ABSTRACT
Cloud computing promises users massive scale outsourced data storage services with much lower costs than traditional methods. However, privacy concerns compel sensitive data to be stored on the cloud server in an encrypted form. This posts a great challenge for effectively utilizing cloud data, such as executing common SQL queries. A variety of searchable encryption techniques have been proposed to solve this issue; yet efficiency and scalability are still the two main obstacles for their adoptions in real-world datasets, which are multi-dimensional in general. In this paper, we propose a tree-based public-key Multi-Dimensional Range Searchable Encryption (MDRSE) to overcome the above limitations. Specifically, we first formally define the leakage function and security of a tree-based MDRSE. Then, by leveraging an existing predicate encryption in a novel way, our tree-based MDRSE efficiently indexes and searches over encrypted cloud data with multi-dimensional tree structures (i.e., R-trees). Moreover, our scheme is able to protect single-dimensional privacy while previous efficient solutions fail to achieve. Our scheme is selectively secure, and through extensive experimental evaluation on a large-scale real-world dataset, we show the efficiency and scalability of our scheme.
- S. Agrawal, S. Agrawal, S. Badrinarayanan, A. Kumarasubramanian, M. Prabhakaran, and A. Sahai. Function Private Functional Encryption and Property Preserving Encryption: New Definitions and Positive Resuslts. https://eprint.iacr.org/2013/744.Google Scholar
- M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. H. Katz, A. Konwinski, G. Lee, D. A. Patterson, A. Rabkin, I. Stoica, and M. Zaharia. A View of Cloud Computing. Communications of the ACM, 53(4):50--58, Apirl 2010. Google ScholarDigital Library
- G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song. Provable Data Possession at Untrusted Stores. In Proc. of ACM CCS'07, pages 598--610, 2007. Google ScholarDigital Library
- M. Bellare, A. Boldyreva, and A. O'Neill. Deterministic and Efficiently Searchable Encryption. In Proc. of CRYPTO'07, pages 535--552, 2007. Google ScholarDigital Library
- J. L. Bentley. Multidimensional Binary Search Trees Used for Associative Searching. Communications of the ACM, 18(9):509--517, 1975. Google ScholarDigital Library
- J. L. Bentley. Decomposable Searching Problems. Information Processing Letters, 8(5):201--244, 1979.Google ScholarCross Ref
- D. Boneh, G. D. Crescenzo, R. Ostrovsky, and G. Persiano. Public Key Encryption with Keyword Search. In Proc. of EUROCRYP'04, pages 506--522, 2004.Google ScholarCross Ref
- D. Boneh, A. Sahai, and B. Waters. Functional Encryption: A New Vision for Public Key Cryptography. Communications of the ACM, 55(11):56--64, 2012. Google ScholarDigital Library
- D. Boneh and B. Waters. Conjunctive, Subset, and Range Queries on Encrypted Data. In Proc. of TCC'07, pages 535--554, 2007. Google ScholarDigital Library
- X. Boyen and B. Waters. Anonymous Hierarchical Identity-Based Encryption (Without Random Oracles). In Proc. of CRYPTO'06, pages 290--307, 2006. Google ScholarDigital Library
- N. Cao, C. Wang, M. Li, K. Ren, and W. Lou. Privacy-Preserving Multi-keyword Ranked Search over Encrypted Cloud Data. In Proc. of IEEE INFOCOM'11, pages 829--837, 2011.Google ScholarCross Ref
- D. Cash, J. Jaeger, S. Jarecki, C. Jutla, H. Krawczyk, M.-C. Rosu, and M. Steiner. Dynamic Searchable Encryption in Very-Large Databases: Data Structures and Implementation. In Proc. of NDSS'14, 2014.Google ScholarCross Ref
- D. Cash, S. Jarecki, C. Jutla, H. Krawczyk, M.-C. Rosu, and M. Steiner. Highly-Scalable Searchable Symmetric Encryption with Support for Boolean Queries . In Proc. of CRYPTO'13, pages 353--373, 2013.Google ScholarCross Ref
- Y.-C. Chang and M. Mitzenmacher. Privacy Preserving Keyword Searches on Remote Encrypted Data. In Proc. of ACNS'05, pages 442--455, 2005. Google ScholarDigital Library
- R. Curtmola, J. A. Garay, S. Kamara, and R. Ostrovsky. Searchable Symmetric Encryption: Improved Definitions and Efficient Constructions. In Proc. of ACM CCS'06, pages 79--88, 2006. Google ScholarDigital Library
- P. Golle, J. Staddon, and B. Waters. Secure Conjunctive Keyword Search over Encrypted Data. In Proc. of ACNS'04, pages 31--45, 2004.Google ScholarCross Ref
- A. Guttman. R-Trees: A Dynamic Index Structure for Spatial Searching. In Proc. of ACM SIGMOD'84, pages 47--57, 1984. Google ScholarDigital Library
