With the rapid development of wireless communication technology,the Internet of Things is playing an increasingly important role in our everyday.The amount of data generated by sensor devices is increasing as a large ...With the rapid development of wireless communication technology,the Internet of Things is playing an increasingly important role in our everyday.The amount of data generated by sensor devices is increasing as a large number of connectable devices are deployed in many fields,including the medical,agricultural,and industrial areas.Uploading data to the cloud solves the problem of data overhead but results in privacy issues.Therefore,the question of how to manage the privacy of uploading data and make it available to be interconnected between devices is a crucial issue.In this paper,we propose a scheme that supports real-time authentication with conjunctive keyword detection(RA-CKD),this scheme can realize the interconnection of encrypted data between devices while ensuring some measure of privacy for both encrypted data and detection tokens.Through authentication technology,connected devices can both authenticate each other’s identity and prevent malicious adversaries from interfering with device interconnection.Finally,we prove that our scheme can resist inside keyword guessing attack through rigorous security reduction.The experiment shows that the efficiency of RA-CKD is good enough to be practical.展开更多
Data privacy leakage has always been a critical concern in cloud-based Internet of Things(IoT)systems.Dynamic Symmetric Searchable Encryption(DSSE)with forward and backward privacy aims to address this issue by enabli...Data privacy leakage has always been a critical concern in cloud-based Internet of Things(IoT)systems.Dynamic Symmetric Searchable Encryption(DSSE)with forward and backward privacy aims to address this issue by enabling updates and retrievals of ciphertext on untrusted cloud server while ensuring data privacy.However,previous research on DSSE mostly focused on single keyword search,which limits its practical application in cloud-based IoT systems.Recently,Patranabis(NDSS 2021)[1]proposed a groundbreaking DSSE scheme for conjunctive keyword search.However,this scheme fails to effectively handle deletion operations in certain circumstances,resulting in inaccurate query results.Additionally,the scheme introduces unnecessary search overhead.To overcome these problems,we present CKSE,an efficient conjunctive keyword DSSE scheme.Our scheme improves the oblivious shared computation protocol used in the scheme of Patranabis,thus enabling a more comprehensive deletion functionality.Furthermore,we introduce a state chain structure to reduce the search overhead.Through security analysis and experimental evaluation,we demonstrate that our CKSE achieves more comprehensive deletion functionality while maintaining comparable search performance and security,compared to the oblivious dynamic cross-tags protocol of Patranabis.The combination of comprehensive functionality,high efficiency,and security makes our CKSE an ideal choice for deployment in cloud-based IoT systems.展开更多
Searchable encryption(SE)enables data users to securely search encrypted data stored in untrusted cloud servers.However,most SE schemes allow for leakages of access and search patterns to maximize efficiency and funct...Searchable encryption(SE)enables data users to securely search encrypted data stored in untrusted cloud servers.However,most SE schemes allow for leakages of access and search patterns to maximize efficiency and functionality.Recent attacks have shown that adversaries can recover query keywords with prior knowledge of the database by exploiting these leakages.Unfortunately,the existing schemes that protect access and search patterns result in frequent communications and high computational costs.Furthermore,complex calculation processes also raise challenges for verifying search results.To address these concerns,we first design an efficient conjunctive SE scheme with search and access pattern privacy using private set intersection.In the proposed scheme,we utilize random numbers to obfuscate the values of polynomials and randomly divide the results into two parts,which simplifies the search process,improves search efficiency,and eliminates the need for time-consuming ciphertext multiplication operations.We also extend this scheme to support search result verifiability.Specifically,by embedding a random number as the root of the return polynomial,we achieve verifiability of search results.Furthermore,we prove the security of both schemes employing the simulation-based method.Finally,we implement the schemes in a real database and thorough performance analyses demonstrate their efficiency.展开更多
基金This work is supported by the National Natural Science Foundation of China(No.62072240)the National Key Research and Development Program of China(No.2020YFB1804604).
