Data privacy leakage has always been a critical concern in cloud-based Internet of Things(IoT)systems.Dynamic Symmetric Searchable Encryption(DSSE)with forward and backward privacy aims to address this issue by enabli...Data privacy leakage has always been a critical concern in cloud-based Internet of Things(IoT)systems.Dynamic Symmetric Searchable Encryption(DSSE)with forward and backward privacy aims to address this issue by enabling updates and retrievals of ciphertext on untrusted cloud server while ensuring data privacy.However,previous research on DSSE mostly focused on single keyword search,which limits its practical application in cloud-based IoT systems.Recently,Patranabis(NDSS 2021)[1]proposed a groundbreaking DSSE scheme for conjunctive keyword search.However,this scheme fails to effectively handle deletion operations in certain circumstances,resulting in inaccurate query results.Additionally,the scheme introduces unnecessary search overhead.To overcome these problems,we present CKSE,an efficient conjunctive keyword DSSE scheme.Our scheme improves the oblivious shared computation protocol used in the scheme of Patranabis,thus enabling a more comprehensive deletion functionality.Furthermore,we introduce a state chain structure to reduce the search overhead.Through security analysis and experimental evaluation,we demonstrate that our CKSE achieves more comprehensive deletion functionality while maintaining comparable search performance and security,compared to the oblivious dynamic cross-tags protocol of Patranabis.The combination of comprehensive functionality,high efficiency,and security makes our CKSE an ideal choice for deployment in cloud-based IoT systems.展开更多
While users enjoy the convenience of data outsourcing in the cloud,they also face the risks of data modification and private information leakage.Searchable encryption technology can perform keyword searches over encry...While users enjoy the convenience of data outsourcing in the cloud,they also face the risks of data modification and private information leakage.Searchable encryption technology can perform keyword searches over encrypted data while protecting their privacy and guaranteeing the integrity of the data by verifying the search results.However,some associated problems are still encountered,such as the low efficiency of verification and uncontrollable query results.Accordingly,this paper proposes a Privacy-Preserving Searchable Encryption(PPSE)scheme based on public and private blockchains.First,we store an encrypted index in a private blockchain while outsourcing corresponding encrypted documents to a public blockchain.The encrypted documents are located through the encrypted index.This method can reduce the storage overhead on the blockchains,and improve the efficiency of transaction execution and the security of stored data.Moreover,we adopt a smart contract to introduce a secondary verification access control mechanism and restrict data users’access to the private blockchain through authorization for the purpose of guaranteeing data privacy and the correctness of access control verification.Finally,the security analysis and experimental results indicate that compared with existing schemes,the proposed scheme can not only improve the security of encrypted data but also guarantee the efficiency of the query.展开更多
基金supported in part by the Major Science and Technology Projects in Yunnan Province(202202AD080013)King Khalid University for funding this work through Large Group Project under grant number RGP.2/373/45.
文摘Data privacy leakage has always been a critical concern in cloud-based Internet of Things(IoT)systems.Dynamic Symmetric Searchable Encryption(DSSE)with forward and backward privacy aims to address this issue by enabling updates and retrievals of ciphertext on untrusted cloud server while ensuring data privacy.However,previous research on DSSE mostly focused on single keyword search,which limits its practical application in cloud-based IoT systems.Recently,Patranabis(NDSS 2021)[1]proposed a groundbreaking DSSE scheme for conjunctive keyword search.However,this scheme fails to effectively handle deletion operations in certain circumstances,resulting in inaccurate query results.Additionally,the scheme introduces unnecessary search overhead.To overcome these problems,we present CKSE,an efficient conjunctive keyword DSSE scheme.Our scheme improves the oblivious shared computation protocol used in the scheme of Patranabis,thus enabling a more comprehensive deletion functionality.Furthermore,we introduce a state chain structure to reduce the search overhead.Through security analysis and experimental evaluation,we demonstrate that our CKSE achieves more comprehensive deletion functionality while maintaining comparable search performance and security,compared to the oblivious dynamic cross-tags protocol of Patranabis.The combination of comprehensive functionality,high efficiency,and security makes our CKSE an ideal choice for deployment in cloud-based IoT systems.
基金supported by the National Natural Science Foundation of China (No.61972073)the Key Program of Natural Science Foundation of Hebei Province of China (No.F2019201290)the Natural Science Foundation of Hebei Province of China (No.F2018201153).
文摘While users enjoy the convenience of data outsourcing in the cloud,they also face the risks of data modification and private information leakage.Searchable encryption technology can perform keyword searches over encrypted data while protecting their privacy and guaranteeing the integrity of the data by verifying the search results.However,some associated problems are still encountered,such as the low efficiency of verification and uncontrollable query results.Accordingly,this paper proposes a Privacy-Preserving Searchable Encryption(PPSE)scheme based on public and private blockchains.First,we store an encrypted index in a private blockchain while outsourcing corresponding encrypted documents to a public blockchain.The encrypted documents are located through the encrypted index.This method can reduce the storage overhead on the blockchains,and improve the efficiency of transaction execution and the security of stored data.Moreover,we adopt a smart contract to introduce a secondary verification access control mechanism and restrict data users’access to the private blockchain through authorization for the purpose of guaranteeing data privacy and the correctness of access control verification.Finally,the security analysis and experimental results indicate that compared with existing schemes,the proposed scheme can not only improve the security of encrypted data but also guarantee the efficiency of the query.
