Full Text:   <2005>

Summary:  <1125>

CLC number: TP309

On-line Access: 2020-01-13

Received: 2018-03-28

Revision Accepted: 2018-08-05

Crosschecked: 2019-08-12

Cited: 0

Clicked: 3741

Citations:  Bibtex RefMan EndNote GB/T7714

 ORCID:

Mukti Padhya

http://orcid.org/0000-0002-0498-4188

-   Go to

Article info.
Open peer comments

Frontiers of Information Technology & Electronic Engineering  2019 Vol.20 No.12 P.1717-1748

http://doi.org/10.1631/FITEE.1800192


MULKASE: a novel approach for key-aggregate searchable encryption for multi-owner data


Author(s):  Mukti Padhya, Devesh C. Jinwala

Affiliation(s):  Department of Computer Engineering, Sardar Vallabhbhai National Institute of Technology, Surat 394000, India; more

Corresponding email(s):   mukti.padhya@yahoo.in, dcjinwala@gmail.com

Key Words:  Searchable encryption, Cloud storage, Key-aggregate encryption, Data sharing


Share this article to: More <<< Previous Article|

Mukti Padhya, Devesh C. Jinwala. MULKASE: a novel approach for key-aggregate searchable encryption for multi-owner data[J]. Frontiers of Information Technology & Electronic Engineering, 2019, 20(12): 1717-1748.

@article{title="MULKASE: a novel approach for key-aggregate searchable encryption for multi-owner data",
author="Mukti Padhya, Devesh C. Jinwala",
journal="Frontiers of Information Technology & Electronic Engineering",
volume="20",
number="12",
pages="1717-1748",
year="2019",
publisher="Zhejiang University Press & Springer",
doi="10.1631/FITEE.1800192"
}

%0 Journal Article
%T MULKASE: a novel approach for key-aggregate searchable encryption for multi-owner data
%A Mukti Padhya
%A Devesh C. Jinwala
%J Frontiers of Information Technology & Electronic Engineering
%V 20
%N 12
%P 1717-1748
%@ 2095-9184
%D 2019
%I Zhejiang University Press & Springer
%DOI 10.1631/FITEE.1800192

TY - JOUR
T1 - MULKASE: a novel approach for key-aggregate searchable encryption for multi-owner data
A1 - Mukti Padhya
A1 - Devesh C. Jinwala
J0 - Frontiers of Information Technology & Electronic Engineering
VL - 20
IS - 12
SP - 1717
EP - 1748
%@ 2095-9184
Y1 - 2019
PB - Zhejiang University Press & Springer
ER -
DOI - 10.1631/FITEE.1800192


Abstract: 
Recent attempts at key-aggregate searchable encryption (KASE) combine the advantages of searching encrypted data with support for data owners to share an aggregate searchable key with a user delegating search rights to a set of data. A user, in turn, is required to submit only one single aggregate trapdoor to the cloud to perform a keyword search across the shared set of data. However, the existing KASE methods do not support searching through data that are shared by multiple owners using a single aggregate trapdoor. Therefore, we propose a MULKASE method that allows a user to search across different data records owned by multiple users using a single trapdoor. In MULKASE, the size of the aggregate key is independent of the number of documents held by a data owner. The size of an aggregate key remains constant even though the number of outsourced ciphertexts goes beyond the predefined limit. Security analysis proves that MULKASE is secure against chosen message attacks and chosen keyword attacks. In addition, the security analysis confirms that MULKASE is secure against cross-pairing attacks and provides query privacy. Theoretical and empirical analyses show that MULKASE performs better than the existing KASE methods. We also illustrate how MULKASE can carry out federated searches.

MULKASE:一种针对多个所有者数据的新型密钥聚合可搜索加密方法

摘要:最新密钥聚合可搜索加密(KASE)尝试将搜索加密数据与支持数据所有者相结合,共享一个聚合的可搜索密钥;该密钥授权用户搜索数据。相应地,用户需提交一个单一聚合陷门至云端,在共享数据集上执行关键词搜索。然而,现有KASE方法不支持使用单一聚合陷门在由多个所有者共享的数据上搜索。因此,本文提出MULKASE方法,该方法允许用户使用单一陷门在由多用户拥有的不同数据记录上搜索。在MULKASE方法中,聚合密钥尺寸不依赖于数据所有者拥有的文档数量,即使外包密文数量超出预定限值,聚合密钥尺寸维持不变。安全性分析证实MULKASE方法对所选消息攻击和关键词攻击安全,亦证实该方法对交叉配对攻击安全,且提供查询隐私。理论和实验分析表明MULKASE方法性能优于现有KASE方法。文中还演示了MULKASE方法如何执行联合搜索。

关键词:可搜索加密;云存储;密钥聚合加密;数据共享

Darkslateblue:Affiliate; Royal Blue:Author; Turquoise:Article

Reference

[1]Akl SG, Taylor PD, 1983. Cryptographic solution to a problem of access control in a hierarchy. ACM Trans Comput Syst, 1(3):239-248.

