fuzzy keyword search over encrypted data in cloud computing
TRANSCRIPT
Fuzzy Keyword Search overEncrypted Data inCloud Computing
Jin Li, Qian Wang, Cong Wang,Ning Cao, Kui Ren, and Wenjing Lou
IEEE 29th International Conference on Computer CommunicationsINFOCOM 2010
San Diego, CA - USA - 2010
Presentation by Mateus Cruz
Introduction Preliminaries Proposal Conclusion
OUTLINE
1 Introduction
2 Preliminaries
3 Proposal
4 Conclusion
Introduction Preliminaries Proposal Conclusion
OUTLINE
1 Introduction
2 Preliminaries
3 Proposal
4 Conclusion
Introduction Preliminaries Proposal Conclusion
SCENARIO
Outsourcing dataPrivacy concernsEncryption as a solutionSearch encrypted data
I Only considers exact matching
1 / 18
Introduction Preliminaries Proposal Conclusion
PROPOSAL
Fuzzy keyword search over encrypted dataUse of edit distanceEfficient construction of fuzzy sets
I Smaller sets
2 / 18
Introduction Preliminaries Proposal Conclusion
RELATED WORK
Plaintext fuzzy keyword searchI Dictionary and statistical attacks
Searchable encryptionI Only supports exact search
Secure multiparty computationI High complexity and slow execution
3 / 18
Introduction Preliminaries Proposal Conclusion
OUTLINE
1 Introduction
2 Preliminaries
3 Proposal
4 Conclusion
Introduction Preliminaries Proposal Conclusion
ARCHITECTURE
RolesI Data owner, data users and cloud server
4 / 18
Introduction Preliminaries Proposal Conclusion
SYSTEM MODEL
Collection of N encrypted filesI C = {F1,F2, ...,FN}
Predefined set of p distinct keywordsI W = {w1,w2, ...,wp}
Each file is indexed by an IDI And it is linked to a set of keywords
5 / 18
Introduction Preliminaries Proposal Conclusion
THREAT MODEL
Semi-trusted serverNothing should be leaked
I Except the result and search patterns
6 / 18
Introduction Preliminaries Proposal Conclusion
EDIT DISTANCE
Number of operations to transform onestring into another
I SubstitutionI DeletionI Insertion
Sw ,dI Set of words that satisfy ed(w ,w ′) ≤ d
7 / 18
Introduction Preliminaries Proposal Conclusion
FUZZY KEYWORD SEARCH
InputI Encrypted files C = (F1,F2, ...,FN)I Set of distinct keywords W = {w1,w2, ...,wp}I Query (w , k) (edit distance threshold k )
OutputI If w = wi ∈W , return FIDwI If w /∈W , return {FIDwi}
– ed(w ,wi) ≤ k
8 / 18
Introduction Preliminaries Proposal Conclusion
OUTLINE
1 Introduction
2 Preliminaries
3 Proposal
4 Conclusion
Introduction Preliminaries Proposal Conclusion
PROPOSED APPROACHES
Straightforward approachWildcard-based approach
9 / 18
Introduction Preliminaries Proposal Conclusion
STRAIGHTFORWARD APPROACH
Symmetric encryption schemeI Setup(λ)
– Receives security parameter λ– Outputs a secret key sk
I Enc(sk , ·)I Dec(sk , ·)
Tw is a trapdoor of keyword wI Twi = f(sk ,wi)
10 / 18
Introduction Preliminaries Proposal Conclusion
FUZZY SETS CONSTRUCTION
Swi ,d for each wi ∈W (1 ≤ i ≤ p)I Edit distance d
Straightforward constructionI Enumerate all possible words w ′
i such thated(wi ,w ′
i ) ≤ d
Examplewi = CASTLEPossibilities for one substitution:{AASTLE , . . . ,ZASTLE}Still have to consider deletion and insertion!
11 / 18
Introduction Preliminaries Proposal Conclusion
INDEX CONSTRUCTION
Computation of trapdoorsI Tw ′
i= f foreachw ′
i ∈ Swi ,d
Encryption of FIDwiI Set of file IDs whose files contain wiI Enc(sk ,FIDwi ||wi)
Creates and uploads index tableI {({Tw ′
i}w ′
i ∈Swi ,d,Enc(sk ,FIDwi ||wi))}wi∈W
12 / 18
Introduction Preliminaries Proposal Conclusion
FUZZY SEARCH
An authorized user...I Computes TwI Sends Tw to the server
The server...I Look for the trapdoor in the index tableI Returns {Enc(sk ,FIDwi ||wi)}
The user...I Decrypts the resultsI Retrieve relevant files
13 / 18
Introduction Preliminaries Proposal Conclusion
PROBLEMS
Large fuzzy setsHigh storage costThree edit operations
I Substitution, deletion, insertion
Demand for smaller fuzzy sets
14 / 18
Introduction Preliminaries Proposal Conclusion
WILDCARD-BASED APPROACHTry to generate smaller fuzzy setsWildcards
I Denote operations at the same positionWildcard-based fuzzy set
I Swi ,d = {S′wi ,0,S
′wi ,1, . . . ,S
′wi ,d}
I S′wi , τ is the set of words w ′i with τ wildcards
Examplew = CASTLE , τ = 1SCASTLE ,1 = {CASTLE , ∗CASTLE , ∗ASTLE ,
C ∗ ASTLE ,C ∗ STLE , . . . ,CASTL ∗ E ,CAST ∗ E ,CASTLE∗}
15 / 18
Introduction Preliminaries Proposal Conclusion
EFFICIENT FUZZY KEYWORD SEARCH
The data owner...I Constructs fuzzy keyword set Swi ,d
– Using the wildcard-based techniqueI Computes trapdoor set {T ′
wi}
– For each w ′i ∈ Swi ,d
I Encrypts FIDwi as Enc(sk ,FIDwi ||wi)
An authorized user...I Computes the trapdoor set {Tw ′}w ′∈Sw,k
The server...I Receives the trapdoor set {Tw ′}w ′∈Sw,kI Returns all possible identifiers{Enc(sk ,FIDwi ||wi)}
16 / 18
Introduction Preliminaries Proposal Conclusion
ANALYSIS
Keyword wi with length `Straightforward approach
I Size of Swi ,1 will be (2`+ 1)× 26 + 1Wildcard-based approach
I Size of Swi ,1 will be 2`+ 1 + 1Reduced storage requirements
I O(`d)
17 / 18
Introduction Preliminaries Proposal Conclusion
OUTLINE
1 Introduction
2 Preliminaries
3 Proposal
4 Conclusion