Dynamic Searchable Symmetric Encryption with forward and stronger backward privacy

Cong Zuo; Shi Feng Sun; Joseph K. Liu; Jun Shao; Josef Pieprzyk

doi:10.1007/978-3-030-29962-0_14

Dynamic Searchable Symmetric Encryption with forward and stronger backward privacy

Cong Zuo, Shi Feng Sun, Joseph K. Liu, Jun Shao, Josef Pieprzyk

Department of Software Systems & Cybersecurity

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

10 Citations (Scopus)

Abstract

Dynamic Searchable Symmetric Encryption (DSSE) enables a client to perform updates and searches on encrypted data which makes it very useful in practice. To protect DSSE from the leakage of updates (leading to break query or data privacy), two new security notions, forward and backward privacy, have been proposed recently. Although extensive attention has been paid to forward privacy, this is not the case for backward privacy. Backward privacy, first formally introduced by Bost et al., is classified into three types from weak to strong, exactly Type-III to Type-I. To the best of our knowledge, however, no practical DSSE schemes without trusted hardware (e.g. SGX) have been proposed so far, in terms of the strong backward privacy and constant roundtrips between the client and the server. In this work, we present a new DSSE scheme by leveraging simple symmetric encryption with homomorphic addition and bitmap index. The new scheme can achieve both forward and backward privacy with one roundtrip. In particular, the backward privacy we achieve in our scheme (denoted by Type-I is stronger than Type-I. Moreover, our scheme is very practical as it involves only lightweight cryptographic operations. To make it scalable for supporting billions of files, we further extend it to a multi-block setting. Finally, we give the corresponding security proofs and experimental evaluation which demonstrate both security and practicality of our schemes, respectively.

Original language	English
Title of host publication	Computer Security – ESORICS 2019
Subtitle of host publication	24th European Symposium on Research in Computer Security Luxembourg, September 23–27, 2019 Proceedings, Part II
Editors	Kazue Sako, Steve Schneider, Peter Y.A. Ryan
Place of Publication	Cham Switzerland
Publisher	Springer
Pages	283-303
Number of pages	21
ISBN (Electronic)	9783030299620
ISBN (Print)	9783030299613
DOIs	https://doi.org/10.1007/978-3-030-29962-0_14
Publication status	Published - 2019
Event	European Symposium On Research In Computer Security 2019 - Luxembourg, Luxembourg Duration: 23 Sep 2019 → 27 Sep 2019 Conference number: 24th https://esorics2019.uni.lu/ https://link.springer.com/book/10.1007/978-3-030-29959-0 (Proceedings)

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	11736
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	European Symposium On Research In Computer Security 2019
Abbreviated title	ESORICS 2019
Country	Luxembourg
City	Luxembourg
Period	23/09/19 → 27/09/19
Internet address	https://esorics2019.uni.lu/ https://link.springer.com/book/10.1007/978-3-030-29959-0 (Proceedings)

Keywords

Backward privacy
Dynamic Searchable Symmetric Encryption
Forward privacy

Access to Document

10.1007/978-3-030-29962-0_14

Link to publication in Scopus

Cite this

Zuo, C., Sun, S. F., Liu, J. K., Shao, J., & Pieprzyk, J. (2019). Dynamic Searchable Symmetric Encryption with forward and stronger backward privacy. In K. Sako, S. Schneider, & P. Y. A. Ryan (Eds.), Computer Security – ESORICS 2019 : 24th European Symposium on Research in Computer Security Luxembourg, September 23–27, 2019 Proceedings, Part II (pp. 283-303). (Lecture Notes in Computer Science ; Vol. 11736 ). Springer. https://doi.org/10.1007/978-3-030-29962-0_14

Zuo, Cong ; Sun, Shi Feng ; Liu, Joseph K. ; Shao, Jun ; Pieprzyk, Josef. / Dynamic Searchable Symmetric Encryption with forward and stronger backward privacy. Computer Security – ESORICS 2019 : 24th European Symposium on Research in Computer Security Luxembourg, September 23–27, 2019 Proceedings, Part II. editor / Kazue Sako ; Steve Schneider ; Peter Y.A. Ryan. Cham Switzerland : Springer, 2019. pp. 283-303 (Lecture Notes in Computer Science ).