[2]Arya D, Ha-Thuc V, Sinha S, 2015. Personalized federated search at LinkedIn. Proc 24th ACM Int Conf on Information and Knowledge Management, p.1699-1702.

[3]Atallah MJ, Blanton M, Fazio N, et al., 2009. Dynamic and efficient key management for access hierarchies. ACM Trans Inform Syst Secur, 12(3), Article 18.

[4]Ateniese G, de Santis A, Ferrara AL, et al., 2006. Provably-secure time-bound hierarchical key assignment schemes. Proc 13th ACM Conf on Computer and Communications Security, p.288-297.

[5]Banu AS, 2015. Efficient data sharing in cloud medium with key aggregate cryptosystem. Netw Commun Eng, 7(3):118-121.

[6]Bao F, Deng RH, Ding XH, et al., 2008 Private query on encrypted data in multi-user settings. Proc 4th Int Conf on Information Security Practice and Experience, p.71-85.

[7]Bethencourt J, Sahai A, Waters B, 2007. Ciphertext-policy attribute-based encryption. Proc Symp on Security and Privacy, p.321-334.

[8]Boneh D, di Crescenzo G, Ostrovsky R, et al., 2004. Public key encryption with keyword search. Int Conf on the Theory and Applications of Cryptographic Techniques, p.506-522.

[9]Chame SD, Kumar A, 2015. A noval approach key aggregate cryptosystem for resizable data sharing in cloud storage. Int Res J Eng Technol, 7(2):508-512.

[10]Chang YC, Mitzenmacher M, 2005. Privacy preserving keyword searches on remote encrypted data. Proc 3rd Int Conf on Applied Cryptography and Network Security, p.442-455.

[11]Cheon JH, 2006. Security analysis of the strong Diffie-Hellman problem. Proc 24th Annual Int Conf on the Theory and Applications of Cryptographic Techniques, p.1-11.

[12]Cheung L, Newport C, 2007. Provably secure ciphertext policy ABE. Proc 14th ACM Conf on Computer and Communications Security, p.456-465.

[13]Chu CK, Chow SSM, Tzeng WG, et al., 2014. Key-aggregate cryptosystem for scalable data sharing in cloud storage. IEEE Trans Parall Distrib Syst, 25(2):468-477.

[14]Cui BJ, Liu ZL, Wang LY, 2016. Key-aggregate searchable encryption (KASE) for group data sharing via cloud storage. IEEE Trans Comput, 65(8):2374-2385.

[15]Curtmola R, Garay J, Kamara S, et al., 2011. Searchable symmetric encryption: improved definitions and efficient constructions. J Comput Secur, 19(5):895-934.

[16]Daemen J, Rijmen V, 2001. The Design of Rijndael. AES—the Advanced Encryption Standard. Springer Berlin Heidelberg.

[17]Dang H, Chong YL, Brun F, et al., 2016. Practical and scalable sharing of encrypted data in cloud storage with key aggregation. Proc 4th ACM Workshop on Information Hiding and Multimedia Security, p.69-80.

[18]Daza V, Herranz J, Morillo P, et al., 2010. Extensions of access structures and their cryptographic applications. Appl Algebr Eng Commun Comput, 21(4):257-284.

[19]de Caro A, Iovino V, 2011. jPBC: Java pairing based cryptography. Proc Symp on Computers and Communications, p.850-855.

[20]Diaz F, Lalmas M, Shokouhi M, 2010. From federated to aggregated search. Proc 33rd Int ACM SIGIR Conf on Research and Development in Information Retrieval, p.910.

[21]Dodis Y, Fazio N, 2003. Public key broadcast encryption for stateless receivers. ACM CCS-9 Workshop on Digital Rights Management, p.61-80.

[22]Fiat A, Naor M, 1993. Broadcast encryption. Proc 13th Annual Int Cryptology Conf on Advances in Cryptology, p.480-491.

[23]Firdose HF, Rebekah RDC, 2015. A key aggregate construction with adaptable offering of information in cloud. Int J Comput Eng Res Trends, 2(5):355-358.

