Controllable privacy preserving search based on symmetric predicate encryption in cloud storage

doi:10.1016/j.future.2012.05.005

Future Generation Computer Systems

Volume 29, Issue 7, September 2013, Pages 1716-1724

https://doi.org/10.1016/j.future.2012.05.005 Get rights and content

Abstract

Predicate encryption is a novel cryptographic primitive that provides fine-grained control over the accesses to encrypted data. It is often used in secure cloud storage and biometric matching. In this manuscript, we first propose a variant of symmetric predicate encryption, which provides controllable privacy preserving search functionalities, including revocable delegated search and un-decryptable delegated search. Due to these functionalities, the owner of a cloud storage can easily control the lifetimes and search privileges of cloud data.

Highlights

► We model controllable privacy preserving search functionalities in cloud storage. ► The secret key owner can easily revoke the search privileges. ► The delegated person cannot get the knowledge of the retrieved data even though he has the delegated privilege of search. ► It is especially suitable for delegation-based business applications in cloud computing.

Introduction

Recently, cloud computing prevails over the whole world. One of the most important and popular services of cloud computing is cloud storage service, such as Amazon’s S3 [1] and Microsoft’s Azure storage services [2]. A lot of sensitive data will be stored into the cloud, so that the security of the cloud should be guaranteed [3], [4], [5], [6], [7], [8]. Due to data privacy, it is necessary for users to encrypt their sensitive data before storing them into the cloud. However, there exist some shortcomings in the setting of traditional encryption. When a secret key owner wants to search some data that are stored in the cloud storage, he may perform one of the two following possible ways.

•
He downloads all encrypted data from the cloud server, and then decrypts and searches them. If the encrypted data are huge or the client is a mobile user, it will be very inefficient and inconvenient.
•
He sends his key to the cloud server which performs the decryption and search procedures. It causes a serious problem that the cloud server obtains the secret key.

Therefore, the above ways are not feasible. In order to avoid these drawbacks, predicate encryption schemes [9], [10], [11], [12], [13], [14], [15], [16], [17], [18] were proposed. Predicate encryption is a new cryptographic primitive that provides fine-grained control over the accesses to encrypted data. In the setting of predicate encryption, any messages can be encrypted with a set of attributes. The secret key owner can generate a secret token corresponding to a predicate, and he can also delegate search privilege to a person by giving the secret token to the person. The person can take the secret token to make a search query. The cloud server receives the search query from the secret key owner or the above person, and then searches the matched ciphertexts if and only if the set of attributes of the ciphertexts satisfies the predicate of the secret token.

Like traditional encryptions, there are two categories in predicate encryption. [9], [17] are symmetric predicate encryption schemes. [10], [11], [12], [13], [15], [16], [18] are asymmetric predicate encryption schemes. Generally speaking (but not absolutely), the symmetric predicate encryption can be used in secure cloud storage and the asymmetric predicate encryption can be used in encrypted mail search, biometric matching and credit card payment gateways.

In 2009, Shen et al. [17] proposed the first symmetric predicate encryption scheme. Blundo et al. [9] proposed another symmetric scheme which works in groups of a prime order. This scheme is more efficient than [17] which is performed in the groups of a composed order.

In the category of asymmetric setting, Boneh and Waters [10] proposed the conception and a basic construction of predicate encryption. In EUROCRYPT 2008, Katz et al. [12] proposed the first predicate encryption scheme over $Z_{N}$ which can support inner products, and therefore it can provide more complex queries. In the following year, Wei and Ye [16] extended the construction of Katz et al.’s scheme and applied this extension to anonymous authentication. In ICALP 2008, Shi and Waters [18] proposed the first hierarchical predicate encryption scheme, and Okamoto and Takashima [15] proposed the second hierarchical scheme that can support inner products. Li et al. proposed a search mechanism for encrypted personal health records in [19] which is based on the Okamoto–Takashima scheme [15]. Li et al.’s scheme allows delegation and revocation of the search privilege. The method adds a time attribute in the indexes and privileges. However, there exists a problem in this method. The sender must actively update all corresponding personal health records and the indexes, or the revocation of search privileges will fail and users might be able to continue retrieving some personal health records. In 2008, the proposed scheme of Iovino and Persiano [11] is the first construction which can be performed in the groups of a prime order, so it is more efficient than the other schemes performed in the groups of a composed order. In ASIACRYPT 2009, Katz and Yerukhimovich [13] discussed the black-box constructions of predicate encryption based on trapdoor permutations. They showed both negative and positive results. In EUROCRYPT 2010, Lewko et al. [14] proposed fully secure functional encryption schemes which include an attribute-based encryption scheme and a predicate encryption scheme for inner products. Compared with other predicate encryption schemes which are proven to be secure in the selective-attribute model, these two proposed schemes are proven to be secure in the standard model by using a new security proof technique named dual system encryption [20], [21].

