{"title":"零信任环境下的前向安全多用户可验证动态搜索加密方案","authors":"Zhihao Xu , Chengliang Tian , Guoyan Zhang , Weizhong Tian , Lidong Han","doi":"10.1016/j.future.2024.107701","DOIUrl":null,"url":null,"abstract":"<div><div>Privacy-preserving searchable encryption can allow clients to encrypt the data for secure cloud storage, enabling subsequent data retrieval while preserving the privacy of data. In this paper, we initialize the study of constructing a secure dynamic searchable symmetric encryption (DSSE) scheme in a zero-trust environment characterized by the threat model of <em>honest-but-curious data owner (DO)</em> + <em>honest-but-curious data user (DU)</em> + <em>fully malicious cloud server (CS)</em>. To tackle these challenges, we introduce a multi-user DSSE scheme that emphasizes verifiability and privacy while integrating forward security. Our contributions include: Employing the oblivious pseudo-random function (OPRF) protocol for secure <em>DO</em>-<em>DU</em> interactions, ensuring the privacy of <em>DO</em>’s keys and <em>DU</em>’s queried keywords from each other, And maintaining the secure separation of data ownership and usage, Utilizing a multiset hash function-based state chain to achieve forward privacy and support <em>DO</em> updates of encrypted cloud data with verifiable query results Proposing a novel hash-based file encryption and authentication approach to protect file privacy and verify query results. additionally, We provide a comprehensive security analysis and experimental evaluation demonstrating the efficacy and efficiency of our approach. these advancements enhance DSSE schemes under a zero-trust environment, Addressing critical challenges of privacy, Verifiability, And operational efficiency</div></div>","PeriodicalId":55132,"journal":{"name":"Future Generation Computer Systems-The International Journal of Escience","volume":"166 ","pages":"Article 107701"},"PeriodicalIF":6.2000,"publicationDate":"2025-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Forward-Secure multi-user and verifiable dynamic searchable encryption scheme within a zero-trust environment\",\"authors\":\"Zhihao Xu , Chengliang Tian , Guoyan Zhang , Weizhong Tian , Lidong Han\",\"doi\":\"10.1016/j.future.2024.107701\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>Privacy-preserving searchable encryption can allow clients to encrypt the data for secure cloud storage, enabling subsequent data retrieval while preserving the privacy of data. In this paper, we initialize the study of constructing a secure dynamic searchable symmetric encryption (DSSE) scheme in a zero-trust environment characterized by the threat model of <em>honest-but-curious data owner (DO)</em> + <em>honest-but-curious data user (DU)</em> + <em>fully malicious cloud server (CS)</em>. To tackle these challenges, we introduce a multi-user DSSE scheme that emphasizes verifiability and privacy while integrating forward security. Our contributions include: Employing the oblivious pseudo-random function (OPRF) protocol for secure <em>DO</em>-<em>DU</em> interactions, ensuring the privacy of <em>DO</em>’s keys and <em>DU</em>’s queried keywords from each other, And maintaining the secure separation of data ownership and usage, Utilizing a multiset hash function-based state chain to achieve forward privacy and support <em>DO</em> updates of encrypted cloud data with verifiable query results Proposing a novel hash-based file encryption and authentication approach to protect file privacy and verify query results. additionally, We provide a comprehensive security analysis and experimental evaluation demonstrating the efficacy and efficiency of our approach. these advancements enhance DSSE schemes under a zero-trust environment, Addressing critical challenges of privacy, Verifiability, And operational efficiency</div></div>\",\"PeriodicalId\":55132,\"journal\":{\"name\":\"Future Generation Computer Systems-The International Journal of Escience\",\"volume\":\"166 \",\"pages\":\"Article 107701\"},\"PeriodicalIF\":6.2000,\"publicationDate\":\"2025-01-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Future Generation Computer Systems-The International Journal of Escience\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0167739X24006654\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, THEORY & METHODS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Future Generation Computer Systems-The International Journal of Escience","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167739X24006654","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
Forward-Secure multi-user and verifiable dynamic searchable encryption scheme within a zero-trust environment
Privacy-preserving searchable encryption can allow clients to encrypt the data for secure cloud storage, enabling subsequent data retrieval while preserving the privacy of data. In this paper, we initialize the study of constructing a secure dynamic searchable symmetric encryption (DSSE) scheme in a zero-trust environment characterized by the threat model of honest-but-curious data owner (DO) + honest-but-curious data user (DU) + fully malicious cloud server (CS). To tackle these challenges, we introduce a multi-user DSSE scheme that emphasizes verifiability and privacy while integrating forward security. Our contributions include: Employing the oblivious pseudo-random function (OPRF) protocol for secure DO-DU interactions, ensuring the privacy of DO’s keys and DU’s queried keywords from each other, And maintaining the secure separation of data ownership and usage, Utilizing a multiset hash function-based state chain to achieve forward privacy and support DO updates of encrypted cloud data with verifiable query results Proposing a novel hash-based file encryption and authentication approach to protect file privacy and verify query results. additionally, We provide a comprehensive security analysis and experimental evaluation demonstrating the efficacy and efficiency of our approach. these advancements enhance DSSE schemes under a zero-trust environment, Addressing critical challenges of privacy, Verifiability, And operational efficiency
期刊介绍:
Computing infrastructures and systems are constantly evolving, resulting in increasingly complex and collaborative scientific applications. To cope with these advancements, there is a growing need for collaborative tools that can effectively map, control, and execute these applications.
Furthermore, with the explosion of Big Data, there is a requirement for innovative methods and infrastructures to collect, analyze, and derive meaningful insights from the vast amount of data generated. This necessitates the integration of computational and storage capabilities, databases, sensors, and human collaboration.
Future Generation Computer Systems aims to pioneer advancements in distributed systems, collaborative environments, high-performance computing, and Big Data analytics. It strives to stay at the forefront of developments in grids, clouds, and the Internet of Things (IoT) to effectively address the challenges posed by these wide-area, fully distributed sensing and computing systems.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
