Document Type : Research Article

Authors

Abstract

Nowadays, users of information systems have inclination to use a central server to decrease data transferring and maintenance costs. Since such a system is not so trustworthy, users' data usually upkeeps encrypted. However, encryption is not a nostrum for security problems and cannot guarantee the data security. In other words, there are some techniques that can endanger security of encrypted data. Majority of existing methods for encrypted data management have some critical defects such as cryptanalysis attacks, encryption/decryption overhead, and inefficient data storing and retrieval. In this paper, at first we propose a prototype model of private key based search on encrypted data. Then we try to improve it significantly to meet security requirements. Our main goal is to offer a practical method of querying arbitrary words on encrypted data using a minimal trust model. Moreover, we present a model for balancing between performance and security based on user's requirements. In comparison with other methods, query response time is improved and the probability of statistical deductions is reduced.

Keywords

[1] Ming Li, Shucheng Yu, Ning Cao, and Wenjing Lou. Authorized Private Keyword Search over Encrypted Data in Cloud Computing. In Distributed Computing Systems (ICDCS), 2011 31st International Conference on, pages 383-392. IEEE, June 2011.
[2] Ning Cao, Cong Wang, Ming Li, Kui Ren, and Wenjing Lou. Privacy-preserving multi-keyword ranked search over encrypted cloud data. In INFOCOM, 2011 Proceedings IEEE, pages 829-837, April 2011.
[3] Cong Wang, Ning Cao, Jin Li, Kui Ren, and Wenjing Lou. Secure Ranked Keyword Search over Encrypted Cloud Data. In ICDCS, pages 253-262. IEEE Computer Society, 2010.
[4] Qiang Tang. Privacy Preserving Mapping Schemes Supporting Comparison. In CCSW '10: Proceedings of the 2010 ACM Workshop on Cloud Computing Security, pages 53-58, New York, October 2010. ACM.
[5] Hakan Hacigümüs, Balakrishna R. Iyer, Chen Li, and Sharad Mehrotra. Executing sql over encrypted data in the database-service-provider model. In SIGMOD Conference, pages 216-227, 2002.
[6] Manolis Terrovitis, John Liagouris, Nikos Mamoulis, and Spiros Skiadopoulos. Privacy Preservation by Disassociation. Technical Report TR-IMIS-2011-1, Institute for the Management of Information Systems, "Athena" RC, Greece, 2011.
[7] Dawn Xiaodong Song, DavidWagner, and Adrian Perrig. Practical Techniques for Searches on Encrypted Data. In IEEE Symposium on Security and Privacy, pages 44-55, 2000.
[8] Hyun-A Park, Jae Hyun Park, and Dong Hoon Lee. PKIS: Practical Keyword Index Search on Cloud Datacenter. EURASIP J. Wireless Comm. and Networking, 2011:64, 2011.
[9] Yong Hwang and Pil Lee. Public Key Encryption with Conjunctive Keyword Search and Its Extension to a Multi-user System. In Pairing-Based Cryptography Pairing 2007, volume 4575 of Lecture Notes in Computer Science, pages 2-22. Springer Berlin / Heidelberg, 2007.
[10] Xuhua Zhou, Xuhua Ding, and Kefei Chen. Lightweight Delegated Subset Test with Privacy Protection. In ISPEC, volume 6672 of Lecture Notes in Computer Science, pages 138-151. Springer, 2011.
[11] Rakesh Agrawal, Jerry Kiernan, Ramakrishnan Srikant, and Yirong Xu. Order-Preserving Encryption for Numeric Data. In SIGMOD Conference, pages 563-574. ACM, 2004.
[12] Yan-Cheng Chang and Michael Mitzenmacher. Privacy Preserving Keyword Searches on Remote Encrypted Data, pages 442-455. Springer, 2005.
[13] Philippe Golle, Jessica Staddon, and Brent R. Waters. Secure Conjunctive Keyword Search over Encrypted Data. In ACNS, pages 31-45, 2004.
[14] Q. Tang. Revisit the Concept of PEKS: Problems and a Possible Solution. Technical Report TR-CTI, University of Twente, Enschede, The Netherlands, Enschede, 2008. URL http://doc.utwente.nl/64938/.
[15] Dan Boneh, Giovanni Di Crescenzo, Rafail Ostrovsky, and Giuseppe Persiano. Public Key Encryption with Keyword Search. In EUROCRYPT, pages 506-522, 2004.
[16] Eu-Jin Goh. Secure Indexes. IACR Cryptology ePrint Archive, 2003:216, 2003.
[17] Josh Benaloh, Melissa Chase, Eric Horvitz, and Kristin Lauter. Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records. In CCSW, pages 103-114. ACM, 2009.
[18] HweeHwa Pang, Xuhua Ding, and Xiaokui Xiao. Embellishing Text Search Queries To Protect User Privacy. PVLDB, 3(1):598-607, 2010.
[19] Feng Bao, Robert H. Deng, Xuhua Ding, and Yanjiang Yang. Private Query on Encrypted Data in Multi-user Settings. In ISPEC, pages 71-85, 2008.
[20] Erez Shmueli, Ronen Vaisenberg, Yuval Elovici, and Chanan Glezer. Database Encryption: An Overview of Contemporary Challenges and Design Considerations. SIGMOD Record, 38(3):29-34, 2009.
[21] Ahmed A. L. Faresi and Duminda Wijesekera. Preemptive Mechanism to Prevent Health Data Privacy Leakage. In MEDES, pages 17-24, 2011.
[22] Burton H. Bloom. Space/Time Trade-offs in Hash Coding with Allowable Errors. Commun. ACM, 13(7):422-426, 1970.
[23] Mehmet Ercan Nergiz and Chris Clifton. Thoughts on k-Anonymization. Data and Knowledge Engineering, 63(3):622-645, 2007.
[24] Gabriel Ghinita, Yufei Tao, and Panos Kalnis. On the Anonymization of Sparse High-Dimensional Data. In ICDE, pages 715-724. IEEE, 2008.