Contribution: current privacy preserving search schemes over encrypted cloud storage services do not provide effective revocation for search privileges. Aiming at symmetric predicate encryptions and cloud storage requirements, we propose controllable privacy preserving search in cloud storage. This scheme is based on [9] whose efficiency is much better than [17]. Our controllable privacy preserving search scheme has two new features. One is revocable delegated search which makes it possible for the secret key owner to control the lifetime of the delegation. The other is un-decryptable delegated search. Due to this feature, a delegated person cannot decrypt the returned matched ciphertexts even though he has the delegated privilege of search.

Section snippets

Preliminaries

In this section, we show the setting of bilinear pairing and hard problem assumptions, and discuss the security requirement of the proposed scheme.

The proposed scheme

We now describe the proposed controllable privacy preserving search scheme based on symmetric predicate encryption in cloud storage. There are three roles in the whole system. A secret key owner, such as a manager of a business, wants to store some sensitive data in cloud storage. In order to protect privacy of data, he must encrypt these sensitive data. Initially, the secret key owner publishes some public parameters, and then generates his master secret key. He can take the secret key and an

Security

In this section, we will provide formal proofs for semantic security and attribute hiding in the selective-attribute models.

In order to simplify the proofs and make the adversary (i.e., the cloud storage server) much more powerful, we regard ( $F, f$ ) and ( $\bar{F}, \bar{f}$ ) as the same key component, and also regard ( $Y_{i, 1}, W_{i, 1}$ ) and ( $Y_{i, 2}, W_{i, 2}$ ) as the same token component. Besides, the test and decryption procedures are combined to form a procedure. Therefore, the adversary can take predicate tokens to test

Comparison

We compare our proposed scheme with the other symmetric predicate encryption schemes proposed in the literature [9], [17]. The comparisons are summarized in Table 1.

In order to facilitate performance comparison, some notations are defined as follows. $T_{E}$ denotes the time consumed by an exponentiation computation with modulo $p$ in $G_{1}$ , $G_{2}$ , or $G_{T}$ . $T_{P}$ is the computation time required for a pairing operation with modulo $p$ . $T_{H}$ is the computation time of a one-way hash computation. $T_{R}$ represents the

Conclusion

In this manuscript, we have presented a controllable privacy preserving search scheme which makes it possible for a cloud storage owner to easily manage the lifetimes and search privileges of his cloud data. It is especially suitable for delegation-based business applications in cloud computing. Our further research will focus on the construction that can support complex access control and search privileges.

Acknowledgments

This work was partially supported by the National Science Council of Taiwan under grants NSC 101-2219-E-110-003, and NSC 101-2219-E-110-005, and “Aim for the Top University Plan” of the National Sun Yat-sen University and Ministry of Education, Taiwan, R.O.C. We also thank the anonymous reviewers of this paper for their valuable comments.

References (27)

A. Ciuffoletti
Secure token passing at application level
Future Generation Computer Systems
(2010)
J. Li et al.
Cyberguarder: a virtualization security assurance architecture for green cloud computing
Future Generation Computer Systems
(2012)
E.-J. Yoon et al.
A secure broadcasting cryptosystem and its application to grid computing
Future Generation Computer Systems
(2011)
D. Zissis et al.
Addressing cloud computing security issues
Future Generation Computer Systems
(2012)
Amazon, Amazon simple storage service (Amazon S3), 2011....
Azure, Azure storage service, 2011....
V. Casola et al.
The cloudgrid approach: security analysis and performance evaluation
Future Generation Computer Systems
(2011)
J.M.M. Prrez et al.
Semantic-based authorization architecture for grid
Future Generation Computer Systems
(2011)
C. Blundo et al.
Private-key hidden vector encryption with key confidentiality
D. Boneh et al.
Conjunctive, subset, and range queries on encrypted data

V. Iovino et al.

Hidden-vector encryption with groups of prime order

J. Katz et al.

Predicate encryption supporting disjunctions, polynomial equations, and inner products