[24]Goh EJ, 2003. Secure Indexes. Cryptology ePrint Archive, Report 2003/216. https://eprint.iacr.org/2003/216

[25]Goyal V, Pandey O, Sahai A, et al., 2006. Attribute-based encryption for fine-grained access control of encrypted data. Proc 13th ACM Conf on Computer and Communications Security, p.89-98.

[26]Guo C, Luo NQ, Bhuiyan ZA, et al., 2017. Key-aggregate authentication cryptosystem for data sharing in dynamic cloud storage. Proc 14th Int Symp on Pervasive Systems, Algorithms and Networks & 11th Int Conf on Frontier of Computer Science and Technology & 3rd Int Symp of Creative Computing, p.242-249.

[27]Huang HP, Du JP, Wang H, et al., 2016. A multi-keyword multi-user searchable encryption scheme based on cloud storage. Proc IEEE Trustcom/BigDataSE/ISPA, p.1937-1943.

[28]Hwang YH, Lee PJ, 2007. Public key encryption with conjunctive keyword search and its extension to a multi-user system. Proc 1st Int Conf on Pairing-Based Cryptography, p.2-22.

[29]Kiayias A, Oksuz O, Russell A, et al., 2016. Efficient encrypted keyword search for multi-user data sharing. Proc 21st European Symp on Research in Computer Security, p.173-195.

[30]Kurosawa K, Yoshida T, Desmelt Y, 2000. Inherently large traceability of broadcast encryption scheme. Proc IEEE Int Symp on Information Theory, p.464.

[31]Lambhate S, Patil S, 2016. A survey on cloud group data sharing using key-aggregate searchable encryption (KASE) scheme. Int J Sci Res Sci Eng Technol, 2(1): 182-185.

[32]Li T, Liu ZL, Li P, et al., 2016. Verifiable searchable encryption with aggregate keys for data sharing in outsourcing storage. Proc 21st Australasian Conf on Information Security and Privacy, p.153-169.

[33]Li T, Liu ZL, Jia CF, et al., 2018. Key-aggregate searchable encryption under multi-owner setting for group data sharing in the cloud. Int J Web Grid Serv, 14(1):21-43.

[34]Liao ZH, Wang JM, Lang B, 2013. Ciphertext-policy hidden vector encryption for multi-user keyword search. Proc 3rd$ Int Conf on Internet & Cloud Computing Technology.

[35]Mahalle RV, Pawade PP, 2014. A review of secure data sharing in cloud using key aggregate cryptosystem and decoy technology. Int J Sci Res, 3(12):2694-2697.

[36]Massonet P, Levin A, Celesti A, et al., 2015. Security requirements in a federated cloud networking architecture. Workshops of ESOCC Advances in Service-Oriented and Cloud Computing, p.79-88.

[37]Padhya M, Jinwala D, 2014. A novel approach for searchable CP-ABE with hidden ciphertext-policy. Proc 10th Int Conf on Information Systems Security, p.167-184.

[38]Pansare N, Somkuwar A, Shaikh A, et al., 2016. Key-aggregate searchable encryption (KASE) for user revocation in cloud storage. Int J Eng Tech, 2(1):68-70.

[39]Park JH, Lee DH, 2008. A new public key broadcast encryption using Boneh-Boyen-Goh‘s HIBE scheme. Proc 4th Int Conf on Information Security Practice and Experience, p.101-115.

[40]Patranabis S, Shrivastava Y, Mukhopadhyay D, 2015. Dynamic key-aggregate cryptosystem on elliptic curves for online data sharing. Proc 16th Int Conf in Cryptology in India Progress in Cryptology, p.25-44.

[41]Patranabis S, Shrivastava Y, Mukhopadhyay D, 2017. Provably secure key-aggregate cryptosystems with broadcast aggregate keys for online data sharing on the cloud. IEEE Trans Comput, 66(5):891-904.

[42]Pawar PS, Sajjad A, Dimitrakos T, et al., 2015. Security-as-a-service in multi-cloud and federated cloud environments. Proc 9th IFIP Int Conf on Trust Management, p.251-261.

[43]Pirretti M, Traynor P, McDaniel P, et al., 2010. Secure attribute-based systems. J Comput Secur, 18(5):799-837.

[44]Popa RA, Zeldovich N, 2013. Multi-key Searchable Encryption. Cryptology ePrint Archive, Report 2013/508. https://eprint.iacr.org/2013/508

[45]Ragab-Hassen H, 2010. Efficient key management model and scheme for content access control in hierarchies. Proc IEEE Globecom Workshop, p.1492-1496.

[46]Rivest RL, Shamir A, Adleman L, 1978. A method for obtaining digital signatures and public-key cryptosystems. Commun ACM, 21(2):120-126.

