Improved File-injection Attacks on Searchable Encryption Using Finite Set Theory

2020 ◽  
Author(s):  
Gaoli Wang ◽  
Zhenfu Cao ◽  
Xiaolei Dong
Keyword(s):  
Searchable Encryption ◽  
Search Pattern ◽  
Access Pattern ◽  
Encrypted Data ◽  
Injection Attacks ◽  
Cloud Server ◽  
Finite Set ◽  
To Come ◽  
Real Scenario ◽  
Finite Set Theory

Abstract Searchable encryption (SE) allows the cloud server to search over the encrypted data and leak information as little as possible. Most existing efficient SE schemes assume that the leakage of search pattern and access pattern is acceptable. A series of work was proposed, instructing malicious users to use this leakage to come up with attacks. Especially, with a devastating attack proposed by Zhang et al., the cloud server can reveal the keywords queried by normal users by using some injected files. From the method of constructing uniform $(k,n)$-set of a finite set $A$ proposed by Cao, we put forward a new file-injection attack. In our attack, the server needs fewer injected files than the previous attack when the size of $T$ is larger than 9 and the size of keyword set is larger than $2T$, where $T$ is the threshold of the number of keywords in each injected file. Our attack is more practical and easier to implement in the real scenario.

scholarly journals EFFICIENT AND EXPRESSIVE KEYWORD SEARCH OVER ENCRYPTED DATA IN CLOUD

2020 ◽  
pp. 145-147
Author(s):  
Zeeshan Sharief
Keyword(s):  
Keyword Search ◽  
Bilinear Pairings ◽  
Searchable Encryption ◽  
Encrypted Data ◽  
Access Structures ◽  
Attribute Based Encryption ◽  
Cloud Server ◽  
Encryption Schemes ◽  
Boolean Formulas ◽  
Significant Performance

Searchable encryption allows a cloud server to conduct keyword search over encrypted data on behalf of the data users without learning the underlying plaintexts. However, most existing searchable encryption schemes only support single or conjunctive keyword search, while a few other schemes that can perform expressive keyword search are computationally inefficient since they are built from bilinear pairings over the composite-order groups. In this paper, we propose an expressive public-key searchable encryption scheme in the prime-order groups, which allows keyword search policies i.e., predicates, access structures to be expressed in conjunctive, disjunctive or any monotonic Boolean formulas and achieves significant performance improvement over existing schemes. We formally define its security and prove that it is selectively secure in the standard model. Also, we implement the proposed scheme using a rapid prototyping tool called Charm and conduct several experiments to evaluate it performance. The results demonstrate that our scheme is much more efficient than the ones built over the composite-order groups. INDEX TERMS - Searchable encryption, cloud computing, expressiveness, attribute-based encryption

scholarly journals Verifying Fuzzy Keyword Search Over Cipher Text in Cloud Computing

2019 ◽  
Vol 9 (1) ◽  
pp. 3252-3257
Keyword(s):  
Cloud Computing ◽  
Keyword Search ◽  
Searchable Encryption ◽  
Knowledge User ◽  
Cloud Server ◽  
Encryption Schemes ◽  
Fuzzy Keyword Search ◽  
Word Search ◽  
To Come ◽  
Cloud Servers

To enhance the potency of knowledge looking out, most knowledge house owners store their knowledge files in numerous cloud servers within the kind of ciphertext. Thus, economical search victimization fuzzy keywords become a vital issue in such a cloud computing atmosphere. Searchable cryptography will support knowledge user to select and retrieve the cipher documents over encrypted cloud knowledge by keyword-based search. Most of the prevailing searchable encryption schemes solely specialize in the precise keyword search. When knowledge user makes writing system errors, these schemes fail to come to the results of interest. In searchable encryption, the cloud server may come to the invalid result to knowledge user for saving the computation price or alternative reasons. Therefore, these precise keyword search schemes notice very little sensible significance in real-world applications. So as to deal with these problems, we tend to propose unique verifiable fuzzy keyword search theme over encrypted cloud knowledge. We tend to propose a verifiable precise keyword search theme which extend this theme to the fuzzy keyword search theme. Here we tend to thus propose a system for fuzzy keyword sets rather than precise word search. This will help us drastically to reduce the costs and it also allows to have multi-users using the system simultaneously.

