| As the development of the Internet,cloud storage has become one of the most popular data storage solution.By outsourcing their data to the cloud server,users can lower their cost of storage and can use these data from any devices which has access to the Internet regardless of the time and location.These cloud storage services undoubtedly bring some convenience,but also some problems.What is most crucial are privacy and security concerns.In the model of cloud storage,data assemblies in those cloud servers,which makes them attracts more hackers.Once these cloud services encountered data leakage due to security system vulnerabilities or their own unexcepted situation of their system will also affect a large number of users.Similar events include Apple iCloud celebrity leak,Dropbox password leak and medical data leak on Amazon.In this case,it would be wise to encrypt the data before uploading them to the cloud server to reduce the impact of the data breach.As the amount of data in cloud storage increases,users need an efficient mechanism to extract the required files to local storage.However,traditional searching index cannot be applied in encrypted cloud storage.Hence,an encrypted index should be associated with the underlying encryption scheme,which results in the so-called searchable encryption(SE).Typically,the cloud server is assumed to be honest-but-curious in most SE-based cloud storage systems,i.e.,the cloud server should follow the protocol to return valid and complete search results to users.However,this trust assumption is not always true due to some unanticipated situations,such as misconfigurations and malfunctions.Cloud servers may return invalid or incomplete results under these circumstances.Therefore,the function of verifiability of search results becomes crucial for the success of SE-based cloud storage systems.It ensures that users can search the cloud service for a valid and complete set of files that match the search query.For this reason,many verifiable SE schemes have been proposed.However,most of them cannot support both "OR","AND","*" and "?"search operators,which are common in normal storage systems and allow users to combine keywords to produce more accurate search results.Others support these operators at the same time but introduce time-consuming operations,such as bilinear pairings,that might be acceptable on a PC.However,with the popularity of mobile devices such as smart phones,more and more users use these resource-constrained devices to access the Internet,and the time and energy consumption of these time-consuming operations on these devices become less acceptable.Aiming at addressing this problem,in this paper,we propose a new verifiable SE scheme for encrypted cloud storage.The proposed scheme is characterized by integrating various techniques for achieving efficient and verifiable conjunctive and fuzzy queries over encrypted data in cloud.Specifically,the scheme has the following features:(1)By combining bitmap index,radix tree,format preserving encryption,keyed-hash message authentication code and symmetric key encryption technologies,a novel verifiable SE scheme supporting both "OR","AND","*",and"?" search operators is proposed in this paper.(2)The scheme proposed in this paper is also efficient in calculation.The most time-consuming operations in this scheme are hash algorithms and symmetric key encryption,which are generally considered to be lightweight operations.(3)In this paper,a prototype is also implemented to verify the proposal,and the experimental results show that searching and validating operations are efficient in computation.Detailed security analysis shows that our proposed scheme holds the confidentiality of data and verifiability of search results at the same time.In addition,extensive experiments are conducted,and the results demonstrate our proposed scheme is efficient and suitable for users to retrieve their data from the cloud to their mobile devices. |
PDF Full Text Request