14
1 Common Secure Index for Conjunctive Keyword-Base d Retrieval over Encrypt ed Data Peishun Wang, Huaxiong Wang, and Josef Pieprzyk: SDM 2007. LNCS, vol. 4721, pp. 108–123. 報報報 報報報 報 報2009/7/30

Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data

  • Upload
    russ

  • View
    45

  • Download
    0

Embed Size (px)

DESCRIPTION

Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data. Peishun Wang, Huaxiong Wang, and Josef Pieprzyk : SDM 2007. LNCS, vol. 4721, pp. 108–123. 報告者:廖俊威 日 期: 2009/7/30. Problem definition. - PowerPoint PPT Presentation

Citation preview

Page 1: Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data

1

Common Secure Index for Conjunctive Keyword-Based Retrieval

over Encrypted Data

Peishun Wang, Huaxiong Wang, and Josef Pieprzyk: SDM 2007. LNCS, vol. 4721, pp. 108–123.

報告者:廖俊威日 期: 2009/7/30

Page 2: Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data

2

Problem definition

• Members in a dynamic group retrieve their encrypted data from an untrusted server based on keywords and without any loss of data confidentiality and member’s privacy.

Page 3: Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data

3

Introduction• In 2005, Park et al. proposed privacy preserving keyword-based retrieval pr

otocols for dynamic groups. To the best of our knowledge, it is the first work on searchable encryption in the multi-user setting.

• Shortcomings – Their protocols use the same group session key as their authentication codes for

all group members, so it cannot provide user privacy against insider.– Their protocols use Goh’s single-user protocol to build common secure indices a

nd trapdoors, and use the group encryption and decryption keys to process the data. This means every user knows the same collection of keys. There is no facility to ensure privacy amongst the users.

– After the q-th session in their protocols, a user must make q trapdoors for a list of keywords, thus, when the q is big enough, their protocols become much inefficient.

– In Park et al’s protocols, if an Leaving Member (LM) reveals the group decryption key to an Server Administrator (SA), the SA can decrypt all the documents encrypted previously, as a user can know all of the previous group encryption keys by hashing the current group encryption key repeatedly

Page 4: Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data

4

CSI-CKR model (Common Secure Indices for Conjunctive Keyword-Based Retrieval)

• CSI-CKR has three parties– A trusted group manager (GM)– Members in the dynamic group– A server

• First, GM setups the system and distributes an authentication code to every member.

• A member encrypts her data, generates the corresponding secure indices, and stores them on the server.

• When a member wants to retrieve the documents containing some keywords, she makes the searchable information for the keywords, and sends it along with her authentication code to the server.

• Then, for the legitimate member, the server tests all secure indices to find the matched data, and returns them to the member.

• Finally, the member interacts with GM to get the plaintext data.

Page 5: Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data

5

Security requirement of CSI-CKR

• Data privacy– The server is not able to extract any information about

the encrypted data, common secure indices, queries and searches.

– Any leaving member is not able to search and retrieve data after her revocation.

• Member privacy– Prevent any body (excluding the group manager) to

impersonate a legitimate member to query the data.– Although a member interacts with the group manager,

member privacy guarantees that the group manager knows nothing about the data the member retrieves.

Page 6: Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data

6

Definition of CSI-CKR

• SystemSetup– Initiates the scheme

• AuthCodGen– generates members’ PIN numbers,– their secure codes– and a secure test code

• DataGen– builds searchable encrypted data

• DataQurey– retrieves the matched data

• DataDcrypt– decrypts the encrypted data

Page 7: Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data

7

Page 8: Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data

8

Page 9: Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data

9

Page 10: Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data

10

Page 11: Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data

11

Page 12: Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data

12

Page 13: Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data

13

Page 14: Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data

14

Conclusion

• Our protocol is based on a new idea different from any previous single-user protocols, and only uses public keys to generate authentication codes, build common secure indices and trapdoors, and encrypt the data.

• The size of trapdoor in our protocol is fixed to 2n + logm. So our protocol is more practical.

• In our protocol, the members do not have the decryption key, so our protocol avoids the attack that LM reveal group decryption key.