Paper 2012/530

Dynamic Searchable Symmetric Encryption

Seny Kamara, Charalampos Papamanthou, and Tom Roeder


Searchable symmetric encryption (SSE) allows a client to encrypt its data in such a way that this data can still be searched. The most immediate application of SSE is to cloud storage, where it enables a client to securely outsource its data to an untrusted cloud provider without sacrificing the ability to search over it. SSE has been the focus of active research and a multitude of schemes that achieve various levels of security and efficiency have been proposed. Any practical SSE scheme, however, should (at a minimum) satisfy the following properties: sublinear search time, security against adaptive chosen-keyword attacks, compact indexes and the ability to add and delete files efficiently. Unfortunately, none of the previously-known SSE constructions achieve all these properties at the same time. This severely limits the practical value of SSE and decreases its chance of deployment in real-world cloud storage systems. To address this, we propose the first SSE scheme to satisfy all the properties outlined above. Our construction extends the inverted index approach (Curtmola et al., CCS 2006) in several non-trivial ways and introduces new techniques for the design of SSE. In addition, we implement our scheme and conduct a performance evaluation, showing that our approach is highly efficient and ready for deployment.

Available format(s)
Secret-key cryptography
Publication info
Published elsewhere. Full version of a paper to be published in ACM CCS 2012
searchable symmetric encryptioncloud computingcloud storage
Contact author(s)
throeder @ microsoft com
2012-09-08: revised
2012-09-08: received
See all versions
Short URL
Creative Commons Attribution


      author = {Seny Kamara and Charalampos Papamanthou and Tom Roeder},
      title = {Dynamic Searchable Symmetric Encryption},
      howpublished = {Cryptology ePrint Archive, Paper 2012/530},
      year = {2012},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.