@inproceedings{a68c5c0a49db4c37b7492cb457b56aca,

title = "Dynamic Searchable Symmetric Encryption with forward and stronger backward privacy",

abstract = "Dynamic Searchable Symmetric Encryption (DSSE) enables a client to perform updates and searches on encrypted data which makes it very useful in practice. To protect DSSE from the leakage of updates (leading to break query or data privacy), two new security notions, forward and backward privacy, have been proposed recently. Although extensive attention has been paid to forward privacy, this is not the case for backward privacy. Backward privacy, first formally introduced by Bost et al., is classified into three types from weak to strong, exactly Type-III to Type-I. To the best of our knowledge, however, no practical DSSE schemes without trusted hardware (e.g. SGX) have been proposed so far, in terms of the strong backward privacy and constant roundtrips between the client and the server. In this work, we present a new DSSE scheme by leveraging simple symmetric encryption with homomorphic addition and bitmap index. The new scheme can achieve both forward and backward privacy with one roundtrip. In particular, the backward privacy we achieve in our scheme (denoted by Type-I is stronger than Type-I. Moreover, our scheme is very practical as it involves only lightweight cryptographic operations. To make it scalable for supporting billions of files, we further extend it to a multi-block setting. Finally, we give the corresponding security proofs and experimental evaluation which demonstrate both security and practicality of our schemes, respectively.",

keywords = "Backward privacy, Dynamic Searchable Symmetric Encryption, Forward privacy",

author = "Cong Zuo and Sun, {Shi Feng} and Liu, {Joseph K.} and Jun Shao and Josef Pieprzyk",

year = "2019",

doi = "10.1007/978-3-030-29962-0_14",

language = "English",

isbn = "9783030299613",

series = "Lecture Notes in Computer Science ",

publisher = "Springer",

pages = "283--303",

editor = "Kazue Sako and Steve Schneider and Ryan, {Peter Y.A.}",

booktitle = "Computer Security – ESORICS 2019",

note = "European Symposium On Research In Computer Security 2019, ESORICS 2019 ; Conference date: 23-09-2019 Through 27-09-2019",

url = "https://esorics2019.uni.lu/, https://link.springer.com/book/10.1007/978-3-030-29959-0",

}

Zuo, C, Sun, SF , Liu, JK, Shao, J & Pieprzyk, J 2019, Dynamic Searchable Symmetric Encryption with forward and stronger backward privacy. in K Sako, S Schneider & PYA Ryan (eds), Computer Security – ESORICS 2019 : 24th European Symposium on Research in Computer Security Luxembourg, September 23–27, 2019 Proceedings, Part II. Lecture Notes in Computer Science , vol. 11736 , Springer, Cham Switzerland, pp. 283-303, European Symposium On Research In Computer Security 2019, Luxembourg, Luxembourg, 23/09/19. https://doi.org/10.1007/978-3-030-29962-0_14

Dynamic Searchable Symmetric Encryption with forward and stronger backward privacy. / Zuo, Cong; Sun, Shi Feng ; Liu, Joseph K.; Shao, Jun; Pieprzyk, Josef.

Computer Security – ESORICS 2019 : 24th European Symposium on Research in Computer Security Luxembourg, September 23–27, 2019 Proceedings, Part II. ed. / Kazue Sako; Steve Schneider; Peter Y.A. Ryan. Cham Switzerland : Springer, 2019. p. 283-303 (Lecture Notes in Computer Science ; Vol. 11736 ).

