Shared and searchable encrypted data for untrusted servers
Citations
Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption
Securing Personal Health Records in Cloud Computing: Patient-Centric and Fine-Grained Data Access Control in Multi-owner Settings
Authorized Private Keyword Search over Encrypted Data in Cloud Computing
Securing Personal Health Records in Cloud Computing: Patient-Centric and Fine-Grained Data Access Control in Multi-owner Settings
A Survey of Provably Secure Searchable Encryption
References
A method for obtaining digital signatures and public-key cryptosystems
Practical techniques for searches on encrypted data
Public Key Encryption with Keyword Search
A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms
Foundations of Cryptography: Volume 2, Basic Applications
Related Papers (5)
Frequently Asked Questions (20)
Q2. What have the authors stated for future works in "Shared and searchable encrypted data for untrusted servers" ?
One aspect of their future work is to achieve access pattern privacy. By combining PIR, the search queries can be executed without revealing the access pattern to the server. Another possible extension may be to integrate bucketization [ 17, 18 ]. Range queries can be translated into querying a set of bucket tags.
Q3. What is the cost of encrypting data?
Bucketization has relatively small performance overhead and enables more complex queries such as range queries and comparison queries at the cost of revealing more information about the encrypted data.
Q4. What is the probability that an adversary can use A′ to break the system?
A′ who controls up to n servers can break the system with non-negligible probability, then in a single-server setting an adversary A can use
Q5. What is the main reason for outsourcing data storage?
To reduce the increasing costs of storage management, many organizations would like to outsource their data storage to third party service providers.
Q6. What is the definition of a multi-user searchable data encryption scheme?
A multi-user searchable data encryption scheme is a tuple of probabilistic polynomial time algorithms (Init, Keygen, Enc, Re-enc, Trapdoor, Search, Dec, Revoke) such that:• The initialisation algorithm Init(1k) is run by the KMS which takes as input the security parameter 1k and outputs master public parameters Params and a master key set MSK.•
Q7. What is the common approach for encrypting data?
Asymmetric keys allow multiple users to encrypt data using the public key, but only the user who has the private key can search and decrypt the data.
Q8. What is the main weakness of the scheme?
A weakness of their scheme and most of the other keyword-based search schemes is thatthe server knows the access pattern of the users which allows it infer some information about the queries.
Q9. what is the definition of a multi-user searchable data encryption scheme?
A Multi-user Searchable Data Encryption scheme is a mechanism such that a group of authorised users can share encrypted documents and perform keyword search on the encrypted documents without decrypting them.
Q10. What is the way to decrypt encrypted data?
Authorised users can retrieve an encrypted file by its identifier and decrypt it using a key obtained from the owner of the file.
Q11. What are the main reasons people are demanding more storage space from service provider?
People are demanding more storage space from service provider for various reasons: data backup [1], sharing photos and videos with family and friends [2] or even to manage their medical record [3].
Q12. What is the intuition of using document identifiers?
The intuition of using document identifiers is that the adversaries can identify the documents but should not learn anything about the content of the documents.
Q13. What is the definition of non-adaptive indistinguishability security?
non-adaptive indistinguishability security means that given two non-adaptively generated query histories with the same length and outcome, no PPT adversary can distinguish one from another based on what it can “see” in the interaction.
Q14. What is the way to encrypt a document?
However in practice, the document can be encrypted by a more efficient hybrid encryption scheme, where a secure symmetric cipher is chosen to encrypt the document under a random key and the random key is then encrypted under PE-U-Enc.
Q15. What is the ciphertext used to decrypt?
The user sends id(Di) to the server which locates the ciphertext from the data storage and runs the data pre-decryption algorithm.
Q16. What is the probability of a g3 being a random group element?
There are two cases to consider: Case 1: If g3 = gγ , the authors know that gγ is a random group element of G because γ is chosen at random.
Q17. What is the revocability of the DDH problem?
It follows from the above theorems that as long as the server is honest and the authorised users can protect their keys, revocability is guaranteed.
Q18. What is the scheme for searching encrypted data?
Goh’s scheme [15] enables searches on encrypted data that employed a secure index based on a bloom filter which has low storage overheads.
Q19. What is the assumption that a collusion attack is possible?
The assumption is that a collusion attack is only possible when all the SSPs involved collude and the SSPs are competitors thus are unlikely to co-operate in such a collusion.
Q20. What is the common way to search encrypted data?
All the encrypted search schemes above for searches on encrypted data rely on secret keys, which implies single user access or sharing keys among a group of users.