Shared and searchable encrypted data for untrusted servers

C. Dong, G. Russello, N. Dulay

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    78 Citations (Scopus)

    Abstract

    Current security mechanisms pose a risk for organisations that outsource their data management to untrusted servers. Encrypting and decrypting sensitive data at the client side is the normal approach in this situation but has high communication and computation overheads if only a subset of the data is required, for example, selecting records in a database table based on a keyword search. New cryptographic schemes have been proposed that support encrypted queries over encrypted data but all depend on a single set of secret keys, which implies single user access or sharing keys among multiple users, with key revocation requiring costly data re-encryption. In this paper, we propose an encryption scheme where each authorised user in the system has his own keys to encrypt and decrypt data. The scheme supports keyword search which enables the server to return only the encrypted data that satisfies an encrypted query without decrypting it. We provide two constructions of the scheme giving formal proofs of their security. We also report on the results of a prototype implementation. This research was supported by the UK’s EPSRC research grant EP/C537181/1. The authors would like to thank the members of the Policy Research Group at Imperial College for their support.
    Original languageEnglish
    Title of host publicationData and applications security XXII : 22nd Annual IFIP WG 11.3 working conference on data and applications security, London, UK, July 13-16, 2008 : proceedings)
    EditorsV. Atluri
    Place of PublicationBerlin
    PublisherSpringer
    Pages127-143
    ISBN (Print)978-3-540-70566-6
    DOIs
    Publication statusPublished - 2008

    Publication series

    NameLecture Notes in Computer Science
    Volume5094
    ISSN (Print)0302-9743

    Fingerprint Dive into the research topics of 'Shared and searchable encrypted data for untrusted servers'. Together they form a unique fingerprint.

    Cite this