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

TY - GEN

T1 - Dynamic Searchable Symmetric Encryption with forward and stronger backward privacy

AU - Zuo, Cong

AU - Sun, Shi Feng

AU - Liu, Joseph K.

AU - Shao, Jun

AU - Pieprzyk, Josef

N1 - Conference code: 24th

PY - 2019

Y1 - 2019

N2 - Dynamic Searchable Symmetric Encryption (DSSE) enables a client to perform updates and searches on encrypted data which makes it very useful in practice. To protect DSSE from the leakage of updates (leading to break query or data privacy), two new security notions, forward and backward privacy, have been proposed recently. Although extensive attention has been paid to forward privacy, this is not the case for backward privacy. Backward privacy, first formally introduced by Bost et al., is classified into three types from weak to strong, exactly Type-III to Type-I. To the best of our knowledge, however, no practical DSSE schemes without trusted hardware (e.g. SGX) have been proposed so far, in terms of the strong backward privacy and constant roundtrips between the client and the server. In this work, we present a new DSSE scheme by leveraging simple symmetric encryption with homomorphic addition and bitmap index. The new scheme can achieve both forward and backward privacy with one roundtrip. In particular, the backward privacy we achieve in our scheme (denoted by Type-I is stronger than Type-I. Moreover, our scheme is very practical as it involves only lightweight cryptographic operations. To make it scalable for supporting billions of files, we further extend it to a multi-block setting. Finally, we give the corresponding security proofs and experimental evaluation which demonstrate both security and practicality of our schemes, respectively.

AB - Dynamic Searchable Symmetric Encryption (DSSE) enables a client to perform updates and searches on encrypted data which makes it very useful in practice. To protect DSSE from the leakage of updates (leading to break query or data privacy), two new security notions, forward and backward privacy, have been proposed recently. Although extensive attention has been paid to forward privacy, this is not the case for backward privacy. Backward privacy, first formally introduced by Bost et al., is classified into three types from weak to strong, exactly Type-III to Type-I. To the best of our knowledge, however, no practical DSSE schemes without trusted hardware (e.g. SGX) have been proposed so far, in terms of the strong backward privacy and constant roundtrips between the client and the server. In this work, we present a new DSSE scheme by leveraging simple symmetric encryption with homomorphic addition and bitmap index. The new scheme can achieve both forward and backward privacy with one roundtrip. In particular, the backward privacy we achieve in our scheme (denoted by Type-I is stronger than Type-I. Moreover, our scheme is very practical as it involves only lightweight cryptographic operations. To make it scalable for supporting billions of files, we further extend it to a multi-block setting. Finally, we give the corresponding security proofs and experimental evaluation which demonstrate both security and practicality of our schemes, respectively.

KW - Backward privacy

KW - Dynamic Searchable Symmetric Encryption

KW - Forward privacy

UR - http://www.scopus.com/inward/record.url?scp=85075596522&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-29962-0_14

DO - 10.1007/978-3-030-29962-0_14

M3 - Conference Paper

AN - SCOPUS:85075596522

SN - 9783030299613

T3 - Lecture Notes in Computer Science

SP - 283

EP - 303

BT - Computer Security – ESORICS 2019

A2 - Sako, Kazue

A2 - Schneider, Steve

A2 - Ryan, Peter Y.A.

PB - Springer

CY - Cham Switzerland

T2 - European Symposium On Research In Computer Security 2019

Y2 - 23 September 2019 through 27 September 2019

ER -

Zuo C, Sun SF , Liu JK, Shao J, Pieprzyk J. Dynamic Searchable Symmetric Encryption with forward and stronger backward privacy. In Sako K, Schneider S, Ryan PYA, editors, Computer Security – ESORICS 2019 : 24th European Symposium on Research in Computer Security Luxembourg, September 23–27, 2019 Proceedings, Part II. Cham Switzerland: Springer. 2019. p. 283-303. (Lecture Notes in Computer Science ). https://doi.org/10.1007/978-3-030-29962-0_14