systems

CiteScore

17.60

自引率

13.20%

发文量

1982

期刊介绍： The EEE Internet of Things (IoT) Journal publishes articles and review articles covering various aspects of IoT, including IoT system architecture, IoT enabling technologies, IoT communication and networking protocols such as network coding, and IoT services and applications. Topics encompass IoT's impacts on sensor technologies, big data management, and future internet design for applications like smart cities and smart homes. Fields of interest include IoT architecture such as things-centric, data-centric, service-oriented IoT architecture; IoT enabling technologies and systematic integration such as sensor technologies, big sensor data management, and future Internet design for IoT; IoT services, applications, and test-beds such as IoT service middleware, IoT application programming interface (API), IoT application design, and IoT trials/experiments; IoT standardization activities and technology development in different standard development organizations (SDO) such as IEEE, IETF, ITU, 3GPP, ETSI, etc.