- S. Hwang, K. Kwon, S. Cha, and B. Lee. Performance Evaluation of Main-Memory R-tree Variants. In Advances in Spatial and Temporal Databases, 2003.Google ScholarCross Ref
- S. Kamara and C. Papamanthou. Parallel and Dynamic Searchable Symmetric Encryption. In Proc. of FC, pages 258--274, 2013.Google ScholarCross Ref
- S. Kamara, C. Papamanthou, and T. Roeder. Dynamic Searchable Symmetric Encryption. In Proc. of ACM CCS'12, pages 965--976, 2012. Google ScholarDigital Library
- J. Katz and Y. Lindell. Introduction to Modern Cryptography. CRC Press, 2007. Google ScholarDigital Library
- J. Katz, A. Sahai, and B. Waters. Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products. In Proc. of EUROCRYPT'08, pages 146--162, 2008. Google ScholarDigital Library
- J. Lai, X. Zhou, R. H. Deng, Y. Li, and K. Chen. Expressive Search on Encrypted Data. In Proc. of ACM ASIACCS'13, pages 243--251, 2013. Google ScholarDigital Library
- M. Li, S. Yu, N. Cao, and W. Lou. Authorized Private Keyword Search over Encrypted Data in Cloud Computing. In Proc. of IEEE ICDCS'11, pages 383--392, 2011. Google ScholarDigital Library
- Y. Lu. Privacy-Preserving Logarithmic-time Search on Encrypted Data in Cloud. In Proc. of NDSS'12, 2012.Google Scholar
- T. Okamoto and K. Takashima. Hierarchical Predicate Encryption for Inner-Products. In Proc. of ASIACRYPT'09, pages 214--231, 2009. Google ScholarDigital Library
- E. Shen, E. Shi, and B. Waters. Predicate Privacy in Encryption Systems. In Proc. of TCC'09, pages 457--473, 2009. Google ScholarDigital Library
- E. Shi, J. Bethencourt, T.-H. H. Chan, D. Song, and A. Perrig. Multi-Dimensional Range Query over Encrypted Data. In Proc. of IEEE S&P'07, pages 350--364, 2007. Google ScholarDigital Library
- D. Song, D. Wagner, and A. Perrig. Practical Techniques for Searches on Encrypted Data. In Proc. of IEEE S&P'00, pages 44--55, 2000. Google ScholarDigital Library
- E. Stefanov, C. Papamanthou, and E. Shi. Practical Dynamic Searchable Encryption with Small Leakage. In Proc. of NDSS'14, 2014.Google ScholarCross Ref
- E. Stefanov, M. van Dijk, E. Shi, C. Fletcher, L. Ren, X. Yu, and S. Devadas. Path ORAM: An Extremely Simple Oblivious RAM Protocol. In Proc. of ACM CCS'13, pages 299--310, 2013. Google ScholarDigital Library
- W. Sun, B. Wang, N. Cao, M. Li, W. Lou, Y. T. Hou, and H. Li. Privacy-Preserving Multi-keyword Text Search in the Cloud Supporting Similarity-based Ranking. In Proc. of ACM AISACCS'13, pages 71--82, 2013. Google ScholarDigital Library
- C. Wang, N. Cao, J. Li, K. Ren, and W. Lou. Secure Ranked Keyword Search over Encrypted Cloud Data. In Proc. of ICDCS'10, pages 253--262, 2010. Google ScholarDigital Library
- P. Wang and C. V. Ravishankar. Secure and Efficient Range Queries on Outsourced Databases Using R-trees. In Proc. of IEEE ICDE'13, pages 314--325, 2013. Google ScholarDigital Library
- Z. Yang, S. Zhong, and R. N. Wright. Privacy-Preserving Queries on Encrypted Data. In Proc. of ESORICS'06, pages 479--495, 2006. Google ScholarDigital Library
- M. Zhang and T. Takagi. GeoEnc: geometric are based keys and policies in functional encrytion systems. In Proc. of ACISP'11, pages 241--258, 2011. Google ScholarDigital Library
Index Terms
- Maple: scalable multi-dimensional range search over encrypted cloud data with tree-based index
Recommendations
Efficient Multi-Function Data Sharing and Searching Mechanism for Cloud-Based Encrypted Data
ASIA CCS '16: Proceedings of the 11th ACM on Asia Conference on Computer and Communications SecurityOutsourcing a huge amount of local data to remote cloud servers that has been become a significant trend for industries. Leveraging the considerable cloud storage space, industries can also put forward the outsourced data to cloud computing. How to ...
POPE: Partial Order Preserving Encoding
CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications SecurityRecently there has been much interest in performing search queries over encrypted data to enable functionality while protecting sensitive data. One particularly efficient mechanism for executing such queries is order-preserving encryption/encoding (OPE) ...
Ensuring correctness of range searches on encrypted cloud data
CLOUDCOM '12: Proceedings of the 2012 IEEE 4th International Conference on Cloud Computing Technology and Science (CloudCom)We target at one newly introduced security concern which is not fully addressed when moving (encrypted) data to the cloud, namely, the security of the search results from the cloud. The cloud storage provider (CSP) might be compromised or simply act ...
Comments