contact email: [email protected] cic€¦ · cloud side: intel xeon e5-2603v4 1.7 ghz and 32 gb memory...

Achieve Efficient and Verifiable Conjunctive and Fuzzy Queries over Encrypted Data in Cloud Jun Shao (Visiting Professor), Rongxing Lu*, Yunguo Guan, and Guiyi Wei Contact Email: [email protected] Canadian Institute for Cybersecurity (CIC), University of New Brunswick (UNB) . ABSTRACT Due to the high demands of searchability over encrypted data, searchable encryption (SE) has recently received considerable attention and been widely suggested in encrypted cloud storage. Typically, the cloud server is assumed to be honest-but-curious in most SE-based cloud storage systems, i.e., the cloud server should follow the protocol to return valid and complete search results to users. However, this trust assumption is not always true due to some unanticipated situations, such as misconfigurations and malfunctions. Therefore, the function of verifiability of search results becomes crucial for the success of SE-based cloud storage systems. For this reason, many verifiable SE schemes have been proposed; however, they either fail to support query operators “OR”, “AND”, “*” and “?” simultaneously, or require many time-consuming operations. Aiming at addressing this problem, in this paper, we propose a new verifiable SE scheme for encrypted cloud storage. The proposed scheme is characterized by integrating various techniques, i.e., bitmap index, radix tree, format preserving encryption, keyed-hash message authentication code and symmetric key encryption, for achieving efficient and verifiable conjunctive and fuzzy queries over encrypted data in cloud. Detailed security analysis shows that our proposed scheme holds the confidentiality of data and verifiability of search results at the same time. In addition, extensive experiments are conducted, and the results demonstrate our proposed scheme is efficient and suitable for users to retrieve their data from the cloud to their mobile devices. System Model Search Experimental Results Encrypted Files and Index Encrypted files: ′ = ( 1 , ) Encrypted index: Extract keywords from files, and use the obtained keywords to build a radix tree. After that, encrypt the keywords by using format preserving encryption (FPE), and add some necessary values. CIC Encrypted search query: The symbols in the query are encrypted by FPE Search: Search files according to the radix tree by using the encrypted search query, and return the files with the necessary verifiable values The underlying dataset is composed by 15,000 random documents larger than 100 bytes from Wikivoyage, and the underlying radix tree is constructed based on 8,000 keywords parsed from the dataset. Cloud side: Intel Xeon E5-2603v4 1.7 GHz and 32 GB memory running Ubuntu 16.04 LTS User side: Laptop (Intel Core i5-4210U 1.7 GHz and 8 GB memory running Windows 10 Professional), small phone (Kirin 960 and 6 GB memory running Android 7.0) The source code and dataset can be downloaded from http://github.com/guanyg/vsse a. root node b. inner node c. leaf node

Upload: others

Post on 02-Oct-2020

2 views

Category:

Documents

0 download

Report

Download

Embed Size (px):

TRANSCRIPT

Page 1: Contact Email: rlu1@unb.ca CIC€¦ · Cloud side: Intel Xeon E5-2603v4 1.7 GHz and 32 GB memory running Ubuntu 16.04 LTS User side: Laptop (Intel Core i5-4210U 1.7 GHz and 8 GB memory

Achieve Efficient and Verifiable Conjunctive and Fuzzy Queries over Encrypted Data in Cloud

Jun Shao (Visiting Professor), Rongxing Lu*, Yunguo Guan, and Guiyi Wei Contact Email: [email protected]

Canadian Institute for Cybersecurity (CIC), University of New Brunswick (UNB)

ABSTRACT Due to the high demands of searchability over encrypted data, searchable encryption (SE) has recently received considerable attention and been widely suggested in

encrypted cloud storage. Typically, the cloud server is assumed to be honest-but-curious in most SE-based cloud storage systems, i.e., the cloud server should follow the

protocol to return valid and complete search results to users. However, this trust assumption is not always true due to some unanticipated situations, such as

misconfigurations and malfunctions. Therefore, the function of verifiability of search results becomes crucial for the success of SE-based cloud storage systems. For this

reason, many verifiable SE schemes have been proposed; however, they either fail to support query operators “OR”, “AND”, “*” and “?” simultaneously, or require many

