Research On Encrypted Data Queries And Their Applications

With the rapid development and application of cloud computing technology,cloud storage is widely concerned as a typical service in cloud computing.Cloud clients usually encrypt their data and outsource them to the Cloud Service Provider(CSP)to reduce the maintenance of local data as well as computational and storage costs,thereby achieving efficient and secure data sharing for users.Encrypted data comparison allows users to retrieve the relationship of data(>,<,=)without leaking information of ciphertexts to CSP.Range query allows users to select the ciphertexts data comparison within a certain range to retrieve useful informa-tion.To ensure the security and privacy of the data,the data are usually encrypted and stored in the CSP.Although data encryption can protect the security of data to some extent,it will bring some difficulties to the search and query of ciphertexts.Therefore,research and discussions on how to make cloud clients effectively perform ciphertexts comparison and range query has aroused widespread concern in academia and industry.The existing Com-parable Encryption(CE)scheme is aimed at single user for ciphertexts comparison,and it will incur a lot of computational storage overhead in the process of ciphertexts comparison.Most range query schemes do not consider both multidimensional data and the function of verification.In addition,CSP is a semi-trusted third-party server,which can perform some operations maliciously and return partial incorrect results,resulting in the integrity of the returned data being compromised.Therefore,verifying the integrity of data is also an urgent issue.Aiming at requirements of theory and application scenarios,we mainly talk about ciphertexts comparison and integrity verification of the one-dimensional data from the aspects of single user and multiple users,range query and integrity verification of multi-dimensional spatial data,designing different scenarios comparation and query schemes.Specifically,the main contributions can be listed as follows:1.For the existing short comparable encryption scheme(SCE),the order of the plaintexts data can be derived by comparing the order of the one-dimensional ciphertexts data under the premise of ensuring the data security.However,the SCE scheme results in a large amount of computational and storage overhead in the process of ciphertexts comparison and tokens generation.To this end,based on sliding window technology,a short comparable encryption scheme based on sliding window method(SCESW)is proposed from the aspects of single data user.Formal security analysis shows that our scheme can guarantee weak indistinguishability in standard model as well as data security and integrity.The experimental results over real-word dataset demonstrate that the computational and storage overhead of the SCESW scheme is 1/t shorter than that of the SCE scheme.2.Aiming at the existing SCESW scheme,the calculation and storage burden can be ef-fectively reduced.Because the CSP is a semi-trusted third party,the integrity of search results cannot be guaranteed.In this paper,in order to further protect the integrity of one-dimensional ciphertexts data and reduce management overhead,we propose an enhanced SCESW scheme based on location-aware Merkle tree from the aspects of s-ingle data user,namely PT-SCESW.Security analysis proves that PT-SCESW scheme can guarantee both the integrity and weak indistinguishability of the standard model.The experimental results over real-word dataset analysis show that the PT-SCESW scheme is effective and feasible in practical applications,especially for smaller and smarter devices.3.Traditional CE schemes do not support multi users scenarios and incur a lot of com-putational storage overhead during ciphertexts comparison.In order to make the com-parison of one-dimensional ciphertexts data and the actual application requirements.In this paper,in order to combine the auction system and the scenario of consider-ing multi data users,we use SCESW scheme and multi-linear mapping to propose an Efficient first-price sealed-bid Auction scheme(EFSA)with supporting multi-user.EFSA schemes allow multiple bidders to participate in an auction at the same time,and only one round communication is needed to obtain the first-price bidder according to the one-dimensional ciphertexts data.EFSA scheme significantly reduces bidders'computational and storage costs compared to existing schemes.The formal security analysis proves that EFSA scheme can achieve weak indistinguishability in standard model.Moreover,simulation results over real-word dataset show that EFSA scheme is efficient and feasible in practice.4.For the existing range query schemes,most of them focus on the range query of one-dimensional data and sometimes do not consider the function of verification.Spatial range query has attracted wide-spread research attention due to the popularity of the geo-positioning technologies and geo-location services.To efficiently support spatial range query processing,the data owner required to outsource their spatial data and the query processing service to the service provider.However,outsourcing services may lead to privacy leaking issues because the service provider may be untrusted for both the data owner and the data user.Therefore,we take two-dimensional spatial data as an example to consider the range query of multi-dimensional spatial data.We first propose and formalize the Verifiable Spatial Range Query(VSRQ)scheme that uses the Hierarchical Cell based Encoding(HCE)method and G-tree to achieve range query of the encrypted spatial data.Next,to effectively verify the soundness and completeness of the encrypted spatial data,we leverage an accumulator-based technology.Then we give the enhanced VSRQ scheme to support multi-dimensional range query.At last,formal security analysis and comprehensive experiments demonstrate that our VSRQ scheme and enhanced VSRQ scheme achieve practical performance while supporting spatial range query and result integrity.