A Searchable Symmetric Key Cipher System
0 likes1,306 views
This presentation introduces a cryptographic scheme which enables searching on encrypted data without revealing to the server. The proposed scheme allows for a encrypted storage such as a secure cloud storage to be searchable in such a way that the service provider is unable to compromise the security of the system.
![REFERENCES
[1] D. X. Song, D. Wagner, and A. Perrig.
Practical techniques for searches on encrypted
data. In IEEE Symposium onSecurity and
Privacy, 2000.
[2] Changyu Dong, Giovanni Russello and
Naranker Dulay. No Shared Keys: Multi-user
Searchable Data Encryption. Department of
Computing, Imperial College London.](https://image.slidesharecdn.com/designofasearchablesymmetrickeyciphersystem-120529001108-phpapp02/85/A-Searchable-Symmetric-Key-Cipher-System-10-320.jpg)
Ad
More Related Content
Viewers also liked (8)
Similar to A Searchable Symmetric Key Cipher System (20)
Ad
More from Kelum Senanayake (8)
Ad
Recently uploaded (20)
A Searchable Symmetric Key Cipher System
- 1. DESIGN AND ANALYSIS OF A SEARCHABLE SYMMETRIC KEY CIPHER SYSTEM By: Asanka Balasooriya Kelum Senanayake
- 2. SECURITY REQUIREMENTS A cryptographic scheme which enables searching on encrypted data without revealing to the server should have following features. Untrusted server should not be able to learn anything about the plaintext given only the ciphertext Untrusted server should not be able to search for a word without authorization of the client The scheme should be efficient and practical
- 3. THE PROPOSED SCHEME Let’s assume that Alice is the client who owns important data and wants to store in Bob’s cloud storage which is untrusted. The scheme is as follows; Alice builds an index with keywords that Alice may want to search for later for all data currently she owns. Then she encrypts all the plain data using a symmetric encryption key. All the keywords of the index are encrypted using the same key. Lists of positions of the index are left as plain data. Store the complete index and ciphertext of the plain data on Bob’s server.
- 4. Let’s assume the selected encryption mechanism is E with a key k. The list of plaintexts of Alice = {P1, P2, P3 …. Pn} Corresponding ciphertexts = {C1, C2, C3, …. Cn} The set of selected keywords of the index = {w1, w2, w3 …. wm} Then the index with encrypted keywords is as follows for a keyword wi Ek(wi) ---------->> {Cp, Cq, Cr, …. Ct}
- 5. SEARCHING FOR A SPECIFIC KEYWORD WJ IS AS FOLLOWS Alice computes Ek(wj) value and send it to Bob. Bob searches the index entries for Ek(wj) and finds a match. Bob reads the list of positions associated with encrypted keyword sent by Alice for the search in the index. Bob sends the list of ciphertexts fetching using the list of positions to the Alice as the search result. Alice decrypts ciphertexts to access the corresponding plaintexts.
- 6. SECURITY STRENGTHS OF THE SCHEME Bob is unable to identify the content of the data since both data and keywords are encrypted. The proposed scheme provides controlled searching where Bob is not be able to search without the authorization of Alice Bob knows nothing more than the encrypted search result for an encrypted keyword if he tries to do a search which is not asked by Alice
- 7. SECURITY ATTACKS Basically statistical attacks can be done on this scheme in two ways. Bob may statistically analyze the index to identify certain keywords. Although the keywords are encrypted, Bob still is able to identify most common words which are associated with large set of documents. Bob may observe number of search requests and statistically identify access patterns of Alice.
- 8. SOLUTIONS Statistical attacks on index can be prevented by maintaining lists of document positions for keywords in fixed size lists. For words that appear infrequently, Alice can pad the list to the fixed size. For more common words, Alice can split the long list into several lists with the fixed size. Then to search for such a word, Alice will need to ask Bob to perform and merge several search queries in parallel. The second kind of attacks is hard to avoid unless performing several unwanted searches together with regular searches. This way Bob can be misled to identify false access patterns.
- 9. WEAKNESSES OF THE SCHEME Alice must update the index whenever she changes her documents. Ideal for read only data storages. Bob might be able to learn through updating the index. If Alice does not change the index for a key word when she adds a new document to the server, then Bob is able to know that the keyword is not included in the newly created document. Alice must update substantial part of the index to hide real updates.
- 10. REFERENCES [1] D. X. Song, D. Wagner, and A. Perrig. Practical techniques for searches on encrypted data. In IEEE Symposium onSecurity and Privacy, 2000. [2] Changyu Dong, Giovanni Russello and Naranker Dulay. No Shared Keys: Multi-user Searchable Data Encryption. Department of Computing, Imperial College London.
- 11. THANK YOU