research-article

Secure and Flexible Wildcard Queries

Authors:

Guomin YangAuthors Info & Claims

IEEE Transactions on Information Forensics and Security, Volume 19

Pages 7374 - 7388

https://doi.org/10.1109/TIFS.2024.3430056

Published: 01 January 2024 Publication History

Abstract

Wildcard Keyword Searchable Encryption (WKSE) enables users to search desired encrypted files with wildcard queries. Previous schemes only enabled single-character wildcard queries or restricted multi-character wildcard queries. Even if the two types of queries are supported by several schemes, they are vulnerable to correlation attacks and composition attacks. In this paper, we propose a WKSE scheme Secure Flexible Wildcard Queries (SFWQ) that supports highly flexible wildcard queries and resists correlation and composition attacks. Specifically, we adopt the interval matching method instead of traditional position matching, so that SFWQ supports a variety of queries, including single-character wildcard queries, multi-character wildcard queries, and mixed wildcard queries that the combination of both single-character and multi-character wildcards within the same query. Moreover, the number and position of wildcards within wildcard keywords are adjustable according to user preference. To resist the correlation attack and composition attack, we leverage key aggregate searchable encryption (KASE) and key exchange protocol to process characters so that even the same characters of the same keyword behave as different ciphertexts. We define a security model for WKSE which catches the correlation attack and composition attack. Our proof validates SFWQ is secure under the security model. Finally, we implement SFWQ and compare it with state-of-the-art schemes. The experimental results demonstrate that our scheme is feasible and efficient.

References

[1]

D. Xiaoding Song, D. Wagner, and A. Perrig, “Practical techniques for searches on encrypted data,” in Proc. IEEE Symp. Secur. Privacy (S&P), May 2000, pp. 44–55.

[2]

K. He, J. Chen, Q. Zhou, R. Du, and Y. Xiang, “Secure dynamic searchable symmetric encryption with constant client storage cost,” IEEE Trans. Inf. Forensics Security, vol. 16, pp. 1538–1549, 2021.

[3]

E.-J. Goh, “Secure indexes,” Cryptol. ePrint Arch., Tech. Rep. 2003/216, 2003, pp. 1–18.

[4]

R. Curtmola, J. Garay, S. Kamara, and R. Ostrovsky, “Searchable symmetric encryption: Improved definitions and efficient constructions,” J. Comput. Secur., vol. 19, no. 5, pp. 895–934, 2011.

[5]

S. Sedghi, P. Van Liesdonk, S. Nikova, P. Hartel, and W. Jonker, “Searching keywords with wildcards on encrypted data,” in Proc. 7th Int. Conf. Secur. Cryptogr. Netw. (SCN), 2010, pp. 138–153.

[6]

T. Suga, T. Nishide, and K. Sakurai, “Secure keyword search using Bloom filter with specified character positions,” in Proc. 6th Int. Conf. Provable Secur. (ProvSec), 2012, pp. 235–252.

[7]

M. Yasuda, T. Shimoyama, J. Kogure, K. Yokoyama, and T. Koshiba, “Privacy-preserving wildcards pattern matching using symmetric somewhat homomorphic encryption,” in Proc. 19th Australas. Conf. Inf. Secur. Privacy (ACISP), 2014, pp. 338–353.

[8]

Y. Li, J. Ning, and J. Chen, “Secure and practical wildcard searchable encryption system based on inner product,” IEEE Trans. Services Comput., vol. 16, no. 3, pp. 2178–2190, May/Jun. 2023.

[9]

T. K. Saha and T. Koshiba, “An enhancement of privacy-preserving wildcards pattern matching,” in Proc. 10th Int. Symp. Found. Pract. Secur. (FPS), 2017, pp. 145–160.

[10]

Y. Yang, X. Liu, R. H. Deng, and J. Weng, “Flexible wildcard searchable encryption system,” IEEE Trans. Services Comput., vol. 13, no. 3, pp. 464–477, May 2020.

[11]

C. Hu and L. Han, “Efficient wildcard search over encrypted data,” Int. J. Inf. Secur., vol. 15, no. 5, pp. 539–547, Oct. 2016.

