Presentation is loading. Please wait.

Presentation is loading. Please wait.

Keyword search on encrypted data. Keyword search problem  Linux utility: grep  Information retrieval Basic operation Advanced operations – relevance.

Published byPrimrose Black Modified over 8 years ago

Similar presentations

Presentation on theme: "Keyword search on encrypted data. Keyword search problem  Linux utility: grep  Information retrieval Basic operation Advanced operations – relevance."— Presentation transcript:

1 Keyword search on encrypted data

2 Keyword search problem  Linux utility: grep  Information retrieval Basic operation Advanced operations – relevance analysis and ranking Search engines highly complicated problem

3 New settings  Search data in the cloud  Filter encrypted emails  Privacy preserving log retrieval

4 Basic techniques  Symmetric encryption  Public key encryption  Simple keyword matching  A little bit relevance evaluation

5 Secure keyword search with symmetric encryption  Paper: Song 2000 Seed is random, different for each Wi Key idea: Li and Ri are self- verifiable Advantage of XOR

6

7 How to set K?

8  Setting of ki Ki = Fk’(Wi), k’ is secret User publishes W and k = Fk’(W) Server checks CiW  whether == CiW It reveals nothing if Ci is not the ciphertext for W. And Li is random for different Wi – server cannot find any information from Li.

9 Hidden search  In previous schemes, W is revealed  Weakness: each search will have to release k for W  Easy to collect information  Solution: encrypt Wi with an private key, then xor with  Still weaknesses Wi encryption should be deterministic Access pattern is leaked Linear scan over the whole doc collection

10 Typical method for speedy keyword based search  Using the “inverted index” Word -> doc1:pos, doc2:pos,… Or simply word -> doc1, doc2, … However, inverted index reveals the word frequency

11 Recent developments  Reza 2006 “Searchable symmetric encryption: improved definitions and efficient constructions” Completely solved this problem, with a solution indistinguishability under chosen ciphertext attack (IND-CCA)  Allow inverted index  Hide word frequency

12 setup  D – the set of documents {D1,…,Dn}  max - the maximum number of distinct words in a document  Li – the list of document IDs that contain the keyword w_i, plus some dummy entries to reach max  A – array contains all elements in Li (max * |D|)  T – table that contains the )

13  Symmetric encryption function, encrypt words and document ids id(Dj) for wi entry is encoded as enc(wi||j) to make indistinguishable  Pseudo-random function f  Two pseudo-random permutation functions  : for mapping word to table entry : for mapping index to next node of Li to the index of array A

14 Building the index table T The key used to encrypt the node N i,1 1. 2. to random values of the same size of the existing entries

15  Generating Li with K i,0, We can decrypt all nodes in the list For the remaining max – |D(wi)| dummy nodes, store the doc id that Already appears in the first |D(wi)| entries. This can be done with the help of a look-up table I

16 Search  Generate the trapdoor  Search

17 Property  Each keyword search returns the same number of encrypted document ids – the attacker cannot distinguish word frequency

18 Search public-key encrypted data  Users who encrypt the data (with public key) can be different from the owner of the private key

19 Cyclic group  For example, if G = { g 0, g 1, g 2, g 3, g 4, g 5 } mod p is a group, then g 6 = g 0, and G is cyclic. p is the order g is the generator

20 Bilinear-map construction  Two groups G1 G2 of prime order p  A bilinear map : G1 X G1 -> G2  Properties:

21

Download ppt "Keyword search on encrypted data. Keyword search problem  Linux utility: grep  Information retrieval Basic operation Advanced operations – relevance."

Similar presentations

Relations, Functions, and Matrices Mathematical Structures for Computer Science Chapter 4 Copyright © 2006 W.H. Freeman & Co.MSCS SlidesThe Mighty Mod.

Relations, Functions, and Matrices Mathematical Structures for Computer Science Chapter 4 Copyright © 2006 W.H. Freeman & Co.MSCS SlidesThe Mighty Mod.
Spreading Alerts Quietly and the Subgroup Escape Problem Aleksandr Yampolskiy (Yale) Joint work with James Aspnes, Zoë Diamadi, Kristian Gjøsteen, and.

Spreading Alerts Quietly and the Subgroup Escape Problem Aleksandr Yampolskiy (Yale) Joint work with James Aspnes, Zoë Diamadi, Kristian Gjøsteen, and.
Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,

Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,
1 Lecture 3: Secret Key Cryptography Outline concepts DES IDEA AES.

1 Lecture 3: Secret Key Cryptography Outline concepts DES IDEA AES.
Building an Encrypted and Searchable Audit Log Brent Waters Dirk Balfanz Glenn Durfee D.K. Smetters.

Building an Encrypted and Searchable Audit Log Brent Waters Dirk Balfanz Glenn Durfee D.K. Smetters.
Introduction to Practical Cryptography Lecture 9 Searchable Encryption.

Introduction to Practical Cryptography Lecture 9 Searchable Encryption.
Searchable Symmetric Encryption :Improved Definitions and Efficient Constructions Reza Curtmola Juan Garay Seny Kamara Rafail Ostrovsky.

Searchable Symmetric Encryption :Improved Definitions and Efficient Constructions Reza Curtmola Juan Garay Seny Kamara Rafail Ostrovsky.
INTRODUCTION PROBLEM FORMULATION FRAMEWORK AND PRIVACY REQUIREMENTS FOR MRSE PRIVACY-PRESERVING AND EFFICIENT MRSE PERFORMANCE ANALYSIS RELATED WORK CONCLUSION.

INTRODUCTION PROBLEM FORMULATION FRAMEWORK AND PRIVACY REQUIREMENTS FOR MRSE PRIVACY-PRESERVING AND EFFICIENT MRSE PERFORMANCE ANALYSIS RELATED WORK CONCLUSION.
2 Your data is anywhere but not in your control Security breaches are recurrent – Weakest link: hardware, software, technicians, … You may trust the science.

2 Your data is anywhere but not in your control Security breaches are recurrent – Weakest link: hardware, software, technicians, … You may trust the science.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
1 Efficient Conjunctive Keyword-Searchable Encryption,2007 Author: Eun-Kyung Ryu and Tsuyoshi Takagi Presenter: 顏志龍.

1 Efficient Conjunctive Keyword-Searchable Encryption,2007 Author: Eun-Kyung Ryu and Tsuyoshi Takagi Presenter: 顏志龍.
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
Identity Based Encryption

Identity Based Encryption
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
Practical Techniques for Searches on Encrypted Data Author: Dawn Xiaodong Song, David Wagner, Adrian Perrig Presenter: 紀銘偉.

Practical Techniques for Searches on Encrypted Data Author: Dawn Xiaodong Song, David Wagner, Adrian Perrig Presenter: 紀銘偉.
A Designer’s Guide to KEMs Alex Dent

A Designer’s Guide to KEMs Alex Dent
Efficient Conjunctive Keyword-Searchable Encryption,2007 Author: Eun-Kyung Ryu and Tsuyoshi Takagi Presenter: 顏志龍.

Efficient Conjunctive Keyword-Searchable Encryption,2007 Author: Eun-Kyung Ryu and Tsuyoshi Takagi Presenter: 顏志龍.
Reza Curtmola Juan Garay Seny Kamara Rafail Ostrovsky

Reza Curtmola Juan Garay Seny Kamara Rafail Ostrovsky
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.

ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.

Similar presentations

Ads by Google