文摘With the rapid development of wireless communication technology,the Internet of Things is playing an increasingly important role in our everyday.The amount of data generated by sensor devices is increasing as a large number of connectable devices are deployed in many fields,including the medical,agricultural,and industrial areas.Uploading data to the cloud solves the problem of data overhead but results in privacy issues.Therefore,the question of how to manage the privacy of uploading data and make it available to be interconnected between devices is a crucial issue.In this paper,we propose a scheme that supports real-time authentication with conjunctive keyword detection(RA-CKD),this scheme can realize the interconnection of encrypted data between devices while ensuring some measure of privacy for both encrypted data and detection tokens.Through authentication technology,connected devices can both authenticate each other’s identity and prevent malicious adversaries from interfering with device interconnection.Finally,we prove that our scheme can resist inside keyword guessing attack through rigorous security reduction.The experiment shows that the efficiency of RA-CKD is good enough to be practical.
基金supported in part by the Major Science and Technology Projects in Yunnan Province(202202AD080013)King Khalid University for funding this work through Large Group Project under grant number RGP.2/373/45.
文摘Data privacy leakage has always been a critical concern in cloud-based Internet of Things(IoT)systems.Dynamic Symmetric Searchable Encryption(DSSE)with forward and backward privacy aims to address this issue by enabling updates and retrievals of ciphertext on untrusted cloud server while ensuring data privacy.However,previous research on DSSE mostly focused on single keyword search,which limits its practical application in cloud-based IoT systems.Recently,Patranabis(NDSS 2021)[1]proposed a groundbreaking DSSE scheme for conjunctive keyword search.However,this scheme fails to effectively handle deletion operations in certain circumstances,resulting in inaccurate query results.Additionally,the scheme introduces unnecessary search overhead.To overcome these problems,we present CKSE,an efficient conjunctive keyword DSSE scheme.Our scheme improves the oblivious shared computation protocol used in the scheme of Patranabis,thus enabling a more comprehensive deletion functionality.Furthermore,we introduce a state chain structure to reduce the search overhead.Through security analysis and experimental evaluation,we demonstrate that our CKSE achieves more comprehensive deletion functionality while maintaining comparable search performance and security,compared to the oblivious dynamic cross-tags protocol of Patranabis.The combination of comprehensive functionality,high efficiency,and security makes our CKSE an ideal choice for deployment in cloud-based IoT systems.
基金supported by the National Key Research and Development Program of China under Grant No.2022YFB4501500 and No.2022YFB4501503the National Natural Science Foundation of China(62072369)+3 种基金The Youth Innovation Team of Shaanxi Universities(23JP160)the Shaanxi Special Support Program Youth Top-notch Talent Programthe Technology Innovation Leading Program of Shaanxi(2023-YD-CGZH-31)the China Postdoctoral Science Foundation under Grant Number 2024T170080
文摘Searchable encryption(SE)enables data users to securely search encrypted data stored in untrusted cloud servers.However,most SE schemes allow for leakages of access and search patterns to maximize efficiency and functionality.Recent attacks have shown that adversaries can recover query keywords with prior knowledge of the database by exploiting these leakages.Unfortunately,the existing schemes that protect access and search patterns result in frequent communications and high computational costs.Furthermore,complex calculation processes also raise challenges for verifying search results.To address these concerns,we first design an efficient conjunctive SE scheme with search and access pattern privacy using private set intersection.In the proposed scheme,we utilize random numbers to obfuscate the values of polynomials and randomly divide the results into two parts,which simplifies the search process,improves search efficiency,and eliminates the need for time-consuming ciphertext multiplication operations.We also extend this scheme to support search result verifiability.Specifically,by embedding a random number as the root of the return polynomial,we achieve verifiability of search results.Furthermore,we prove the security of both schemes employing the simulation-based method.Finally,we implement the schemes in a real database and thorough performance analyses demonstrate their efficiency.
