ISSN 1000-1239 CN 11-1777/TP

Journal of Computer Research and Development ›› 2020, Vol. 57 ›› Issue (10): 2104-2116.doi: 10.7544/issn1000-1239.2020.20200439

Special Issue: 2020密码学与数据隐私保护研究专题

Previous Articles     Next Articles

A Multi-User Forward Secure Dynamic Symmetric Searchable Encryption with Enhanced Security

Lu Bingjie, Zhou Jun, Cao Zhenfu   

  1. (Shanghai Key Laboratory of Trustworthy Computing (East China Normal University), Shanghai 200062)
  • Online:2020-10-01
  • Supported by: 
    This work was supported by Shanghai Natural Science Foundation (20ZR1418400), the National Natural Science Foundation of China (61602180, 61702187, 61632012, 61672239, U1636216), the Fundamental Research Funds for the Central Universities, and the China Postdoctoral Science Foundation (2017M611502).

Abstract: Dynamic symmetric searchable encryption has been widely used in cloud storage due to its functionality of dynamic encrypted data search. However, recent studies have shown that dynamic searchable encryption is vulnerable to file injection attacks. In order to resist such attacks, several forward secure symmetric searchable encryption schemes have been proposed. Unfortunately, most of the existing forward secure symmetric searchable solutions only work in the single user setting. In NSS 2018, Wang et al. proposed a multi-user forward secure dynamic searchable encryption scheme (MFS), by introducing a semi-honest proxy server that does not collude with the cloud server. However, we found that the forward security of the scheme can be compromised by the adversary who observes the association between the new update and the previous search tokens through eavesdropping attacks or replay attacks. To address this issue, a multi-user forward secure dynamic searchable symmetric encryption scheme EMFS is proposed with enhanced security, by exploiting user authentication mechanism without the need of state information transfer. We also adopt a new index structure to improve the efficiency. Finally, we give formal security proof to show that our scheme can resist the two attacks mentioned above, while maintaining forward security. Compared with Wang et al’s scheme, our construction provides a higher level of practical efficiency by reducing the complexity of deletion from O(n\-w) to O(1), where n\-w denotes the number of matching documents for keyword w.

Key words: dynamic symmetric searchable encryption, cloud storage, proxy server, forward security, multi-user

CLC Number: