fuzzy keyword search over encrypted data in cloud computing

Fuzzy Keyword Search overEncrypted Data inCloud Computing

Jin Li, Qian Wang, Cong Wang,Ning Cao, Kui Ren, and Wenjing Lou

IEEE 29th International Conference on Computer CommunicationsINFOCOM 2010

San Diego, CA - USA - 2010

Presentation by Mateus Cruz

Introduction Preliminaries Proposal Conclusion

OUTLINE

1 Introduction

2 Preliminaries

3 Proposal

4 Conclusion


SCENARIO

Outsourcing dataPrivacy concernsEncryption as a solutionSearch encrypted data

I Only considers exact matching

1 / 18


PROPOSAL

Fuzzy keyword search over encrypted dataUse of edit distanceEfficient construction of fuzzy sets

I Smaller sets

2 / 18


RELATED WORK

Plaintext fuzzy keyword searchI Dictionary and statistical attacks

Searchable encryptionI Only supports exact search

Secure multiparty computationI High complexity and slow execution

3 / 18


OUTLINE

1 Introduction

2 Preliminaries

3 Proposal

4 Conclusion


ARCHITECTURE

RolesI Data owner, data users and cloud server

4 / 18


SYSTEM MODEL

Collection of N encrypted filesI C = {F1,F2, ...,FN}

Predefined set of p distinct keywordsI W = {w1,w2, ...,wp}

Each file is indexed by an IDI And it is linked to a set of keywords

5 / 18


THREAT MODEL

Semi-trusted serverNothing should be leaked

I Except the result and search patterns

6 / 18


EDIT DISTANCE

Number of operations to transform onestring into another

I SubstitutionI DeletionI Insertion

Sw ,dI Set of words that satisfy ed(w ,w ′) ≤ d

7 / 18


FUZZY KEYWORD SEARCH

InputI Encrypted files C = (F1,F2, ...,FN)I Set of distinct keywords W = {w1,w2, ...,wp}I Query (w , k) (edit distance threshold k )

OutputI If w = wi ∈W , return FIDwI If w /∈W , return {FIDwi}

– ed(w ,wi) ≤ k

8 / 18


OUTLINE

1 Introduction

2 Preliminaries

3 Proposal

4 Conclusion


PROPOSED APPROACHES

Straightforward approachWildcard-based approach

9 / 18


STRAIGHTFORWARD APPROACH

Symmetric encryption schemeI Setup(λ)

– Receives security parameter λ– Outputs a secret key sk

I Enc(sk , ·)I Dec(sk , ·)

Tw is a trapdoor of keyword wI Twi = f(sk ,wi)

10 / 18


FUZZY SETS CONSTRUCTION

Swi ,d for each wi ∈W (1 ≤ i ≤ p)I Edit distance d

Straightforward constructionI Enumerate all possible words w ′

i such thated(wi ,w ′

i ) ≤ d

Examplewi = CASTLEPossibilities for one substitution:{AASTLE , . . . ,ZASTLE}Still have to consider deletion and insertion!

11 / 18


INDEX CONSTRUCTION

Computation of trapdoorsI Tw ′

i= f foreachw ′

i ∈ Swi ,d

Encryption of FIDwiI Set of file IDs whose files contain wiI Enc(sk ,FIDwi ||wi)

Creates and uploads index tableI {({Tw ′

i}w ′

i ∈Swi ,d,Enc(sk ,FIDwi ||wi))}wi∈W

12 / 18


FUZZY SEARCH

An authorized user...I Computes TwI Sends Tw to the server

The server...I Look for the trapdoor in the index tableI Returns {Enc(sk ,FIDwi ||wi)}

The user...I Decrypts the resultsI Retrieve relevant files

13 / 18


PROBLEMS

Large fuzzy setsHigh storage costThree edit operations

I Substitution, deletion, insertion

Demand for smaller fuzzy sets

14 / 18


WILDCARD-BASED APPROACHTry to generate smaller fuzzy setsWildcards

I Denote operations at the same positionWildcard-based fuzzy set

I Swi ,d = {S′wi ,0,S

′wi ,1, . . . ,S

′wi ,d}

I S′wi , τ is the set of words w ′i with τ wildcards

Examplew = CASTLE , τ = 1SCASTLE ,1 = {CASTLE , ∗CASTLE , ∗ASTLE ,

C ∗ ASTLE ,C ∗ STLE , . . . ,CASTL ∗ E ,CAST ∗ E ,CASTLE∗}

15 / 18


EFFICIENT FUZZY KEYWORD SEARCH

The data owner...I Constructs fuzzy keyword set Swi ,d

– Using the wildcard-based techniqueI Computes trapdoor set {T ′

wi}

– For each w ′i ∈ Swi ,d

I Encrypts FIDwi as Enc(sk ,FIDwi ||wi)

An authorized user...I Computes the trapdoor set {Tw ′}w ′∈Sw,k

The server...I Receives the trapdoor set {Tw ′}w ′∈Sw,kI Returns all possible identifiers{Enc(sk ,FIDwi ||wi)}

16 / 18


ANALYSIS

Keyword wi with length `Straightforward approach

I Size of Swi ,1 will be (2`+ 1)× 26 + 1Wildcard-based approach

I Size of Swi ,1 will be 2`+ 1 + 1Reduced storage requirements

I O(`d)

17 / 18


OUTLINE

1 Introduction

2 Preliminaries

3 Proposal

4 Conclusion


SUMMARY

Wildcard-based approachI A wildcard denotes all operations

Efficient construction of fuzzy setsI Reduced storage requirements

Secure regarding search privacy

18 / 18

fuzzy keyword search over encrypted data in cloud computing

Technology