Secure and dynamic keyword searching in the cloud using homomorphic encryption

Abstract

The cloud has become an essential computing paradigm and storage medium for lightweight platforms like mobile applications or IoT devices. Since the cloud service provider is outside the user’s trusted domain, various privacy issues can be raised against a curious cloud server. Documents are usually encrypted before uploading to the cloud in order to protect privacy. However, information can be leaked from the index structure used for searching or from the search query. Moreover, dynamic schemes leak more information while inserting or deleting a document than static schemes. For dynamic schemes, forward privacy is needed to ensure that a newly added file cannot be linked to previous searches. To address these security issues, we propose and implement a secure, dynamic, and ranked PKSE framework over encrypted cloud data named Se-PKSE. We leverage partially homomorphically encrypted keyword balanced binary (KBB) tree- based index structure that provides security against cloud-based index information leakage attacks. Due to the use of our modified KBB tree-based index structure, Se-PKSE achieves sub-linear ranked search capability with support for dynamic insertion and deletion of documents. Besides, an interactive search mechanism is introduced that requires collaboration between the user and the cloud. Trapdoors are also eliminated from the search request to ensure search keyword privacy and forward privacy. We have analyzed the security of Se-PKSE, implemented and tested our system in the Amazon EC2 cloud server for practicality using the Request for Comments (RFC) dataset. The comprehensive evaluation demonstrates that this scheme is efficient and secure for practical deployment.