Abstract
In this paper, we propose a new searchable encryption with shiftable trapdoor (SEST) scheme to enable pattern matching over encrypted data. In the proposed scheme, data is encrypted per character and the trapdoor for searching can be shifted. This implies that the trapdoor can be created over any string, which is not necessarily pre-defined. Also, it does not require any additional data tokenization method, which will expand the ciphertext size. As ciphertext size increases with the size of data, it is imperative to reduce ciphertext size in the SEST scheme as the matching operation requires expensive pairing computations proportional to the ciphertext length. Our work reduces the ciphertext size by up to 50% of the state-of-art scheme in this research domain while maintaining the same level of search efficiency.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
We believe this is beneficial since 1) our scheme still has a short ciphertext compared to the existing scheme showing similar property, 2) the sizes of a public key and a search token are maintained small and 3) it is easier to understand since the complexity of the scheme is reduced, significantly.
References
Baek, J., Kim, J., Susilo, W.: Inspecting TLS anytime anywhere: a new approach to TLS interception. In: The 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020, Taipei, Taiwan, 5–9 October 2020, pp. 116–126. ACM (2020)
Bkakria, A., Cuppens, N., Cuppens, F.: Privacy-preserving pattern matching on encrypted data. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020, Part II. LNCS, vol. 12492, pp. 191–220. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64834-3_7
Canard, S., Diop, A., Kheir, N., Paindavoine, M., Sabt, M.: BlindIDS: market-compliant and privacy-friendly intrusion detection system over encrypted traffic. In: ACM AsiaCCS 2017, Abu Dhabi, United Arab Emirates, 2–6 April 2017, pp. 561–574. ACM (2017)
Desmoulins, N., Fouque, P.-A., Onete, C., Sanders, O.: Pattern matching on encrypted streams. In: Peyrin, T., Galbraith, S. (eds.) ASIACRYPT 2018, Part I. LNCS, vol. 11272, pp. 121–148. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03326-2_5
Fuhr, T., Paillier, P.: Decryptable searchable encryption. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 228–236. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-75670-5_17
Guo, Y., Wang, C., Jia, X.: Enabling secure and dynamic deep packet inspection in outsourced middleboxes. In: SCCAsiaCCS 2018, Incheon, Republic of Korea, 04–08 June 2018, pp. 49–55. ACM (2018)
Han, J., Kim, S.M., Ha, J., Han, D.: SGX-box: enabling visibility on encrypted traffic using a secure middlebox module. In: APNet 2017, Hong Kong, China, 3–4 August 2017, pp. 99–105. ACM (2017)
Huang, L.-S., Rice, A., Ellingsen, E., Jackson, C.: Analyzing forged SSL certificates in the wild. In: IEEE S&P 2014, Berkeley, CA, USA, 18–21 May 2014, pp. 83–97. IEEE Computer Society (2014)
Kamara, S., Papamanthou, C., Roeder, T.: Dynamic searchable symmetric encryption. In: Yu, T., Danezis, G., Gligor, V.D. (eds.) ACM CCS 2012, Raleigh, NC, USA, 16–18 October 2012, pp. 965–976. ACM (2012)
Kim, J., Camtepe, S., Baek, J., Susilo, W., Pieprzyk, J., Nepal, S.: P2DPI: practical and privacy-preserving deep packet inspection. In: Cao, J., Au, M.H., Lin, Z., Yung, M. (eds.) ASIA CCS 2021: ACM Asia Conference on Computer and Communications Security, Virtual Event, Hong Kong, 7–11 June 2021, pp. 135–146. ACM (2021)
Lan, C., Sherry, J., Popa, R.A., Ratnasamy, S., Liu, Z.: Embark: securely outsourcing middleboxes to the cloud. In: Argyraki, K.J., Isaacs, R. (eds.) USENIX NSDI 2016, Santa Clara, CA, USA, 16–18 March 2016, pp. 255–273. USENIX Association (2016)
Naylor, D., et al.: Multi-context TLS (MCTLS): enabling secure in-network functionality in TLS. In: Uhlig, S., Maennel, O., Karp, B., Padhye, J. (eds.) Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication, SIGCOMM 2015, London, United Kingdom, 17–21 August 2015, pp. 199–212. ACM (2015)
Ning, J., Poh, G.S., Loh, J.-C., Chia, J., Chang, E.-C.: PrivDPI: privacy-preserving encrypted traffic inspection with reusable obfuscated rules. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) 2019 ACMCCS 2019, London, UK, 11–15 November 2019, pp. 1657–1670. ACM (2019)
Sherry, J., Lan, C., Popa, R.A., Ratnasamy, S.: BlindBox: deep packet inspection over encrypted traffic. In: ACM SIGCOMM 2015, London, United Kingdom, 17–21 August 2015, pp. 213–226. ACM (2015)
Song, D.X., Wagner, D.A., Perrig, A.: Practical techniques for searches on encrypted data. In: IEEE S&P 2000, Berkeley, California, USA, 14–17 May 2000, pp. 44–55. IEEE Computer Society (2000)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Kim, J., Susilo, W., Chow, YW., Baek, J., Kim, I. (2021). Pattern Matching over Encrypted Data with a Short Ciphertext. In: Kim, H. (eds) Information Security Applications. WISA 2021. Lecture Notes in Computer Science(), vol 13009. Springer, Cham. https://doi.org/10.1007/978-3-030-89432-0_11
Download citation
DOI: https://doi.org/10.1007/978-3-030-89432-0_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-89431-3
Online ISBN: 978-3-030-89432-0
eBook Packages: Computer ScienceComputer Science (R0)