Verifiable and Privacy-Enhanced Authorized Keyword Search for Mobile Cloud Storage

Mobile cloud storage enables IoT devices to use on-demand resources and share data with different mobile devices, where these outsourced data on the cloud are encrypted due to data confidentiality concern. Although dynamic searchable symmetric encryption (DSSE) allows data owners to directly search and update its encrypted data, it rarely considers implementing authorized search toward different mobile devices. Existing authorized keyword search systems for mobile cloud storage suffer from the following limitations: 1) only achieves Type-III backward privacy; 2) no support for verification of search result; and 3) incurs high time overhead for data update and search. Therefore, we propose $\textsf {VE}{-}\textsf {FLY}{++}$ , an efficient, verifiable, and authorized DSSE system with forward and enhanced backward privacy for mobile cloud storage. Technically, $\textsf {VE}{-}\textsf {FLY}{++}$ presents a verifiable inverted bitmap index (VIBI) to achieve forward privacy and enhanced Type-I (a.k.a., $\textrm {Type-I}^{-}$ ) backward privacy, with supporting verification of search results. In addition, we combine symmetric encryption with homomorphic addition with the introduced VIBI for a fast authorized search function. To further enable efficiently handling hundreds of millions of files, we adopt chunking technology to present a highly scalable $\textsf {VE}{-}\textsf {FLY}{++}$ . Finally, we use Raspberry Pi, Rock Pi, and Huawei Cloud on real datasets to conduct extensive experiments to clarify the practical efficiency of $\textsf {VE}{-}\textsf {FLY}{++}$ .