Pattern Hiding and Authorized Searchable Encryption for Data Sharing in Cloud Storage

IF 8.9 2区计算机科学 Q1 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

IEEE Transactions on Knowledge and Data Engineering Pub Date : 2025-01-31 DOI:10.1109/TKDE.2025.3537613

Kai Zhang;Boli Hu;Jianting Ning;Junqing Gong;Haifeng Qian

{"title":"Pattern Hiding and Authorized Searchable Encryption for Data Sharing in Cloud Storage","authors":"Kai Zhang;Boli Hu;Jianting Ning;Junqing Gong;Haifeng Qian","doi":"10.1109/TKDE.2025.3537613","DOIUrl":null,"url":null,"abstract":"Secure cloud storage is a prevalent way to provide data retrieval services, where users’ data are encrypted before uploading to the cloud. To effectively perform keyword searches over the encrypted data, the approach of searchable encryption (SE) was introduced. However, the leakage of the keyword-pair result pattern to the cloud could be exploited to reconstruct the queried keywords. To mitigate such information leakages, numerous result pattern-hiding SE systems were proposed but rarely supported data sharing with expressive queries and even owner-enforced authorization. Therefore, we present a result pattern hiding and authorized SE system (AXT) supporting conjunctive queries for cloud-based data sharing. Technically, we construct an authorized label private set intersection protocol from a refined authorized public key encryption with an equality test and then combine it with an introduced asymmetric variant of oblivious cross-tag protocol. Moreover, we introduce the system and security model of AXT along with rigorous security proof. Furthermore, we conduct comparative experiments between state-of-the-art solutions with AXT on HUAWEI Cloud platform under the widely recognized Enron dataset, which reveal that AXT achieves practical performance with retaining authorized data sharing and result pattern hiding, specifically, the time overhead for conjunctive queries with 10 keywords is reduced by 20<inline-formula><tex-math>$\\%$</tex-math></inline-formula>.","PeriodicalId":13496,"journal":{"name":"IEEE Transactions on Knowledge and Data Engineering","volume":"37 5","pages":"2802-2815"},"PeriodicalIF":8.9000,"publicationDate":"2025-01-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Knowledge and Data Engineering","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10869376/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

Abstract

Secure cloud storage is a prevalent way to provide data retrieval services, where users’ data are encrypted before uploading to the cloud. To effectively perform keyword searches over the encrypted data, the approach of searchable encryption (SE) was introduced. However, the leakage of the keyword-pair result pattern to the cloud could be exploited to reconstruct the queried keywords. To mitigate such information leakages, numerous result pattern-hiding SE systems were proposed but rarely supported data sharing with expressive queries and even owner-enforced authorization. Therefore, we present a result pattern hiding and authorized SE system (AXT) supporting conjunctive queries for cloud-based data sharing. Technically, we construct an authorized label private set intersection protocol from a refined authorized public key encryption with an equality test and then combine it with an introduced asymmetric variant of oblivious cross-tag protocol. Moreover, we introduce the system and security model of AXT along with rigorous security proof. Furthermore, we conduct comparative experiments between state-of-the-art solutions with AXT on HUAWEI Cloud platform under the widely recognized Enron dataset, which reveal that AXT achieves practical performance with retaining authorized data sharing and result pattern hiding, specifically, the time overhead for conjunctive queries with 10 keywords is reduced by 20

$\%$

查看原文本刊更多论文

云存储中数据共享的模式隐藏和授权可搜索加密

安全云存储是提供数据检索服务的一种流行方式，用户的数据在上传到云之前被加密。为了有效地对加密数据进行关键字搜索，引入了可搜索加密（SE）方法。然而，关键字对结果模式向云的泄漏可以被利用来重建查询的关键字。为了减轻此类信息泄漏，提出了许多结果模式隐藏SE系统，但很少支持具有表达性查询甚至所有者强制授权的数据共享。因此，我们提出了一个结果模式隐藏和授权SE系统（AXT），支持基于云的数据共享的联合查询。从技术上讲，我们从一个改进的带等式检验的授权公钥加密构造了一个授权标签私有集交叉协议，然后将其与引入的非对称型遗忘交叉标签协议结合起来。此外，我们还介绍了AXT的系统和安全模型，并进行了严格的安全证明。此外，我们在华为云平台上对最先进的解决方案与AXT在广泛认可的安然数据集上进行了对比实验，结果表明，AXT在保留授权数据共享和结果模式隐藏的情况下取得了实际性能，特别是10个关键字的联合查询的时间开销减少了20%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Knowledge and Data Engineering 工程技术-工程：电子与电气

CiteScore

11.70

自引率

3.40%

发文量

515

审稿时长

6 months

期刊介绍： The IEEE Transactions on Knowledge and Data Engineering encompasses knowledge and data engineering aspects within computer science, artificial intelligence, electrical engineering, computer engineering, and related fields. It provides an interdisciplinary platform for disseminating new developments in knowledge and data engineering and explores the practicality of these concepts in both hardware and software. Specific areas covered include knowledge-based and expert systems, AI techniques for knowledge and data management, tools, and methodologies, distributed processing, real-time systems, architectures, data management practices, database design, query languages, security, fault tolerance, statistical databases, algorithms, performance evaluation, and applications.