Leakage-Suppressed Encrypted Keyword Queries Over Multiple Cloud Servers

Searchable encryption is a technique that can support operations on encrypted data directly. However, searchable encryption is still vulnerable to attacks that exploit the leakages from encrypted query results. This article presents an effective multi-server searchable encryption scheme to prevent volume and access pattern leakages. To hide the volume leakage of a keyword, a new index construction is proposed to compress multiple results into one index. To prevent the attacker from observing the access pattern of injected records, the update and search phases are executed in batches, such that the server can only retrieve multiple numbers of fixed volumes. To reduce the co-occurrence leakage, we propose our index distribution algorithm. Both records and queries are dispatched among cloud servers such that the attacker cannot recover the trapdoor values by only observing one cloud server. We use the minimum $s-t$ cut algorithm to find the optimal assignment strategy that can diminish the query response time and the information disclosure at the same time. We formally analyze the security strengths and conduct evaluations. The experimental results indicate that our designs can strike a good balance between security and efficiency.