DOTNET PROJECT
A Secure Searchable
Encryption Framework for Privacy-Critical Cloud Storage Services
Abstract:
Searchable encryption has
received a significant attention from the research community with various
constructions being proposed, each achieving asymptotically optimal complexity
for specific metrics (e.g., search, update). Despite their elegance, the recent
attacks and deployment efforts have shown that the optimal asymptotic
complexity might not always imply practical performance, especially if the
application demands a high privacy. In this article, we introduce a novel
Dynamic Searchable Symmetric Encryption (DSSE) framework called Incidence
Matrix (IM)-DSSE, which achieves a high level of privacy, efficient
search/update, and low client storage with actual deployments on real cloud
settings. We harness an incidence matrix along with two hash tables to create
an encrypted index, on which both search and update operations can be performed
effectively with minimal information leakage. This simple set of data
structures surprisingly offers a high level of DSSE security while achieving
practical performance. Specifically, IM-DSSE achieves forward-privacy,
backward-privacy and size-obliviousness simultaneously. We also create several
DSSE variants, each offering different trade-offs that are suitable for
different cloud applications and infrastructures. We fully implemented our
framework and evaluated its performance on a real cloud system (Amazon EC2). We
have released IM-DSSE as an open-source library for wide development and
adaptation.
No comments:
Post a Comment