Symmetric Searchable Encryption with Sharing and Unsharing

نویسندگان

  • Sarvar Patel
  • Giuseppe Persiano
  • Kevin Yeo
چکیده

We consider Symmetric Searchable Encryption with Sharing and Unsharing (SSEwSU), a notion thatmodels Symmetric Searchable Encryption (SSE) in a multi-user setting in which documents can bedynamically shared and unshared among users. Previous works on SSE involving multiple users haveassumed that all users have access to the same set of documents and/or their security models assumethat all users in the system are trusted.As in SSE, every construction of a SSEwSU will be a trade-off between efficiency and security, asmeasured by the amount of leakage. In multi-user settings, we must also consider cross-user leakage(x-user leakage) where a query performed by one user would leak information about the content ofdocuments shared with a different user.We start by presenting two strawman solutions that are at the opposite side of the efficiency-leakagebidimensional space: x-uz, that has zero x-user leakage but is very inefficient, and x-uL, that is veryefficient but highly insecure with very large x-user leakage. We give a third construction, x-um, that is asefficient as x-uL and more efficient than x-uz. At the same time, x-um is considerably more secure thanx-uL. Construction x-um is based on the concept of a Re-writable Deterministic Hashing (RDH), whichcan be thought of as a two-argument hash function with tokens that add re-writing capabilities. Sharingand unsharing in x-um is supported in constant (in the number of users, documents, and keywords) time.We give a concrete instantiation whose security is based on the Decisional Diffie-Hellman assumption.We provide a rigorous analysis of x-um and show a tight bound on the leakage in the presence of anactive adversary that corrupts a subset of the users. We report on experimental work that show thatx-um is very efficient and x-user leakage grows very slowly as queries are performed by the users.Additionally, we present extensions of x-um. We modify x-um to support a finer grained accessgranularity, so a document can be shared to a user either only for reading (i.e., searching) or for writing(i.e., editing). We also extend x-um to the bilinear setting to further reduce leakage. ∗Google, Inc., [email protected]†Google, Inc. and Università di Salerno, [email protected]‡Google, Inc., [email protected]

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Fuzzy retrieval of encrypted data by multi-purpose data-structures

The growing amount of information that has arisen from emerging technologies has caused organizations to face challenges in maintaining and managing their information. Expanding hardware, human resources, outsourcing data management, and maintenance an external organization in the form of cloud storage services, are two common approaches to overcome these challenges; The first approach costs of...

متن کامل

Browse searchable encryption schemes: Classification, methods and recent developments

With the advent of cloud computing, data owners tend to submit their data to cloud servers and allow users to access data when needed. However, outsourcing sensitive data will lead to privacy issues. Encrypting data before outsourcing solves privacy issues, but in this case, we will lose the ability to search the data. Searchable encryption (SE) schemes have been proposed to achieve this featur...

متن کامل

A Layered Searchable Encryption Scheme with Functional Components Independent of Encryption Methods

Searchable encryption technique enables the users to securely store and search their documents over the remote semitrusted server, which is especially suitable for protecting sensitive data in the cloud. However, various settings (based on symmetric or asymmetric encryption) and functionalities (ranked keyword query, range query, phrase query, etc.) are often realized by different methods with ...

متن کامل

SESOS: A Verifiable Searchable Outsourcing Scheme for Ordered Structured Data in Cloud Computing

While cloud computing is growing at a remarkable speed, privacy issues are far from being solved. One way to diminish privacy concerns is to store data on the cloud in encrypted form. However, encryption often hinders useful computation cloud services. A theoretical approach is to employ the so-called fully homomorphic encryption, yet the overhead is so high that it is not considered a viable s...

متن کامل

Adaptively Secure Computationally Efficient Searchable Symmetric Encryption

Searchable encryption is a technique that allows a client to store documents on a server in encrypted form. Stored documents can be retrieved selectively while revealing as little information as possible to the server. In the symmetric searchable encryption domain, the storage and the retrieval are performed by the same client. Most conventional searchable encryption schemes suffer from two dis...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • IACR Cryptology ePrint Archive

دوره 2017  شماره 

صفحات  -

تاریخ انتشار 2017