Refrain From Inquiring About My Scalable Storage and Boolean Queries for Secure Cloud

IF 5 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Transactions on Cloud Computing Pub Date : 2025-06-24 DOI:10.1109/TCC.2025.3582645

Boli Hu;Kai Zhang;Junqing Gong;Haifeng Qian

{"title":"Refrain From Inquiring About My Scalable Storage and Boolean Queries for Secure Cloud","authors":"Boli Hu;Kai Zhang;Junqing Gong;Haifeng Qian","doi":"10.1109/TCC.2025.3582645","DOIUrl":null,"url":null,"abstract":"Outsourcing personal data to a convenient and affordable cloud platform has become a popular practice. Considering the risk of privacy leakage, users usually encrypt their data before uploading it to the cloud server. Searchable encryption (SE) allows cloud servers to manage and search data in encrypted form based on user-specified requests. However, coercion attacks are rarely considered, where users may be forced to open search records and results. Therefore, deniable SE solutions against coercion attacks are presented, but they suffer from large storage overhead or fail to consider the dual coercion situation towards both sides of data owners and data users. In this paper, we roughly combine oblivious cross-tags protocol (OXT) and deniable encryption to propose a deniable SE (deniable cross-tag, DXT) scheme, which supports boolean queries and resists dual coercion attacks. Technically, we formalize a new primitive called updatable deniable encryption, and combine it with OXT in a non-trivial manner. In addition, we give formal system model, security model, and security proof of DXT. By employing the HUAWEI cloud platform, we conduct sufficient comparative experiments between DXT and state-of-the-art solutions based on a public dataset. The experimental results demonstrate that DXT outperforms higher search efficiency while achieving better features.","PeriodicalId":13202,"journal":{"name":"IEEE Transactions on Cloud Computing","volume":"13 3","pages":"969-982"},"PeriodicalIF":5.0000,"publicationDate":"2025-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Cloud Computing","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/11049027/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Outsourcing personal data to a convenient and affordable cloud platform has become a popular practice. Considering the risk of privacy leakage, users usually encrypt their data before uploading it to the cloud server. Searchable encryption (SE) allows cloud servers to manage and search data in encrypted form based on user-specified requests. However, coercion attacks are rarely considered, where users may be forced to open search records and results. Therefore, deniable SE solutions against coercion attacks are presented, but they suffer from large storage overhead or fail to consider the dual coercion situation towards both sides of data owners and data users. In this paper, we roughly combine oblivious cross-tags protocol (OXT) and deniable encryption to propose a deniable SE (deniable cross-tag, DXT) scheme, which supports boolean queries and resists dual coercion attacks. Technically, we formalize a new primitive called updatable deniable encryption, and combine it with OXT in a non-trivial manner. In addition, we give formal system model, security model, and security proof of DXT. By employing the HUAWEI cloud platform, we conduct sufficient comparative experiments between DXT and state-of-the-art solutions based on a public dataset. The experimental results demonstrate that DXT outperforms higher search efficiency while achieving better features.

查看原文本刊更多论文

不要询问我的可扩展存储和布尔查询安全云

将个人数据外包给一个方便且价格合理的云平台已经成为一种流行的做法。考虑到隐私泄露的风险，用户在将数据上传到云服务器之前通常会对其进行加密。可搜索加密（SE）允许云服务器根据用户指定的请求以加密的形式管理和搜索数据。然而，强制攻击很少被考虑，在这种情况下，用户可能被迫打开搜索记录和结果。因此，针对强制攻击提出了可否认的SE解决方案，但这些解决方案的存储开销较大，或者没有考虑到对数据所有者和数据用户双方的双重强制情况。本文将遗忘交叉标签协议（OXT）和可否认加密粗略地结合起来，提出了一种可否认SE（可否认交叉标签，DXT）方案，该方案支持布尔查询并抵抗双重强制攻击。从技术上讲，我们形式化了一种称为可更新可否认加密的新原语，并以一种非凡的方式将其与OXT结合起来。此外，给出了DXT的形式化系统模型、安全模型和安全性证明。我们利用华为云平台，基于公共数据集，对DXT和最先进的解决方案进行了充分的对比实验。实验结果表明，DXT在获得更好的特征的同时具有更高的搜索效率。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Cloud Computing Computer Science-Software

CiteScore

9.40

自引率

6.20%

发文量

167

期刊介绍： The IEEE Transactions on Cloud Computing (TCC) is dedicated to the multidisciplinary field of cloud computing. It is committed to the publication of articles that present innovative research ideas, application results, and case studies in cloud computing, focusing on key technical issues related to theory, algorithms, systems, applications, and performance.