TY - JOUR
T1 - Secure searching on cloud storage enhanced by homomorphic indexing
AU - Ren, Shu Qin
AU - Tan, Benjamin Hong Meng
AU - Sundaram, Sivaraman
AU - Wang, Taining
AU - Ng, Yibin
AU - Chang, Victor
AU - Aung, Khin Mi Mi
N1 - Publisher Copyright:
© 2016 Elsevier B.V.
PY - 2016/12/1
Y1 - 2016/12/1
N2 - Enterprise cloud tenants would store their outsourced cloud data in encrypted form for data privacy and security. However, flexible data access functions such as data searching is usually sacrificed as a result. Thus, enterprise tenants demand secure data retrieval and computation solution from the cloud provider, which will allow them to utilize cloud services without the risks of leaking private data to outsiders and even service providers. In this paper, we propose an exclusive-or (XOR) homomorphism encryption scheme to support secure keyword searching on encrypted data for cloud storage. First, this scheme specifies a new data protection method by encrypting the keyword and randomizing it by performing XOR operation with a random bit-string for each session to protect access pattern leakage; Secondly, the homomorphic evaluation key enables the searching evaluation to be on-demand calculated, thus it removes the dependency of key storage on cloud and enhance protection against cloud's violability; Thirdly, this scheme can effectively protect data-in-transit against passive attack such as access pattern analysis due to the randomization. This scheme also can reduce data leakage to service provider because the homomorphism-key solution instead of key storage on cloud. The above three features have been proved by the experiments and further tested out at Email service which can support secure subject searching. The execution time of one searching process is just in the order of milliseconds. We could get 2–3 times speedup compared to default utility grep with the concern of expensive one-time indexing which can be built off-line in advance.
AB - Enterprise cloud tenants would store their outsourced cloud data in encrypted form for data privacy and security. However, flexible data access functions such as data searching is usually sacrificed as a result. Thus, enterprise tenants demand secure data retrieval and computation solution from the cloud provider, which will allow them to utilize cloud services without the risks of leaking private data to outsiders and even service providers. In this paper, we propose an exclusive-or (XOR) homomorphism encryption scheme to support secure keyword searching on encrypted data for cloud storage. First, this scheme specifies a new data protection method by encrypting the keyword and randomizing it by performing XOR operation with a random bit-string for each session to protect access pattern leakage; Secondly, the homomorphic evaluation key enables the searching evaluation to be on-demand calculated, thus it removes the dependency of key storage on cloud and enhance protection against cloud's violability; Thirdly, this scheme can effectively protect data-in-transit against passive attack such as access pattern analysis due to the randomization. This scheme also can reduce data leakage to service provider because the homomorphism-key solution instead of key storage on cloud. The above three features have been proved by the experiments and further tested out at Email service which can support secure subject searching. The execution time of one searching process is just in the order of milliseconds. We could get 2–3 times speedup compared to default utility grep with the concern of expensive one-time indexing which can be built off-line in advance.
KW - Cloud storage
KW - Secure searching
KW - XOR-homomorphism encryption
UR - http://www.scopus.com/inward/record.url?scp=84992311607&partnerID=8YFLogxK
U2 - 10.1016/j.future.2016.03.013
DO - 10.1016/j.future.2016.03.013
M3 - Article
AN - SCOPUS:84992311607
SN - 0167-739X
VL - 65
SP - 102
EP - 110
JO - Future Generation Computer Systems
JF - Future Generation Computer Systems
ER -