Digital Library

[12]

F. Zhao and T. Nishide, “Searchable symmetric encryption supporting queries with multiple-character wildcards,” in Proc. 10th Int. Conf. Netw. Syst. Secur. (NSS), 2016, pp. 266–282.

[13]

J. Hua, Y. Liu, H. Chen, X. Tian, and C. Jin, “An enhanced wildcard-based fuzzy searching scheme in encrypted databases,” World Wide Web, vol. 23, no. 3, pp. 2185–2214, May 2020.

Digital Library

[14]

C. Bösch, R. Brinkman, P. Hartel, and W. Jonker, “Conjunctive wildcard search over encrypted data,” in Proc. 8th Workshop Secure Data Manage., 2011, pp. 114–127.

[15]

B. Minaud and M. Reichle, “Dynamic local searchable symmetric encryption,” in Proc. 42nd Annu. Int. Cryptol. Conf. (CRYPTO), 2022, pp. 91–120.

[16]

C. Hu, L. Han, and S. M. Yiu, “Efficient and secure multi-functional searchable symmetric encryption schemes,” Secur. Commun. Netw., vol. 9, no. 1, pp. 34–42, 2016.

Digital Library

[17]

B. Cui, Z. Liu, and L. Wang, “Key-aggregate searchable encryption (KASE) for group data sharing via cloud storage,” IEEE Trans. Comput., vol. 65, no. 8, pp. 2374–2385, Aug. 2016.

Digital Library

[18]

W. Diffie and M. Hellman, “New directions in cryptography,” IEEE Trans. Inf. Theory, vol. IT-22, no. 6, pp. 644–654, Nov. 1976.

Digital Library

[19]

S. Faber, S. Jarecki, H. Krawczyk, Q. Nguyen, M. Rosu, and M. Steiner, “Rich queries on encrypted data: Beyond exact matches,” in Proc. 20th ESORICS, 2015, pp. 123–145.

[20]

S. Chatterjee, M. Kesarwani, J. Modi, S. Mukherjee, S. K. Parshuram Puria, and A. Shah, “Secure and efficient wildcard search over encrypted data,” Int. J. Inf. Secur., vol. 20, no. 2, pp. 199–244, Apr. 2021.

Digital Library

[21]

X. Zhang, B. Zhao, J. Qin, W. Hou, Y. Su, and H. Yang, “Practical wildcard searchable encryption with tree-based index,” Int. J. Intell. Syst., vol. 36, no. 12, pp. 7475–7499, 2021.

Digital Library

[22]

Q. Wang, X. Zhang, J. Qin, J. Ma, and X. Huang, “A verifiable symmetric searchable encryption scheme based on the AVL tree,” Comput. J., vol. 66, no. 1, pp. 174–183, 2021.

[23]

S. Patel, G. Persiano, K. Yeo, and M. Yung, “Mitigating leakage in secure cloud-hosted data structures: Volume-hiding for multi-maps via hashing,” in Proc. 26th CCS, 2019, pp. 79–93.

[24]

Z. Liu et al., “Eurus: Towards an efficient searchable symmetric encryption with size pattern protection,” IEEE Trans. Dependable Secure Comput., vol. 19, no. 3, pp. 2023–2037, May 2022.

[25]

Z. Shang, S. Oya, A. Peter, and F. Kerschbaum, “Obfuscated access and search patterns in searchable encryption,” in Proc. 28th NDSS, 2021, pp. 1–18.

[26]

D. Cash et al., “Dynamic searchable encryption in very-large databases: Data structures and implementation,” in Proc. 21st NDSS, 2014, pp. 1–16.

[27]

J. Wang, S.-F. Sun, T. Li, S. Qi, and X. Chen, “Practical volume-hiding encrypted multi-maps with optimal overhead and beyond,” in Proc. 29th ACM SIGSAC Conf. Comput. Commun. Secur. (CCS), 2022, pp. 2825–2839.