J. Katz et al.

On black-box constructions of predicate encryption from trapdoor permutations

Cited by (33)

Multimedia big data computing and Internet of Things applications: A taxonomy and process model
2018, Journal of Network and Computer Applications
Citation Excerpt :
They tried to confirm by checking which part encrypted and which part not. Fan and Huang (2013), proposed an easy symmetric base encryption in cloud storage to handle privacy. The search-based functionalities also preserved for example, un-decrypt plus revocable delegated search.
With an exponential increase in the provisioning of multimedia devices over the Internet of Things (IoT), a significant amount of multimedia data (also referred to as multimedia big data – MMBD) is being generated. Current research and development activities focus on scalar sensor data based IoT or general MMBD and overlook the complexity of facilitating MMBD over IoT. This paper examines the unique nature and complexity of MMBD computing for IoT applications and develops a comprehensive taxonomy for MMBD abstracted into a novel process model reflecting MMBD over IoT. This process model addresses a number of research challenges associated with MMBD, such as scalability, accessibility, reliability, heterogeneity, and Quality of Service (QoS) requirements. A case study is presented to demonstrate the process model.
Privacy-preserving data outsourcing in the cloud via semantic data splitting
2017, Computer Communications
Citation Excerpt :
Even though in recent years some cryptographic solutions have been proposed with a limited support for a number of operations over encrypted data (mainly searches), complex operations would require from solutions like homomorphic encryption, which are still far from being efficiently applicable in a real setting [6]. Even the more efficient searchable encryption solutions [7–9] still require adding a considerable amount of data (e.g., hierarchical indexes) to the outsourced data, performing several queries to retrieve the matched data and/or offer a limited support for complex conjunctive queries involving logical (AND/OR) and relational operators (><) and value ranges. Encrypting the whole data uploaded to the CSP at the client side implies the loss of several degrees of magnitude in efficiency with regard to both storage and processing, which in the case of cloud computing it would mean defeating its own purpose, because one of the main motivation for moving to the cloud, in addition to the provided functionalities, is saving costs [10].
Even though cloud computing provides many intrinsic benefits (e.g., cost savings, availability, scalability, etc.), privacy concerns related to the lack of control over the storage and management of the outsourced (confidential) data still prevent many customers from migrating to the cloud. In this respect, several privacy-protection mechanisms based on a prior encryption of the data to be outsourced have been proposed. Data encryption offers robust security, but at the cost of hampering the efficiency of the service and limiting the functionalities that can be applied over the (encrypted) data stored on cloud premises. Because both efficiency and functionality are crucial advantages of cloud computing, especially in SaaS, in this paper we aim at retaining them by proposing a privacy-protection mechanism that relies on splitting (clear) data, and on the distributed storage offered by the increasingly popular notion of multi-clouds. Specifically, we propose a semantically-grounded data splitting mechanism that is able to automatically detect pieces of data that may cause privacy risks and split them on local premises, so that each chunk does not incur in those risks; then, chunks of clear data are independently stored into the separate locations of a multi-cloud, so that external entities (cloud service providers and attackers) cannot have access to the whole confidential data. Because partial data are stored in clear on cloud premises, outsourced functionalities are seamlessly and efficiently supported by just broadcasting queries to the different cloud locations. To enforce a robust privacy notion, our proposal relies on a privacy model that offers a priori privacy guarantees; to ensure its feasibility, we have designed heuristic algorithms that minimize the number of cloud storage locations we need; to show its potential and generality, we have applied it to the least structured and most challenging data type: plain textual documents.
Denoising and error correction in noisy AES-encrypted images using statistical measures
2016, Signal Processing: Image Communication
Citation Excerpt :
For example, military authorities or law enforcement agencies would require full encryption of the visual data because of the high level of security and confidential nature of the data. Several techniques based on symmetric encryption algorithms have been proposed for image encryption in the literature [16–24]. In [25], a modified version of AES based image encryption is proposed by decreasing the number of rounds and replacing the S-box with new S-box to decrease the hardware requirements.
Cryptography based techniques are used to secure confidential data from unauthorized access. These techniques are very good for the security and protection of the data but are very sensitive to noise. A single bit change in encrypted data can have a catastrophic impact on the decrypted data. This paper addresses the problem of removing bit errors in visual data which are encrypted using the AES algorithm in CBC mode (Cipher Block Chaining). We propose a noise removal approach based on the statistical analysis of each block during the decryption process. Three statistical measures are proposed, i.e. the global variance method (GVM), the mean local variance method (MLVM) and the sum of the squared derivative method (SSDM) for error correction. The proposed approach uses local statistics of the visual data and confusion/diffusion properties of the encryption algorithm to remove errors. Experimental results show that the proposed approach gives better results in removing noise and can be used for noise removal in visual data in the encrypted domain.
The rise of "big data" on cloud computing: Review and open research issues
2015, Information Systems
Citation Excerpt :
The researchers also performed experiments to reduce the cost of encryption by investigating which part of the intermediate datasets must be encrypted and which part must not. Fan and Huang [112] proposed a variant of symmetric predicate encryption in cloud storage to control privacy and preserve search-based functionalities, such as un-decrypt and revocable delegated search. Therefore, controlling the lifetime and search privileges of cloud data could become easy for the owner of the cloud storage.
Cloud computing is a powerful technology to perform massive-scale and complex computing. It eliminates the need to maintain expensive computing hardware, dedicated space, and software. Massive growth in the scale of data or big data generated through cloud computing has been observed. Addressing big data is a challenging and time-demanding task that requires a large computational infrastructure to ensure successful data processing and analysis. The rise of big data in cloud computing is reviewed in this study. The definition, characteristics, and classification of big data along with some discussions on cloud computing are introduced. The relationship between big data and cloud computing, big data storage systems, and Hadoop technology are also discussed. Furthermore, research challenges are investigated, with focus on scalability, availability, data integrity, data transformation, data quality, data heterogeneity, privacy, legal and regulatory issues, and governance. Lastly, open research issues that require substantial research efforts are summarized.
AN INTEGRATED QUANTUM AND BIOMETRIC KEY GENERATION BASED CLOUD DATA SECURITY FRAMEWORK FOR STRUCTURED AND UNSTRUCTURED ELECTRONIC HEALTH RECORDS
2023, Journal of Theoretical and Applied Information Technology
A Novel Data Partitioning Method for Active Privacy Protection Applied to Medical Records
2023, Electronics (Switzerland)

