Cryptology ePrint Archive: Report 2014/219

Dynamic Searchable Encryption via Blind Storage

Muhammad Naveed and Manoj Prabhakaran and Carl A. Gunter

Abstract: Dynamic Searchable Symmetric Encryption allows a client to store a dynamic collection of encrypted documents with a server, and later quickly carry out keyword searches on these encrypted documents, while revealing minimal information to the server. In this paper we present a new dynamic SSE scheme that is simpler and more efficient than existing schemes while revealing less information to the server than prior schemes, achieving fully adaptive security against honest-but-curious servers.

We implemented a prototype of our scheme and demonstrated its efficiency on datasets from prior work. Apart from its concrete efficiency, our scheme is also simpler: in particular, it does not require the server to support any operation other than upload and download of data. Thus the server in our scheme can be based solely on a cloud storage service, rather than a cloud computation service as well, as in prior work.

In building our dynamic SSE scheme, we introduce a new primitive called Blind Storage, which allows a client to store a set of files on a remote server in such a way that the server does not learn how many files are stored, or the lengths of the individual files; as each file is retrieved, the server learns about its existence (and can notice the same file being downloaded subsequently), but the file’s name and contents are not revealed. This is a primitive with several applications other than SSE, and is of independent interest.

Category / Keywords: searchable symmetric encryption, secure cloud storage, encrypted search

Date: received 25 Mar 2014, last revised 26 Mar 2014

Contact author: naveed2 at illinois edu

Available format(s): PDF | BibTeX Citation

Version: 20140327:133558 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]