具有前向和后向私人访问控制的快速多用户可搜索加密技术

IF 3.3 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Sensor and Actuator Networks Pub Date : 2024-02-02 DOI:10.3390/jsan13010012

Salim Sabah Bulbul, Z. Abduljabbar, Duaa Fadhel Najem, V. O. Nyangaresi, Junchao Ma, Abdulla J. Y. Aldarwish

{"title":"具有前向和后向私人访问控制的快速多用户可搜索加密技术","authors":"Salim Sabah Bulbul, Z. Abduljabbar, Duaa Fadhel Najem, V. O. Nyangaresi, Junchao Ma, Abdulla J. Y. Aldarwish","doi":"10.3390/jsan13010012","DOIUrl":null,"url":null,"abstract":"Untrusted servers are servers or storage entities lacking complete trust from the data owner or users. This characterization implies that the server hosting encrypted data may not enjoy full trust from data owners or users, stemming from apprehensions related to potential security breaches, unauthorized access, or other security risks. The security of searchable encryption has been put into question by several recent attacks. Currently, users can search for encrypted documents on untrusted cloud servers using searchable symmetric encryption (SSE). This study delves deeply into two pivotal concepts of privacy within dynamic searchable symmetric encryption (DSSE) schemes: forward privacy and backward privacy. The former serves as a safeguard against the linkage of recently added documents to previously conducted search queries, whereas the latter guarantees the irretrievability of deleted documents in subsequent search inquiries. However, the provision of fine-grained access control is complex in existing multi-user SSE schemes. SSE schemes may also incur high computation costs due to the need for fine-grained access control, and it is essential to support document updates and forward privacy. In response to these issues, this paper suggests a searchable encryption scheme that uses simple primitive tools. We present a multi-user SSE scheme that efficiently controls access to dynamically encrypted documents to resolve these issues, using an innovative approach that readily enhances previous findings. Rather than employing asymmetric encryption as in comparable systems, we harness low-complexity primitive encryption tools and inverted index-based DSSE to handle retrieving encrypted files, resulting in a notably faster system. Furthermore, we ensure heightened security by refreshing the encryption key after each search, meaning that users are unable to conduct subsequent searches with the same key and must obtain a fresh key from the data owner. An experimental evaluation shows that our scheme achieves forward and Type II backward privacy and has much faster search performance than other schemes. Our scheme can be considered secure, as proven in a random oracle model.","PeriodicalId":37584,"journal":{"name":"Journal of Sensor and Actuator Networks","volume":null,"pages":null},"PeriodicalIF":3.3000,"publicationDate":"2024-02-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Fast Multi-User Searchable Encryption with Forward and Backward Private Access Control\",\"authors\":\"Salim Sabah Bulbul, Z. Abduljabbar, Duaa Fadhel Najem, V. O. Nyangaresi, Junchao Ma, Abdulla J. Y. Aldarwish\",\"doi\":\"10.3390/jsan13010012\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Untrusted servers are servers or storage entities lacking complete trust from the data owner or users. This characterization implies that the server hosting encrypted data may not enjoy full trust from data owners or users, stemming from apprehensions related to potential security breaches, unauthorized access, or other security risks. The security of searchable encryption has been put into question by several recent attacks. Currently, users can search for encrypted documents on untrusted cloud servers using searchable symmetric encryption (SSE). This study delves deeply into two pivotal concepts of privacy within dynamic searchable symmetric encryption (DSSE) schemes: forward privacy and backward privacy. The former serves as a safeguard against the linkage of recently added documents to previously conducted search queries, whereas the latter guarantees the irretrievability of deleted documents in subsequent search inquiries. However, the provision of fine-grained access control is complex in existing multi-user SSE schemes. SSE schemes may also incur high computation costs due to the need for fine-grained access control, and it is essential to support document updates and forward privacy. In response to these issues, this paper suggests a searchable encryption scheme that uses simple primitive tools. We present a multi-user SSE scheme that efficiently controls access to dynamically encrypted documents to resolve these issues, using an innovative approach that readily enhances previous findings. Rather than employing asymmetric encryption as in comparable systems, we harness low-complexity primitive encryption tools and inverted index-based DSSE to handle retrieving encrypted files, resulting in a notably faster system. Furthermore, we ensure heightened security by refreshing the encryption key after each search, meaning that users are unable to conduct subsequent searches with the same key and must obtain a fresh key from the data owner. An experimental evaluation shows that our scheme achieves forward and Type II backward privacy and has much faster search performance than other schemes. Our scheme can be considered secure, as proven in a random oracle model.\",\"PeriodicalId\":37584,\"journal\":{\"name\":\"Journal of Sensor and Actuator Networks\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":3.3000,\"publicationDate\":\"2024-02-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Sensor and Actuator Networks\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.3390/jsan13010012\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Sensor and Actuator Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3390/jsan13010012","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

