| Along with the popularization and rapid development of cloud computing,cloud storage achieves a reliable data outsourcing service at a relatively low cost.It is a model of data storage in which the digital data is stored in logical pools.Faced with the explosive growth of data in the information era,an increasing number of individuals and enterprises have chosen to outsource their data to cloud servers.However,in order to protect data privacy and deter illegal accesses,the data owner needs to encrypt his data before outsourcing it to the cloud server,which inevitably presents the challenge of how to conduct efficient keyword search over encrypted data.In this situation,searchable symmetric encryption(SSE)has become one of the most important techniques in cloud computing area.SSE schemes allow a data owner to outsource his encrypted data to a cloud server while retaining the ability to perform keyword search over encrypted data.The security guarantees of existing SSE schemes require that the adversary has no access to the data owner's secret keys.Unfortunately,in reality,adversaries may get some or all of the secret keys through memory attacks.Facing such memory leakage,most existing SSE schemes are no longer secure.Currently,known memory leakage-resilient SSE schemes are based on physically unclonable functions(PUFs).These schemes do not consider the possibility of dishonest behaviors on the part of cloud servers at present and therefore do not support the verification of search results.However,dishonest cloud servers may forge search results to reduce computational overhead or tamper with outsourced data for private gain.In order to solve this problem,we study the construction of verifiable SSE schemes in the scenario of memory leakage.Our contributions can be summarized in two folds:First,based on PUFs and a B-tree,we propose a static memory leakage-resilient verifiable SSE scheme.This scheme realizes the memory leakage-resilience by using PUFs to generate secret keys in realtime.In addition,by combining the B-tree with the message authentication code(MAC)function,we construct a two-layered index structure to ensure the search efficiency and verifiability simultaneously.In order to achieve richer functionality,on the basis of the static scheme,we construct a memory leakage-resilient SSE scheme that supports both dynamic updates and verifiable search through a verifiable hash table.The verifiable hash table is a tree data structure that combines the characteristics of binary search trees and Merkle hash trees.It can support the verification of search results through the hash function while ensuring efficient data updates.The main result has been accepted by an international journal,Journal of High Speed Networks.Second,by combining the secret sharing technique with PUFs,our proposed schemes all achieve a reliable key generation algorithm,so that the recovery of secret keys is not affected by broken PUFs.In addition,we prove that the proposed schemes can satisfy the correctness,memory leakage-resilient non-adaptive security and soundness if the cloud server is semi-honest.Finally,we provide a thorough experimental evaluation of our proposed schemes on a Windows laptop.The results show that our schemes are efficient. |
PDF Full Text Request