time-consuming operations. Aiming at addressing this problem, in this paper, we propose a new verifiable SE scheme for encrypted cloud storage. The proposed scheme

is characterized by integrating various techniques, i.e., bitmap index, radix tree, format preserving encryption, keyed-hash message authentication code and symmetric

key encryption, for achieving efficient and verifiable conjunctive and fuzzy queries over encrypted data in cloud. Detailed security analysis shows that our proposed

scheme holds the confidentiality of data and verifiability of search results at the same time. In addition, extensive experiments are conducted, and the results demonstrate

our proposed scheme is efficient and suitable for users to retrieve their data from the cloud to their mobile devices.

System Model

Experimental Results

Encrypted Files and Index

Encrypted files: 𝑓𝑖′ = 𝐸(𝑘1, 𝑓𝑖)

Encrypted index: Extract keywords from files, and use the obtained keywords to build a radix tree. After

that, encrypt the keywords by using format preserving encryption (FPE), and add some necessary values.

CIC

Encrypted search query: The symbols in the query

are encrypted by FPE

Search: Search files according to the radix tree by

using the encrypted search query, and return the

files with the necessary verifiable values

The underlying dataset is composed by 15,000 random documents larger than 100 bytes from Wikivoyage, and the underlying radix tree is constructed based on

8,000 keywords parsed from the dataset.

Cloud side: Intel Xeon E5-2603v4 1.7 GHz and 32 GB memory running Ubuntu 16.04 LTS

User side: Laptop (Intel Core i5-4210U 1.7 GHz and 8 GB memory running Windows 10 Professional), small phone (Kirin 960 and 6 GB memory running Android 7.0)

The source code and dataset can be downloaded from http://github.com/guanyg/vsse

a. root node

b. inner node c. leaf node

Intel versus AMD: 2 GHz Northwood versus Athlon XP 2000+Title Intel versus AMD: 2 GHz Northwood versus Athlon XP 2000+ Author Ace's Hardware ( Subject 2 GHz Northwood Pentium 4 and

x360 440 G1 - hp.com · Procesor Intel® Core™ i3-8130U z grafično kar tico Intel® UHD 620 (osnovna frekvenca 2,2 GHz, s tehnologijo Intel® Turbo Boost do 3,4 GHz, 4 MB predpomnilnika,

· PDF filescaun ergonomic hermes pubela birou 55l intel core 2 duo [-7500 2.93 ghz 160 gb intel core 2 duo e7400 2.8 ghz 320 gb boxe 2.0 logitech z

Intel(R) Software Guard Extensions Installation Guide for ... · 1.5 Intel®SGXLinux1.5release May2016 1.6 Intel®SGX Linux1.6release September2016 1.7 Intel®SGX Linux1.7release

SECRETARÍA DE LA FUNCIÓN PÚBLICA ANEXO III … · COMPUTADORA PERSONAL TIPO 2 Procesador Intel Core >= Intel® Core i5-6600 (3,3 GHz, hasta 3,9 GHz con Intel Turbo Boost, 6 MB

THE NEXT-GEN INTEL® X86 OPEN HARDWARE SBC · 2016. 9. 6. · THE NEXT-GEN INTEL® X86 OPEN HARDWARE SBC. 2.00 GHZ INTEL ATOM X5-E8000 2.24 GHZ INTEL CELERON N3160 2.56 GHZ INTEL

Intel(R) Core(TM) i7 Desktop Processor - CDWIntEL® COrE™ i7-870 PrOCESSOr IntEL® COrE™ i7-860 PrOCESSOr IntEL® COrE™ i5-750 PrOCESSOr Processor Frequency 2.93 GHz 2.8 GHz

HP EliteBook Folio 9480m Notebook PC Maintenance and ...h10032.Product Name HP EliteBook Folio 9480m Notebook PC Processors Intel® Core® processors: i7-4650U 1.7-GHz (max turbo frequency

HIGHLY INTEGRATED & EXTREMELY RUGGED COMPUTING TABLET · Processor Intel Dual Core i7 @ 1.7 GHz (2.8 GHz Turbo) Memory 16 GB Main DDR3 RAM, 4 MB Smart Cache Storage Two (2) removable