RESeED: A secure regular-expression search tool for storage clouds

Lack of trust has become one of the main concerns of users who tend to utilize one or multiple Cloud providers. Trustworthy Cloud-based computing and data storage require secure and efficient solutions which allow clients to remotely store and process their data in the Cloud. User-side encryption is an established method to secure the user data on the Cloud. However, using encryption, we lose processing capabilities, such as searching, over the Cloud data. In this paper, we present RESeED, a tool that provides usertransparent and Cloud-agnostic regular-expression search functionality over encrypted data across multiple Clouds. Upon a client’s intent to upload a new document to the Cloud, RESeED analyzes the document’s content and updates its data structures accordingly. Then, it encrypts and transfers the document to the Cloud. RESeED provides the regular-expression search functionality over encrypted data by translating the search queries on-the-fly to finite automata and analyzing concise and secure representations of the data before asking the Cloud to download the encrypted documents. RESeED’s parallel architecture enables efficient search over large-scale (and potentially big data scale) data-sets. We evaluate the performance of RESeED experimentally and demonstrate its scalability and correctness using real-world data-sets from arXiv.org and IETF. Our results show that RESeED produces accurate query responses with a reasonable ('6%) storage overhead. The results also demonstrate that for many search queries, RESeED performs faster in compare to the grep utility that functions on unencrypted data. Copyright c © 0000 John Wiley & Sons, Ltd.