[28]

C. Huang, D. Liu, A. Yang, R. Lu, and X. Shen, “Multi-client secure and efficient DPF-based keyword search for cloud storage,” IEEE Trans. Dependable Secure Comput., vol. 21, no. 1, pp. 353–371, Jan./Feb. 2024.

Digital Library

[29]

T. Chen et al., “The power of bamboo: On the post-compromise security for searchable symmetric encryption,” in Proc. 30th NDSS, 2023, pp. 1–18.

[30]

X. Liu, G. Yang, W. Susilo, J. Tonien, X. Liu, and J. Shen, “Privacy-preserving multi-keyword searchable encryption for distributed systems,” IEEE Trans. Parallel Distrib. Syst., vol. 32, no. 3, pp. 561–574, Mar. 2021.

[31]

B. Ferreira, B. Portela, T. Oliveira, G. Borges, H. Domingos, and J. Leitão, “Boolean searchable symmetric encryption with filters on trusted hardware,” IEEE Trans. Dependable Secure Comput., vol. 19, no. 2, pp. 1307–1319, Mar. 2022.

[32]

C.-K. Chu, S. S. M. Chow, W.-G. Tzeng, J. Zhou, and R. H. Deng, “Key-aggregate cryptosystem for scalable data sharing in cloud storage,” IEEE Trans. Parallel Distrib. Syst., vol. 25, no. 2, pp. 468–477, Feb. 2014.

Digital Library

[33]

R. Zhou, X. Zhang, X. Du, X. Wang, G. Yang, and M. Guizani, “File-centric multi-key aggregate keyword searchable encryption for industrial Internet of Things,” IEEE Trans. Ind. Informat., vol. 14, no. 8, pp. 3648–3658, Aug. 2018.

[34]

Z. Liu, T. Li, P. Li, C. Jia, and J. Li, “Verifiable searchable encryption with aggregate keys for data sharing system,” Future Gener. Comput. Syst., vol. 78, pp. 778–788, Jan. 2018.

Digital Library

[35]

M. Padhya and D. C. Jinwala, “MULKASE: A novel approach for key-aggregate searchable encryption for multi-owner data,” Frontiers Inf. Technol. Electron. Eng., vol. 20, pp. 1717–1748, Oct. 2019.

[36]

J. Liu, B. Zhao, J. Qin, X. Hou, and J. Ma, “Key-aggregate searchable encryption supporting conjunctive queries for flexible data sharing in the cloud,” Inf. Sci., vol. 645, Oct. 2023, Art. no.

[37]

S. Patranabis and D. Mukhopadhyay, “Forward and backward private conjunctive searchable symmetric encryption,” in Proc. 28th NDSS, 2021, pp. 1–18.

[38]

D. Cash, S. Jarecki, C. Jutla, H. Krawczyk, M.-C. Roşu, and M. Steiner, “Highly-scalable searchable symmetric encryption with support for Boolean queries,” in Proc. 33rd CRYPTO, 2013, pp. 353–373.

[39]

J. Li, Q. Wang, C. Wang, N. Cao, K. Ren, and W. Lou, “Fuzzy keyword search over encrypted data in cloud computing,” in Proc. IEEE INFOCOM, Mar. 2010, pp. 1–5.

[40]

C. Wang, K. Ren, S. Yu, and K. M. R. Urs, “Achieving usable and privacy-assured similarity search over outsourced cloud data,” in Proc. 31st INFOCOM, Mar. 2012, pp. 451–459.

[41]

Z. Fu, X. Wu, C. Guan, X. Sun, and K. Ren, “Toward efficient multi-keyword fuzzy search over encrypted outsourced data with accuracy improvement,” IEEE Trans. Inf. Forensics Security, vol. 11, no. 12, pp. 2706–2716, Dec. 2016.

[42]

X. Ding, P. Liu, and H. Jin, “Privacy-preserving multi-keyword top-k similarity search over encrypted data,” IEEE Trans. Dependable Secure Comput., vol. 16, no. 2, pp. 344–357, Mar. 2019.

Digital Library

[43]

R. A. Popa, C. M. Redfield, N. Zeldovich, and H. Balakrishnan, “CryptDB: Protecting confidentiality with encrypted query processing,” in Proc. 23rd ACM Symp. Operating Syst. Princ. (SOSP), 2011, pp. 85–100.

