Research On Several Issues Of Verifiable Search Over Encrypted Data Technique

As one of the most typical services in cloud computing,cloud storage becomes popular with a considerable number of enterprises and individuals,and outsourcing data to cloud server cloud clients can greatly reduce the local data computation and maintenance burden.However,in practical applications,the cloud service provider(CSP)is always assumed as a honest-but-curious entity,which it will honestly follow the designed protocols but it is curi-ous to deduce sensitive information.To guarantee the data security and privacy,the sensitive data is generally stored on CSP with the form of ciphertext.Though encryption is considered as a simple and efficient solution to protect data confidentiality,it makes retrieval over en-crypted data extremely difficult.Therefore,exploring an efficient searchable encryption(SE)technique which allows cloud clients to securely search according to keywords and selec-tively retrieve files of interest has attracted great attention in both industry and academia fields.To the best of our knowledge,most of existing SE schemes cannot support flexible search,such as conjunctive keyword search,range search,comparison search,and so on.Single keyword search cannot quickly locate the required documents and will return much irrelevant ciphertext,which leads to huge waste of computation and bandwidth resources.Besides,in semi-trusted cloud computing environment,the semi-honest CSP may execute a fraction of search operations and return a fraction of incorrect or forged search results to hide data loss accidents or save its computation resources.Therefore,the SE scheme equipped with search results verification mechanism is of prime importance,and becomes one of key research problems in the information retrieval field.Aiming at the various requirements in practical applications,we propose several verifiable SE schemes which are enriched with distinct functional advantages.Specifically,the main contributions of our work can be summarized as follows:1.The traditional SE schemes need to build a secure channel in the trapdoor transmission process,while building secure channel will incur heavy computation and communication overhead.To this end,we devise a cryptographic primitive called as verifiable conjunctive keyword search over encrypted data without secure channel scheme which can guarantee both data confidentiality and integrity.Through utilizing a designated tester this scheme can remove the secure channel,and it also can verify the accuracy of search results with the remote data checking(RDC)technique.Besides,this scheme overcomes the inherent shortcomings of random oracle and avoids returning many irrelevant search results caused by single keyword search,the formal security analysis proves that this scheme is secure against outside keyword guessing attack.Furthermore,the empirical experiments over real-world dataset demonstrate that this scheme is feasible in practical applications.2.To solve the problems that the traditional SE schemes cannot support dynamic data-owner(DO)setting and incur heavier computational burden when updating the whole original ci-phertetx,we propose a verifiable keyword search over encrypted data scheme which supports dynamic DO setting.Additionally,we use the RDC technique to protect data integrity so as to avoid CSP returning incorrect search results.When the original DO leaves or is re-voked from the trust domain,the new DO who gains the data ownership has to update the original ciphertetx.Through utilizing the proxy re-encryption(PRE)technique,the new DO enables CSP to update a small part of original ciphertext without bringing in extra compu-tational burden.With the powerful private audit server(PAS)rather than data user(DU)himself this scheme can verify the accuracy of search results,so it is of significant impor-tance for computation resource-limited entities(such as mobile device,sensor node,and so on).Rigorous security analysis proves that this scheme is secure against chosen keyword attack without random oracle.Moreover,we conduct empirical experiments over real-world dataset to show its efficiency in practice.3.To tackle the problems that the existing SE schemes cannot support DO updating and multi-keyword search,we present a verifiable conjunctive keyword search over encrypted data in dynamic DO setting.To reduce the heavy computational burden caused by updating the whole original ciphertext and avoid false search results returned by the semi-honest CSP,we exploit the PRE and data auditing techniques to achieve the goals of updating a small part of original ciphertext and protecting data integrity,respectively.Besides,to quickly and accurately locate the required records,this scheme allows the new DO to issue a single search query containing several keywords.Moreover,we formally prove that this scheme is secure against keyword guessing attack in standard model,and performance tests over real-world dataset show that the computational cost in this scheme is acceptable in practice.4.To address the problem that the existing SE schemes cannot support the challenging multi-data owner setting,we show a verifiable keyword search over encrypted data in challenging multi-data owner setting,while the traditional multi-data owner setting just considers mul-tiple DOs who upload distinct data to cloud server.In this challenging multi-data owner setting,each record is co-owned by a fixed number of DOs(such as each patient medical record is controlled by several doctors).Thus,this scheme enhances the data access control and is close to requirements in practical applications.Through multisignatures and data au-diting techniques this scheme can effectively guarantee the data integrity.The strict security analysis proves that this scheme is secure against chosen keyword attack without random oracle,and empirical experiments over real-world dataset show that this scheme can gain a broad range of applications in practice.