search on encrypted data
TRANSCRIPT
O Cryptography, derived from Greek words
krptos- secret and graphy- writing
O It is the science of using mathematics to hide
information.
O With the help of Cryptography we can store
sensitive information, or transmit it over insecure
networks (such as the internet) so that it can only
be read by the intended recipient.
O Cryptography is the study or science of secret
communication, while encryption is simply a
component of that science. Encryption is the
process of hiding information, through the use of
ciphers, from everybody except for the one who
has the key.
O Encryption is a direct application of cryptography
O In today's digital world, there are two major types
of ciphers--one based on symmetric and one
based on asymmetric key algorithms.
O Plaintext: message to be sent, in readable
form
O Ciphertext: message in coded form,
unreadable without special information such
as a key
O cryptanalysis: cracking a code - attempting
to decrypt without the required special
information
O Key: A key in cryptography is a long
sequence of bits used by encryption and
decryption algorithms.
O Encryption is the process of converting
readable data (called the plaintext) into a
form which hides its content, called the
ciphertext.
O Decryption is the reverse process, with a
ciphertext converted back into the
corresponding plaintext.
O A given encryption algorithm takes the
plaintext , and a key, and alters the original
message mathematically based on the key's
bits to create a new encrypted message.
O Likewise, a decryption algorithm takes an
encrypted message and restores it to its
original form using one or more keys
O When a user encodes a file, another user
cannot decode and read the file without the
decryption key
O To decode cipher, a user must possess the appropriate decryption key.
O A decryption key consists of a random string of numbers, from 40 through 2,000 bits in length. The key imposes a decryption algorithm onto the data.
O This decryption algorithm reverses the encryption algorithm, returning the data to plaintext.
O The longer the encryption key is, the more difficult it is to decode. For a 40-bit encryption key, over one trillion possible decryption keys exist.
O SYMMETRIC ENCRYPTION: This is the most common type of encryption and uses the same key for encoding and decoding data. This key is known as a session key.
O ASYMMETRIC ENCRYPTION(Public-key encryption): uses two different keys, a public key and a private key. One key encodes the message and the other decodes it. The public key is widely distributed while the private key is secret.
O Searchable encryption is a cryptography primitive
that enables users to search through outsourced
encrypted data without exposing keywords to the
untrusted server [song et al[2]]
O Having the ability of secure search through
outsourced encrypted data should be the core
feature of any searchable encryption
O Secure search through outsourced encrypted data
means authorized user is the only one can search
for any keywords within outsourced data and
unauthorized parties should not learn anything
during search procedure.
O The immediate application for searchable
encryption is cloud storage where the client
outsources its storage, but encrypts its files for
confidentiality beforehand and retains the key.
O The advantage compared to standard encryption
is that the cloud can perform the search operation
without the key and only return a matching subset
for a query.
O Hence, the client does not have to download the
entire data set and search himself.
O In many cases this is an enormous efficiency gain.
O SE consists of three operations.
O ENCRYPTION: Encryption transforms a keyword/file pair using a secret key into a ciphertext.
O TOKEN GENERATION: Using the secret key one can generate a search token for a specific keyword. Using this token,
O SEARCH: one can then search in a set of ciphertexts for those that match the keyword. Hence, one can encrypt, but still search without decryption.
O searchable encryption is composed of two steps
O Storing a special encryption of data on the untrusted third party (Store phase),
O Make an encrypted search query to retrieve the desired information (Search phase).
O Searchable encryption can be categorized in
two fields according to number of involved
key:
O Symmetric searchable encryption (SSE)
O Asymmetric searchable encryption (ASE)
O The main feature of this model of private search is that the user, who encrypts data, is the only user who can perform a search or an update.
O This fact is due to the use of a private key that belongs only to the user and who cannot share with others.
O The symmetric scheme was introduced by GOLDREICH AND R. OSTROVSKY [1] and supposes that the user encrypts his data with a secret key, stores it in the untrusted server, can retrieve his encrypted data then decrypts it with the same key.
O The first searchable symmetric encryption
scheme proposed by Song et al[2]. In the
Song’s scheme, all the words within every
document have to be encrypted in a double
layer ciphertext form called inner layer and
outer layer.
O Server strips the outer layer by using the
trapdoor and checks the inner layer. In order
to make the same verifiable inner layer
structure trapdoor and ciphertext have to be
generated by using the same keyword.
O The first index-based SSE proposed by Goh [3]. Goh’s scheme is based on making a secure index of all the words in a document, which uses multiple different hash functions.
O The method of making that index and searching within that is called bloom filter, which is used in spread spectrum of applications in various areas.
O Then Curtmola [8] proposed another two inverted index-based SSEs, where its search time cost is O(1).
O SSE Consists of four (4) algorithms:
1. Keygen (k): This algorithm takes a security
parameter k and generates a secret key K.
2. BuildIndex (K, D): The index I is produced by
using the secret key K and the document
collection D.
3. Trapdoor(K, w): The trapdoor Tw of the word
w is produced from w and the secret key K.
4. Search(I, T w): Search documents in the
collection D that contain the keyword w
using the trapdoor Tw.
1. Fuzzy Keyword Search over Encrypted Data in Cloud Computing (FKSEDCC) proposed by Jin Li. et al. [7]
2. Phrase Search over Encrypted Data with Symmetric Encryption Scheme proposed by Tang et al.[9]
O The multiuser search allows the owner of the
encrypted data to share with other users the
right to search over these encrypted data.
O In the M-SSE, the data owner can grant or revoke a user from the group of privileged users.
O To add a user, the owner has to give him a key Ku
O The server manages the user revocation by checking for each search queries whether the user has his privilege or not.
