In this article, we introduce a new Dynamic Searchable Symmetric Encryption (DSSE) framework called Incidence Matrix (IM)-DSSE, which achieves a high level of privacy, efficient search/update, and low client storage with actual deployments on real cloud settings. We harness an incidence matrix along with two hash tables to create an encrypted index, on which both search and update operations can be performed effectively with minimal information leakage. This simple set of data structures surprisingly offers a high level of DSSE security while at the same time achieving practical performance. Specifically, IM-DSSE achieves forward privacy, backward privacy and size-obliviousness properties simultaneously. We also create several DSSE variants, each offering different trade-offs (e.g., security, computation) that are suitable for different cloud applications and infrastructures. Our framework was fully-implemented and its performance was rigorously evaluated on a real cloud system (Amazon EC2). Our experimental results confirm that IM-DSSE is highly practical even when deployed on mobile phones with a large outsourced dataset. Finally, we have released our IM-DSSE framework as an open-source library for a wide development and adaptation.
Category / Keywords: cryptographic protocols / Privacy-enhancing technologies; private cloud services; dynamic searchable symmetric encryption Date: received 18 Dec 2017, last revised 25 Dec 2017 Contact author: hoangmin at oregonstate edu Available format(s): PDF | BibTeX Citation Note: The full implementation of this paper can be found at https://github.com/thanghoang/IM-DSSE Version: 20171226:014122 (All versions of this report) Short URL: ia.cr/2017/1237 Discussion forum: Show discussion | Start new discussion