Verifiable Dynamic Searchable Encryption With Forward Security

Searchable Encryption(SE)is a type of encryption scheme specifically applied to search on ciphertext.In a searchable encryption scheme,documents,indexes,and search tokens are all in an encrypted state,and the server completes the search task without obtaining plaintext information,so the privacy of data is well protected.Forward security and verifiability are hot research issues in this field: the purpose of forward security is to prevent the server from determining whether the updated content contains those keywords searched in the past;Verifiability takes into account that the server maliciously modifies the search data.It requires an additional verification mechanism to ensure that the user can judge whether the search result is correct.However,there are few researches on forward security,verifiability and multi-keyword combined SE schemes.It is necessary to design an appropriate verification mechanism to protect forward security of the SE scheme,and support multi-keyword verification.This article focuses on three hotspots: forward security,verifiable and multi-keyword search.For forward security,performing a lot of research on the existing SE scheme and summarizes the design ideas of the SE scheme that meets the forward security.A verifiable and dynamic ranking searchable encryption scheme(Enabling Verifiable and Dynamic Ranked Search Over Outsourced Data,VDERS)is analyzed,and it is found that the scheme does not meet the forward security.According to the analysis results,proposing an improved scheme with forward security VDERSc based on the state counter.VDERSc maintains the CKA2 security of the original VDERS scheme in terms of confidentiality.Compared with VDERS scheme,analysis and experiments show that VDERSc has better security and performance.Similarly,a forward security analysis was conducted on a scheme that supports range search(Enabling Encrypted Rich Queries in Distributed Key-Value Stores,Enc KV),and it was found that the scheme did not satisfy the propertiy.According to the analysis results,the trapdoor permutation function is introduced to transform the state counter,and the forward private scheme FEnc KV is designed.Maintaining its original confidentiality,a verification mechanism is added to it to support the exact-matched and range-matched mode.Analysis and experiments show that the performance of FEnc KV is slightly lower than that of the original solution,but it has better security.