Bao Li , Fucai Zhou , Qiang Wang , Jian Xu , Da Feng
{"title":"SEDCPT:一种由 TEE 辅助的带有集群填充的安全高效的动态可搜索加密方案","authors":"Bao Li , Fucai Zhou , Qiang Wang , Jian Xu , Da Feng","doi":"10.1016/j.sysarc.2024.103221","DOIUrl":null,"url":null,"abstract":"<div><p>Dynamic Searchable Symmetric Encryption (DSSE), which enables users to search and update encrypted data on an untrusted server without decryption, is a proven method when dealing with availability issues for outsourced data. However, the existing DSSE schemes suffer from forward and backward privacy problems. Although forward and backward privacy DSSE schemes can prevent these attacks, they still suffer from other challenges, such as count attacks, high communication overhead, and low computing efficiency. To solve the above problems simultaneously, we propose a secure and efficient dynamic searchable encryption scheme, which integrates a clustering algorithm, padding strategy, and trusted execution environments (TEE). The purpose of the scheme is to prevent count attacks while ensuring forward and backward privacy security. Our scheme also reduces the computing overhead and storage cost of the client by using TEE (e.g. Intel Software Guard Extension, Intel SGX) while maximizing the protection of client privacy. Furthermore, the scheme provides a secure hardware isolation environment for the cluster padding and search/update process to prevent malicious attacks from external software or super administrators. Finally, we provide corresponding security proofs and experimental evaluation which demonstrate both the security and efficiency of our scheme, respectively.</p></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"154 ","pages":"Article 103221"},"PeriodicalIF":3.7000,"publicationDate":"2024-07-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"SEDCPT: A secure and efficient Dynamic Searchable Encryption scheme with cluster padding assisted by TEE\",\"authors\":\"Bao Li , Fucai Zhou , Qiang Wang , Jian Xu , Da Feng\",\"doi\":\"10.1016/j.sysarc.2024.103221\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>Dynamic Searchable Symmetric Encryption (DSSE), which enables users to search and update encrypted data on an untrusted server without decryption, is a proven method when dealing with availability issues for outsourced data. However, the existing DSSE schemes suffer from forward and backward privacy problems. Although forward and backward privacy DSSE schemes can prevent these attacks, they still suffer from other challenges, such as count attacks, high communication overhead, and low computing efficiency. To solve the above problems simultaneously, we propose a secure and efficient dynamic searchable encryption scheme, which integrates a clustering algorithm, padding strategy, and trusted execution environments (TEE). The purpose of the scheme is to prevent count attacks while ensuring forward and backward privacy security. Our scheme also reduces the computing overhead and storage cost of the client by using TEE (e.g. Intel Software Guard Extension, Intel SGX) while maximizing the protection of client privacy. Furthermore, the scheme provides a secure hardware isolation environment for the cluster padding and search/update process to prevent malicious attacks from external software or super administrators. Finally, we provide corresponding security proofs and experimental evaluation which demonstrate both the security and efficiency of our scheme, respectively.</p></div>\",\"PeriodicalId\":50027,\"journal\":{\"name\":\"Journal of Systems Architecture\",\"volume\":\"154 \",\"pages\":\"Article 103221\"},\"PeriodicalIF\":3.7000,\"publicationDate\":\"2024-07-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Systems Architecture\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S1383762124001589\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Systems Architecture","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1383762124001589","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
SEDCPT: A secure and efficient Dynamic Searchable Encryption scheme with cluster padding assisted by TEE
Dynamic Searchable Symmetric Encryption (DSSE), which enables users to search and update encrypted data on an untrusted server without decryption, is a proven method when dealing with availability issues for outsourced data. However, the existing DSSE schemes suffer from forward and backward privacy problems. Although forward and backward privacy DSSE schemes can prevent these attacks, they still suffer from other challenges, such as count attacks, high communication overhead, and low computing efficiency. To solve the above problems simultaneously, we propose a secure and efficient dynamic searchable encryption scheme, which integrates a clustering algorithm, padding strategy, and trusted execution environments (TEE). The purpose of the scheme is to prevent count attacks while ensuring forward and backward privacy security. Our scheme also reduces the computing overhead and storage cost of the client by using TEE (e.g. Intel Software Guard Extension, Intel SGX) while maximizing the protection of client privacy. Furthermore, the scheme provides a secure hardware isolation environment for the cluster padding and search/update process to prevent malicious attacks from external software or super administrators. Finally, we provide corresponding security proofs and experimental evaluation which demonstrate both the security and efficiency of our scheme, respectively.
期刊介绍:
The Journal of Systems Architecture: Embedded Software Design (JSA) is a journal covering all design and architectural aspects related to embedded systems and software. It ranges from the microarchitecture level via the system software level up to the application-specific architecture level. Aspects such as real-time systems, operating systems, FPGA programming, programming languages, communications (limited to analysis and the software stack), mobile systems, parallel and distributed architectures as well as additional subjects in the computer and system architecture area will fall within the scope of this journal. Technology will not be a main focus, but its use and relevance to particular designs will be. Case studies are welcome but must contribute more than just a design for a particular piece of software.
Design automation of such systems including methodologies, techniques and tools for their design as well as novel designs of software components fall within the scope of this journal. Novel applications that use embedded systems are also central in this journal. While hardware is not a part of this journal hardware/software co-design methods that consider interplay between software and hardware components with and emphasis on software are also relevant here.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