OSM-DSSE: A Searchable Encryption Scheme with Hidden Search Patterns and Access Patterns

2021 ◽  
Author(s):  
Hong Liu ◽  
Xueqin Li ◽  
Erchuan Guo ◽  
Yunpeng Xiao ◽  
Tun Li
Keyword(s):  
Incidence Matrix ◽  
Differential Privacy ◽  
Security Analysis ◽  
Searchable Encryption ◽  
Search Pattern ◽  
Communication Overhead ◽  
Encrypted Data ◽  
Searchable Symmetric Encryption ◽  
Search Patterns ◽  
Access Patterns

Abstract Dynamic searchable encryption methods allow a client to perform searches and updates over encrypted data stored in the cloud. However, existing researches show that the general dynamic searchable symmetric encryption (DSSE) scheme is vulnerable to statistical attacks due to the leakage of search patterns and access patterns, which is detrimental to protecting the users’ privacy. Although the traditional Oblivious Random Access Machine (ORAM) can hide the access pattern, it also incurs significant communication overhead and cannot hide the search pattern. These limitations make it difficult to deploy the ORAM method in real cloud environments. To overcome this limitation, a DSSE scheme called obliviously shuffled incidence matrix DSSE (OSM-DSSE) is proposed in this paper to access the encrypted data obliviously. The OSM-DSSE scheme realizes efficient search and update operations based on an incidence matrix. In particular, a shuffling algorithm using Paillier encryption is combined with 1-out-of-n obliviously transfer (OT) protocol and local differential privacy to obfuscate the search targets. Besides, a formalized security analysis and performance analysis on the proposed scheme is provided, which indicates that the OSM-DSSE scheme achieves high security, efficient searches, and low storage overhead. Also, this scheme not only completely hides the search and access patterns but also provides adaptive security against malicious attacks by adversaries. Furthermore, experimental results show that the OSM-DSSE scheme obtains 3-4x better execution efficiency than the state-of-art solutions.

Non Standard Regular Finite Set Theory

1995 ◽  
Vol 41 (2) ◽  
pp. 161-172 ◽  
Author(s):  
Stefano Baratella ◽  
Ruggero Ferro
Keyword(s):  
Set Theory ◽  
Finite Set ◽  
Finite Set Theory

scholarly journals Text File Privacy on the Cloud Based on Diagonal Fragmentation and Encryption

2021 ◽  
Vol 8 (1) ◽  
Author(s):  
Tawfiq Barhoom ◽  
Mahmoud Abu Shawish
Keyword(s):  
Data Privacy ◽  
Cloud Services ◽  
Text File ◽  
Layer Model ◽  
Encrypted Data ◽  
Cloud Server ◽  
Cloud Environments ◽  
Encryption Algorithms ◽  
Well Data ◽  
Encryption Method

Despite the growing reliance on cloud services and software, privacy is somewhat difficult. We store our data on remote servers in cloud environments that are untrusted. If we do not handle the stored data well, data privacy can be violated with no awareness on our part. Although it requires expensive computation, encrypting the data before sending it appears to be a solution to this problem. So far, all known solutions to protect textual files using encryption algorithms fell short of privacy expectations. Thus is because encrypting cannot stand by itself. The encrypted data on the cloud server becomes full file in the hand causing the privacy of this data to be intrusion-prone, thus allowing intruders to access the file data once they can decrypt it. This study aimed to develop an effective cloud confidentiality model based on combining fragmentation and encryption of text files to compensate for reported deficiency in encryption methods. The fragmentation method used the strategy of dividing text files into two triangles through the axis. Whereas the encryption method used the Blowfish algorithm. The research concluded that high confidentiality is achieved by building a multi-layer model: encryption, chunk, and fragmentation of every chunk to prevent intruders from reaching the data even if they were able to decrypt the file. Using the privacy accuracy equation (developed for the purpose in this research), the model achieved accuracy levels of 96% and 90% when using 100 and 200 words in each chunk on small, medium, and large files respectively.

scholarly journals Efficient verifiable fuzzy keyword search over encrypted data in cloud computing

2013 ◽  
Vol 10 (2) ◽  
pp. 667-684 ◽  
Author(s):  
Jianfeng Wang ◽  
Hua Ma ◽  
Qiang Tang ◽  
Jin Li ◽  
Hui Zhu ◽  
...  
Keyword(s):  
Cloud Computing ◽  
Keyword Search ◽  
Efficiency Analysis ◽  
Sensitive Data ◽  
Encrypted Data ◽  
Proposed Model ◽  
Cloud Server ◽  
Encryption Schemes ◽  
User Data ◽  
Fuzzy Keyword Search

As cloud computing becomes prevalent, more and more sensitive data is being centralized into the cloud by users. To maintain the confidentiality of sensitive user data against untrusted servers, the data should be encrypted before they are uploaded. However, this raises a new challenge for performing search over the encrypted data efficiently. Although the existing searchable encryption schemes allow a user to search the encrypted data with confidentiality, these solutions cannot support the verifiability of searching result. We argue that a cloud server may be selfish in order to save its computation ability or bandwidth. For example, it may execute only a fraction of the search and returns part of the searching result. In this paper, we propose a new verifiable fuzzy keyword search scheme based on the symbol-tree which not only supports the fuzzy keyword search, but also enjoys the verifiability of the searching result. Through rigorous security and efficiency analysis, we show that our proposed scheme is secure under the proposed model, while correctly and efficiently realizing the verifiable fuzzy keyword search. The extensive experimental results demonstrate the efficiency of the proposed scheme.

Sign in / Sign up

Export Citation Format

Share Document