[47]Rouselakis Y, Waters B, 2015. Efficient statically-secure large-universe multi-authority attribute-based encryption. Proc 19th Int Conf on Financial Cryptography and Data Security, p.315-332.

[48]Sahai A, Waters B, 2005. Fuzzy identity-based encryption. Proc 24th Annual Int Conf on the Theory and Applications of Cryptographic Techniques Advances in Cryptology, p.457-473.

[49]Shim KA, 2012. CPAS: an efficient conditional privacy-preserving authentication scheme for vehicular sensor networks. IEEE Trans Veh Technol, 61(4):1874-1883.

[50]Singhal A, 2001. Modern information retrieval: a brief overview. IEEE Data Eng Bull, 24(4):35-43.

[51]Sinha A, Kale CV, Douglas JL, et al., 2015. Federated Search. US Patent App. 14/503, 138.

[52]Song DX, Wagner D, Perrig A, 2000. Practical techniques for searches on encrypted data. Proc IEEE Symp on Security and Privacy, p.44-55.

[53]Soubhagya B, Mini VG, Celin JA, 2013. A homomorphic encryption technique for scalable and secure sharing of personal health record in cloud computing. Int J Comput Appl, 67(11):40-44.

[54]Sumalatha MR, Begam MBR, Priya ED, et al., 2015. Secure data sharing using aggregate key for sensitive data. Int Res J Eng Technol, 2(4):40-45.

[55]Sun WH, Yu SC, Lou WJ, et al., 2014. Protecting your right: attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud. Proc IEEE Conf on Computer Communications, p.226-234.

[56]Wang CJ, Li WT, Li Y, et al., 2013. A ciphertext-policy attribute-based encryption scheme supporting keyword search function. Proc 5th Int Symp on Cyberspace Safety and Security, p.377-386.

[57]Wang PS, Wang HX, Pieprzyk J, 2007. Common secure index for conjunctive keyword-based retrieval over encrypted data. Proc 4th VLDB Workshop on Secure Data Management, p.108-123.

[58]Wang PS, Wang HX, Pieprzyk J, 2008a. Keyword field-free conjunctive keyword searches on encrypted data and extension for dynamic groups. In: Franklin MK, Hui LCK, Wong DS (Eds.), Cryptology and Network Security. Springer Berlin Heidelberg, p.178-195.

[59]Wang PS, Wang HX, Pieprzyk J, 2008b. Threshold privacy preserving keyword searches. Proc Int Conf on Current Trends in Theory and Practice of Computer Science, p.646-658.

[60]Wang ZW, 2019. Provably secure key-aggregate cryptosystems with auxiliary inputs for data sharing on the cloud. Fut Gener Comput Syst, 93:770-776.

[61]Wang ZW, Zhou LY, 2016. Leakage-resilient key-aggregate cryptosystem with auxiliary input. Proc 25th Int Conf on Computer Communication and Networks, p.1-5.

[62]Wang ZW, Cao C, Yang NH, et al., 2017. ABE with improved auxiliary input for big data security. J Comput Syst Sci, 89:41-50.

[63]Waters B, 2011. Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Catalano D, Fazio N, Gennaro R, et al. (Eds.), Public Key Cryptography-PKC 2011. Springer Berlin Heidelberg, p.53-70.

[64]Xiong AP, Gan QX, He XX, et al., 2013. A searchable encryption of CP-ABE scheme in cloud storage. Proc 10th Int Computer Conf on Wavelet Active Media Technology and Information Processing, p.345-349.

[65]Yang ZQ, Zhong S, Wright RN, 2006. Privacy-preserving queries on encrypted data. European Symp on Research in Computer Security, p.479-495.

[66]Yao DF, Fazio N, Dodis Y, et al., 2004. ID-based encryption for complex hierarchies with applications to forward security and broadcast encryption. Proc 11th ACM Conf on Computer and Communications Security, p.354-363.

[67]Zhang LH, Yang WH, Liao LZ, 2013. On an efficient implementation of the face algorithm for linear programming. J Comput Math, 31(4):335-354.

[68]Zhou R, Zhang XS, Du XJ, et al., 2018. File-centric multi-key aggregate keyword searchable encryption for industrial Internet of Things. IEEE Trans Ind Inform, 14(8):3648-3658.

Open peer comments: Debate/Discuss/Question/Opinion

<1>

Please provide your name, email address and a comment





Journal of Zhejiang University-SCIENCE, 38 Zheda Road, Hangzhou 310027, China
Tel: +86-571-87952783; E-mail: cjzhang@zju.edu.cn
Copyright © 2000 - 2022 Journal of Zhejiang University-SCIENCE