Dynamic Searchable Symmetric Encryption With Strong Security and Robustness
ABSTARCT :
Dynamic Searchable Symmetric Encryption (DSSE) is a prospective technique in the field of cloud storage for secure search over encrypted data. A DSSE client can issue update queries to an honest-but-curious server for adding or deleting his ciphertexts to or from the server and delegate keyword search over those ciphertexts to the server.
Numerous investigations focus on achieving strong security, like forwardand-Type-I--backward security, to reduce the information leakage of DSSE to the server as much as possible. However, the existing DSSE with such strong security cannot keep search correctness and stable security (or robustness, in short) if irrational queries are issued by the client, like duplicate add or delete queries and the delete queries for removing non-existed entries, to the server unintentionally.
Hence, this work proposes two new DSSE schemes, named SR-DSSEa and SR-DSSEb , respectively. Both two schemes achieve forwardand-Type-I--backward security while keeping robustness when irrational queries are issued. In terms of performance, SR-DSSEa has more efficient communication costs and roundtrips than SR-DSSEb .
EXISTING SYSTEM :
Searchable Symmetric Encryption. Database encryption is a key enabler for secure storage-as-a-service, wherein clients can securely outsource the storage and processing of large databases to (potentially untrusted) third party servers. Searchable symmetric encryption (SSE) [1]–[4] is a special subclass of database encryption that aims to efficiently support search queries over symmetrically encrypted databases.
The core functionality enabled by SSE is the following: given an encrypted document collection in which each document is tagged with keywords, find the set of all documents tagged with a given keyword .
In this paper, we focus primarily on SSE for static document collections. This has historically received the most attention.
DISADVANTAGE :
Search Efficiency: DSSE schemes often require complex cryptographic operations (e.g., keyword-based encryption, index management), which can introduce significant performance overhead. This may result in slower query times compared to traditional search methods that don’t involve encryption.
Complex Queries: Handling complex queries (like multi-keyword searches or negation queries) can be challenging. More advanced DSSE schemes may support these, but they often come with higher computational and storage costs.
Pattern Disclosure: Even though the data is encrypted, DSSE schemes may leak some information about the access patterns of the data, such as which documents or records are being queried. This can be exploited by adversaries through side-channel attacks to infer sensitive information.
Dynamic Updates: Some DSSE schemes support dynamic updates (e.g., adding, deleting, or modifying encrypted documents), which is important for real-world applications. However, ensuring secure updates while maintaining efficient search and indexing can add complexity and overhead.
PROPOSED SYSTEM :
Although sub-linear search time is one of main requirements for practical SSE schemes, scalability guaranteeing ecient update (addition and deletion) of documents is also a required property of SSE schemes.
But the static SSE schemes [1, 8, 9, 11, 13], which only consider a ?xed number of document/keyword pairs, can provide scalability by either re-indexing the entire documents or making use of generic and relatively expensive techniques [13].
To remedy this problem, dynamic variants of SSE (DSSE) schemes [7, 23, 24, 27, 28, 31, 32] have been proposed. With tradeo?s between security and practicality, almost all of the practical SSE schemes leak information about documents.
Recent research on the real-world impact of these leakage [6, 22, 33], however, shows that even small leakage can be used to break the privacy of search queries. In particular, the ?le-injection a?acks proposed by Zhang et al.
ADVANTAGE :
Data Confidentiality: DSSE ensures that the data remains encrypted at all times, meaning sensitive information is protected from unauthorized access. Even if an adversary gains access to the storage system or the encrypted data, they cannot read the contents without the decryption key.
Dynamic Data Handling: Unlike traditional searchable encryption schemes that only support static datasets (where data cannot be added, deleted, or updated), DSSE allows for the dynamic updating of encrypted data. Users can add, modify, or delete data securely without the need to re-encrypt the entire dataset.
Search Without Decryption: DSSE allows for the search of encrypted data without the need for decryption. This means that sensitive data can remain protected while still being accessible for legitimate search operations, such as keyword searches.
Query Privacy: In some DSSE schemes, the queries themselves are encrypted, meaning that attackers cannot learn anything about the queries being performed (e.g., search terms or patterns).
|