O Indeed, each time the owner adds or deletes a user, he generates a new value R, and then he sends it to the server. Using this information, the server may verify the permission of the user.
the group of revoked users changes dynamically, and thus even if a user has a key he cannot retrieve the documents using his trapdoor.
O ASE is a scheme that enables other parties besides the data owner to make queries to the server, as long as having access to the owner’s public key
O Public key Encryption with Keyword Search (PEKS) is a primitive with such functionality that provides delegation of exact-match searches. Boneh et al. in 2004 and Baek et al
O ASE schemes are appropriate in an setting where the party searching over the data is different from the party that generates it.
O ASE allows searches to be carried over cipher-texts, through delegation, and by means of trapdoors issued by the owner of the data.
O As it is important that cipher-texts preserve data privacy, it is also important that trapdoors do not expose the user's search criteria.
O The main advantage of ASE is functionality while the main disadvantages are inefficiency and weaker security guarantees.
O ESE schemes are appropriate in any setting where the
party that searches over the data is different from the
party that generates it and where the keywords are
hard to guess
O The main advantage of efficient ASE is that search is
more efficient than (plain) ASE.
O The main disadvantage, however,is that ESE schemes
are also vulnerable to dictionary attacks.
O mSSE schemes are appropriate in any setting where
many parties wish to search over data that is
generated
O In a mSSE scheme, in addition to being able to
encrypt indexes and generate tokens, the owner of the
data can also add and revoke users’ search privileges
over his data.
O The concept of a PEKS scheme was proposed by
Boneh et al.[10] and Baek et al[11]. who extended
PEKS scheme into a secure channel free PEKS
scheme (SCF-PEKS) which removes the assumption,
a secure channel between users and a server.
O Public Key Encryption with Keyword Search (PEKS in
short) scheme, which is also name searchable public-
key encryption scheme, enables one to search
encrypted documents on the untrusted server without
revealing any information.
O To construct a secure PEKS or SCF-PEKS scheme with
privacy protection, there are some security
requirements needed to achieve as follows:
O Trapdoor indistinguishability
O Ciphertext indistinguishability
O Authorized identity protection (Anonymity)
O User authentication
O Each user may have access to a different set of
documents stored on the server; this can be achieved
by ensuring that each document is encrypted with a
separate per-document key, and arranging for each
user’s client machine to have access to the keys of
the documents that the corresponding user has
access to. Popa et al [15]
O Many applications, such as document sharing, chat,
forums, and calendars, support search over
documents shared by different users.
O This cryptographic scheme that allows a client to
provide a single search token to the server, but still
allows the server to search for that token’s word in
documents encrypted with different keys
O The scheme hides the content of the document and
the words one searches for, and the only information
the server learns is whether some word being
searched for matches a word in a document.
1. O. Goldreich and R. Ostrovsky. Software protection and simulation on Oblivious RAMs.Journal of the ACM, 43(3):431–473, May 1996.
2. D. Song, D. Wagner and A. Perrig. Practical Techniques for Searches on Encrypted Data, IEEE Symposium on Security and Privacy (S&P), 2000, pp.44-55
3. Eu–Jin Goh. Secure indexes. In the Cryptology ePrint Archive, Report 2003/216, March 2004.
4. Reza Curtmola, Juan Garay, Seny Kamara, and Rafail Ostrovsky. Searchable Symmetric Encryption: Improved Definitions and Efficient Constructions, 2006.
5. Y. C. Chang and M. Mitzenmacher. Privacy preserving keyword searches on remote encrypted data. In Applied Cryptography and Network Security Conference (ACNS), 2005.
6. P. Golle, J. Staddon, and B. Waters. Secure conjunctive keyword search over encrypted data. In M. Jakobsson,M. Yung, and J. Zhou, editors, Applied Cryptography and Network Security Conference (ACNS), volume 3089 of LNCS, pages 31–45. Springer-Verlag, 2004.
7. Li, H.,Wang, C., Cao, N., Ren, K., and Lou, W. (2010), “Fuzzy Keyword search over encrypted data in cloud computing”in Proceedings of IEEE INFOCOM 10 Mini-Conference, pp 1-5,doi:10.1109/INFCOM. 2010.5462196
8. R. Curtmola, J. Garay, S. Kamara, and R. Ostrovsky. "Searchable symmetric encryption: improved definitions and efficient constructions," in Proceedings of the 13th ACM conference on Computer and communications security, pp. 79-88.
9. Y. Tang, D. Gu, N. Ding, and H. Lu. "Phrase Search
over Encrypted Data with Symmetric Encryption
Scheme," in Distributed Computing Systems
Workshops (ICDCSW), 2012 32nd International
Conference on, pp. 471-480.
10. D. Boneh, G. D. Crescenzom, R. Ostrovsky, and G.
Rersiano, “Public key encryption with keyword
search,” in Advances in Cryptology – EUROCRYPT
2004, Lecture Notes in Computer Science, vol.
3027,pp. 506{522, Interlaken, Switzerland,
2004. Springer Berlin/Heidelberg.
11. J. Baek, R. Safavi-Naini, and W. Susilo, “Public key encryption with keyword search revisited,” in ICCSA 2008, vol. 5072 of Lecture Notes in Computer Science, pp. 1249{1259, Perugia, Italy, 2008 Springer Berlin/Heidelberg.
12. Karilyn Lao, Richman Lo, & Robert Mastronardi “ENCRYPTION”. Presentation
13. Bellare, M., Boldyreva, A., O’Neill, A.:Deterministic and efficiently searchable encryption. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 535–552.Springer, Heidelberg (2007)
14. Moataz Tarik.”Searcheable Encryption”, Alcatel-Lucent Bell Labs (2012)
15. R. Popa and N. Zeldovich, “Multi-Key Searchable
Encryption”. MIT CSAIL