不受信任的服务器是指缺乏数据所有者或用户完全信任的服务器或存储实体。这种定性意味着托管加密数据的服务器可能得不到数据所有者或用户的完全信任，这源于对潜在安全漏洞、未经授权访问或其他安全风险的担忧。最近的几次攻击使可搜索加密的安全性受到质疑。目前，用户可以使用可搜索对称加密（SSE）在不受信任的云服务器上搜索加密文档。本研究深入探讨了动态可搜索对称加密（DSSE）方案中两个关键的隐私概念：前向隐私和后向隐私。前向隐私可防止将最近添加的文档与之前进行的搜索查询联系起来，而后向隐私则可保证在后续搜索查询中无法检索已删除的文档。然而，在现有的多用户 SSE 方案中，提供细粒度访问控制非常复杂。由于需要进行细粒度访问控制，SSE 方案也可能会产生很高的计算成本，而且必须支持文档更新和前向隐私。针对这些问题，本文提出了一种使用简单原始工具的可搜索加密方案。我们提出了一种多用户 SSE 方案，它能有效控制对动态加密文档的访问，从而解决这些问题。我们没有像同类系统那样采用非对称加密，而是利用低复杂度的原始加密工具和基于反索引的 DSSE 来处理检索加密文件的问题，从而大大加快了系统的运行速度。此外，我们在每次搜索后都会刷新加密密钥，这意味着用户无法使用相同的密钥进行后续搜索，而必须从数据所有者那里获得新的密钥，从而确保了更高的安全性。实验评估表明，与其他方案相比，我们的方案实现了前向和第二类后向隐私，并具有更快的搜索性能。在随机甲骨文模型中，我们的方案被认为是安全的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Fast Multi-User Searchable Encryption with Forward and Backward Private Access Control

Untrusted servers are servers or storage entities lacking complete trust from the data owner or users. This characterization implies that the server hosting encrypted data may not enjoy full trust from data owners or users, stemming from apprehensions related to potential security breaches, unauthorized access, or other security risks. The security of searchable encryption has been put into question by several recent attacks. Currently, users can search for encrypted documents on untrusted cloud servers using searchable symmetric encryption (SSE). This study delves deeply into two pivotal concepts of privacy within dynamic searchable symmetric encryption (DSSE) schemes: forward privacy and backward privacy. The former serves as a safeguard against the linkage of recently added documents to previously conducted search queries, whereas the latter guarantees the irretrievability of deleted documents in subsequent search inquiries. However, the provision of fine-grained access control is complex in existing multi-user SSE schemes. SSE schemes may also incur high computation costs due to the need for fine-grained access control, and it is essential to support document updates and forward privacy. In response to these issues, this paper suggests a searchable encryption scheme that uses simple primitive tools. We present a multi-user SSE scheme that efficiently controls access to dynamically encrypted documents to resolve these issues, using an innovative approach that readily enhances previous findings. Rather than employing asymmetric encryption as in comparable systems, we harness low-complexity primitive encryption tools and inverted index-based DSSE to handle retrieving encrypted files, resulting in a notably faster system. Furthermore, we ensure heightened security by refreshing the encryption key after each search, meaning that users are unable to conduct subsequent searches with the same key and must obtain a fresh key from the data owner. An experimental evaluation shows that our scheme achieves forward and Type II backward privacy and has much faster search performance than other schemes. Our scheme can be considered secure, as proven in a random oracle model.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Sensor and Actuator Networks Physics and Astronomy-Instrumentation

CiteScore

7.90

自引率

2.90%

发文量

审稿时长

11 weeks

期刊介绍： Journal of Sensor and Actuator Networks (ISSN 2224-2708) is an international open access journal on the science and technology of sensor and actuator networks. It publishes regular research papers, reviews (including comprehensive reviews on complete sensor and actuator networks), and short communications. Our aim is to encourage scientists to publish their experimental and theoretical results in as much detail as possible. There is no restriction on the length of the papers. The full experimental details must be provided so that the results can be reproduced.