[44]

D. Boneh and B. Waters, “Conjunctive, subset, and range queries on encrypted data,” in Proc. 4th TCC, 2007, pp. 535–554.

[45]

M. Abdalla, A. De Caro, and D. H. Phan, “Generalized key delegation for wildcarded identity-based and inner-product encryption,” IEEE Trans. Inf. Forensics Security, vol. 7, no. 6, pp. 1695–1706, Dec. 2012.

Digital Library

[46]

J. Kim, S. Lee, J. Lee, and H. Oh, “Scalable wildcarded identity-based encryption,” in Proc. 23rd Eur. Symp. Res. Comput. Secur. (ESORICS), Barcelona, Spain, 2018, pp. 269–287.

[47]

Q. Liu, Y. Peng, S. Pei, J. Wu, T. Peng, and G. Wang, “Prime inner product encoding for effective wildcard-based multi-keyword fuzzy search,” IEEE Trans. Services Comput., vol. 15, no. 4, pp. 1799–1812, Jul. 2022.

[48]

M. Kim, H. T. Lee, S. Ling, B. H. M. Tan, and H. Wang, “Private compound wildcard queries using fully homomorphic encryption,” IEEE Trans. Dependable Secure Comput., vol. 16, no. 5, pp. 743–756, Sep. 2019.

[49]

Z. Gui, K. G. Paterson, and S. Patranabis, “Rethinking searchable symmetric encryption,” in Proc. IEEE Symp. Secur. Privacy (SP), May 2023, pp. 1401–1418.

Cited By

Wu JDu KWang JSun SWang YLi YTian WWang Y(2024)Compressed Cookies: Practical Wildcard Symmetric Searchable Encryption with Optimized StorageProvable and Practical Security10.1007/978-981-96-0954-3_6(106-126)Online publication date: 25-Sep-2024
https://dl.acm.org/doi/10.1007/978-981-96-0954-3_6

Index Terms

Secure and Flexible Wildcard Queries
1. Information systems
  1. Data management systems
    1. Data structures
      1. Data layout
        Data encryption
2. Security and privacy

Index terms have been assigned to the content through auto-classification.

Recommendations

Efficient wildcard search over encrypted data

Searchable encryption is an important technique that allows the data owners to store their encrypted data in the cloud. It also maintains the ability to search a keyword over encrypted data. In practice, searchable encryption scheme supporting wildcard ...
SMTWM: Secure Multiple Types Wildcard Pattern Matching Protocol from Oblivious Transfer
Algorithms and Architectures for Parallel Processing
Abstract
Secure wildcard pattern matching (SWPM) involves both sender and receiver entities, where the sender holds long text and the receiver holds short pattern containing wildcard characters. The receiver only learns the position information which the ...
$^{}$ $^{}$
SWiM: Secure Wildcard Pattern Matching from OT Extension
Financial Cryptography and Data Security
Abstract
Suppose a server holds a long text string and a receiver holds a short pattern string. Secure pattern matching allows the receiver to learn the locations in the long text where the pattern appears, while leaking nothing else to either party ...

Comments

Information & Contributors

Information

Published In

cover image IEEE Transactions on Information Forensics and Security

IEEE Transactions on Information Forensics and Security Volume 19, Issue

2024

10342 pages

ISSN:1556-6013

Issue’s Table of Contents

1556-6021 © 2024 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See https://www.ieee.org/publications/rights/index.html for more information.

Publisher

IEEE Press

Publication History

Published: 01 January 2024

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 17 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Wu JDu KWang JSun SWang YLi YTian WWang Y(2024)Compressed Cookies: Practical Wildcard Symmetric Searchable Encryption with Optimized StorageProvable and Practical Security10.1007/978-981-96-0954-3_6(106-126)Online publication date: 25-Sep-2024
https://dl.acm.org/doi/10.1007/978-981-96-0954-3_6

View Options

View options

Figures

Tables

Media

View Issue’s Table of Contents