View all citing articles on Scopus

Chun-I Fan was born in Tainan, Taiwan. He received his M.S. degree in computer science and information engineering from National Chiao Tung University, Taiwan, in 1993, and his Ph.D. degree in electrical engineering at National Taiwan University in 1998. From 1999 to 2003, he was an associate researcher and project leader of Telecommunication Laboratories, Chunghwa Telecom Co. Ltd, Taiwan. In 2003, he joined the faculty of the Department of Computer Science and Engineering, National Sun Yat-sen University, Kaohsiung, Taiwan, and has been a full professor since 2010. He won the Dragon Ph.D. Thesis Award from Acer Foundation, Best Ph.D. Thesis Award from Institute of Information and Computing Machinery in 1999, Best Student Paper Awards in National Conference on Information Security 1998 and 2007, Best Master Thesis Award from Taiwan Association for Web Intelligence Consortium in 2011, Outstanding Master Dissertation Award from Taiwan Institute of Electrical and Electronic Engineering in 2011, and Master Thesis Award from Chinese Cryptology and Information Security Association in 2012. He also was the editor-in-chief of Information Security Newsletter and is an Executive Director of Chinese Cryptology and Information Security Association. His current research interests include applied cryptology, cryptographic protocols, information and communication security, and he has published over 100 technical papers.

Shi-Yuan Huang was born in Tainan, Taiwan on May 20, 1979. He received the M.S. degree in Information Management from National Taiwan University of Science and Technology, Taiwan, in 2003. He is now a Ph.D. student of the Department of Computer Science and Engineering at National Sun Yat-sen University. His current research interests include information security, cryptographic protocols, and electronic commerce.

View full text

Controllable privacy preserving search based on symmetric predicate encryption in cloud storage

Abstract

Highlights

Introduction

Section snippets

Preliminaries

The proposed scheme

Security

Comparison

Conclusion

Acknowledgments

Future Generation Computer Systems

Future Generation Computer Systems

Future Generation Computer Systems

Future Generation Computer Systems

The cloudgrid approach: security analysis and performance evaluation

Future Generation Computer Systems

Semantic-based authorization architecture for grid

Future Generation Computer Systems

Private-key hidden vector encryption with key confidentiality

Conjunctive, subset, and range queries on encrypted data

Hidden-vector encryption with groups of prime order

Predicate encryption supporting disjunctions, polynomial equations, and inner products

On black-box constructions of predicate encryption from trapdoor permutations