Study On Verifiable Update And Search On Encrypted Database In Cloud Computing

Cloud computing,the new term for the long dreamed vision of computing as a utility,which integrates the techniques of parallel computing,grid computing,distributed computing,network storage and virtualization etc.Cloud computing provides the resources of computation and storage to resource-constrained clients by means of outsourcing paradigm in order to alleviate the burden of software development and hardware maintenance.Cloud storage is another well-known service that is closely associated with cloud computing.That is,it allows the resource-limited enterprises and individual clients to outsource their large encrypted database which can not be stored locally into the cloud storage servers and enjoy unlimited data services in a ubiquitous and pay-per-use manner.Despite of plenty of advantages,cloud storage inevitably suffers from some new security challenges.Firstly,the privileges of ownership and management are separated after the database has been stored in the cloud servers.The first important security challenge is how to prevent the dishonest cloud servers from tampering with the database.Particularly,it is much difficult to ensure the integrity of database in the case of dynamic database.Secondly,the database often contains some sensitive information that should not be exposed to the dishonest cloud servers.Thus,the client should firstly encrypt the database and then store the encrypted version on the servers.However,it is very difficult or inefficient to perform meaningful operations(such as queries and searches)over the encrypted database.Last but not the least important,the dishonest cloud servers may return a computationally indistinguishable(invalid)result due to financial incentives.Therefore,another important security challenge is how to efficiently verify the validity of the output results returned by the could servers.In recent years,plenty of researchers have devoted considerable efforts to the problem of secure outsourcing of database in cloud storage.The primitive of verifiable database with efficient updates(VDB,for short)can solve the above three security challenges.However,the existing VDB schemes still suffer from the following problems: Firstly,traditional VDB schemes only support the updating operation of replacement(i.e.,updating a record by assigning a new value),rather than other updating operations such as insertion or deletion.Secondly,traditional VDB schemes only focused on the type of No SQL databases.Thus,the client can only perform the basic query with a certain index.That is,all the existing VDB schemes never consider other query operations such as the general keyword-based queries.In this dissertation,we first study the problems of designing VDB schemes that support allupdating operations(replacement,deletion and insertion)and efficient keyword searches.The contributions of this dissertation are summarized as follows:· We firstly address the problem of designing efficient VDB schemes that support allkinds of updating operations(replacement,deletion and insertion),whereas the previous existing VDB schemes can only support the replacement operations.Besides,we propose the first concrete VDB scheme supporting all kinds of update operations based on the primitive of hierarchical vector commitment with multi-levels.The overhead of an insertion(or deletion)operation is almost the same as that of a replacement operation,thus the proposed construction is as efficient as the existing VDB schemes from vector commitment.Furthermore,the proposed VDB scheme can achieve the private and public verifiability.(Chapter 3,the main work has been published at Journal of Computer and System Science,86,49-58,2017)· We introduce a new primitive called Merkle sum hash tree(MSHT)which can beviewed as an extension of Merkle hash tree(MHT).Besides,we use MSHT as a main building block to design a new VDB scheme from delegating polynomial functions that support all updating operations.An interesting property of our scheme is that all updating operations can be viewed as a special case of replacement in the BenabbasGennaro-Vahlis VDB scheme.Note that the number of leaves in the MSHT is always identical and the input of leaves is independent of the value of data records(but dependent on the number of data records).As a result,the updating procedure of MSHT is much more efficient in any cases.Thus,our VDB construction is almost as efficient as Benabbas-Gennaro-Vahlis VDB scheme and practical for real-world applications.(Chapter 4,the main work has been published at IEEE Transaction on Information Forensics and Security,13(2),511-520,2018)· We point out that all existing VDB schemes can only support the query and updat-ing operations for a certain index performed by the client.Besides,we give a twolayer verifiable index structure and then use it to propose the first VDB framework that supports efficient keyword search based on the idea of vector commitment and MHT.Also,the framework can ensure the(public or private)verifiability of dynamic database and thus preserve all properties of VDB schemes.Furthermore,the proposed VDB construction can be easily extended to expressive searches,i.e.,Boolean query.As a result,any searchable encryption scheme can be used as building block of our framework in a black box manner,which enhances the usability of our proposed VDBscheme.(Chapter 5,the main work has been published at Information Sciences,475,18-28,2019).