An Efficient Multi-User Searchable Encryption Scheme without Query Transformation over Outsourced Encrypted Data
Searchable Encryption (SE) schemes provide security and privacy to the cloud data. The existing SE approaches enable multiple users to perform search operation by using various schemes like Broadcast Encryption (BE), Attribute-Based Encryption (ABE), etc. However, these schemes do not allow multiple users to perform the search operation over the encrypted data of multiple owners. Some SE schemes involve a Proxy Server (PS) that allow multiple users to perform the search operation. However, these approaches incur huge computational burden on PS due to the repeated encryption of the user queries for transformation purpose so as to ensure that users query is searchable over the encrypted data of multiple owners. Hence, to eliminate this computational burden on PS, this paper proposes a secure proxy server approach that performs the search operation without transforming the user queries. This approach also returns the top-k relevant documents to the user queries by using Euclidean distance similarity approach. Based on the experimental study, this approach is efficient with respect to search time and accuracy.
With the advent of cloud computing, it has become increasingly popular for data owners to outsource their data to public cloud servers while allowing data users to retrieve this data. For privacy concerns, secure searches over encrypted cloud data has motivated several research works under the single owner model. However, most cloud servers in practice do not just serve one owner; instead, they support multiple owners to share the benefits brought by cloud computing. In this paper, we propose schemes to deal with privacy preserving ranked multi-keyword search in a multi-owner model (PRMSM). To enable cloud servers to perform secure search without knowing the actual data of both keywords and trapdoors, we systematically construct a novel secure search protocol. To rank the search results and preserve the privacy of relevance scores between keywords and files, we propose a novel additive order and privacy preserving function family. To prevent the attackers from eavesdropping secret keys and pretending to be legal data users submitting searches, we propose a novel dynamic secret key generation protocol and a new data user authentication protocol. Furthermore, PRMSM supports efficient data user revocation. Extensive experiments on real-world datasets confirm the efficacy and efficiency of PRMSM.
• These schemes do not allow to perform search operation over the data owned of multiple owners
• Do not support search operation in a multi-owner and multi-user environment.
A cloud server is assigned the task of storing all the documents and indices from different owners and when a search request from a data user is received, it needs to find the most relevant documents and return them to the data user. A data owner creates an index for each of its documents. It encrypts the document collection and sends the encrypted documents over to the cloud server. The words in the indices are partially encrypted with the owners secret key and then these indices are sent to the proxy server. A proxy server is given the work of completing the encryption of partially encrypted index words as well as query keywords before they are sent to the cloud server. The proxy server has a key, known to only it, that is used as a common key to complete the encryption of all the partially encrypted words received. A data user’s task is to frame search queries and to partially encrypt these query keywords with its own secret key before sending them to the proxy server.
Thus this Proxy server based approach for supporting search operation over the data of multiple owners is proposed. Different from the existing approaches, the data user’s query in this approach can be used to search over the multiple owners’ data without transforming the query. In order to bypass the query transformation, the idea of partial encryption is used, i.e., half of each of the both index keyword and query keyword are encrypted by using the secret key of the data owner and the data user respectively and the other half of the index keyword and query keyword is encrypted by using common secret key of the proxy server. The experimental results confirm that the proposed approach is efficient.