Paper 2017/679

Searchable Encryption with Access Control

Nils Löken

Abstract

Outsourcing data to the cloud is becoming increasingly prevalent. To ensure data confidentiality, encrypting the data before outsourcing it is advised. While encryption protects the secrets in the data, it also prevents operations on the data. For example in a multi-user setting, data is often accessed via search, but encryption prevents search. Searchable encryption solves this dilemma. However, in a multi-user setting not all users may be allowed to access all data, requiring some means of access control. We address the question how searchable encryption and access control can be combined. Combining these technologies is required to achieve strong notions of confidentiality: if a ciphertext occurs as a search result, we learn something about the underlying document, even if access control does not let us access the document. This illustrates a need to link search and access control, so that search results presented to users only feature data the users are allowed to access. Our searchable encryption scheme with access control establishes that link.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Major revision. 12th International Conference on Availability, Reliability and Security (ARES 2017)
Keywords
Searchable encryptioninverted indexaccess controlauthority key customizationmulti-authority ABE
Contact author(s)
nils loeken @ uni-paderborn de
History
2017-07-18: received
Short URL
https://ia.cr/2017/679
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2017/679,
      author = {Nils Löken},
      title = {Searchable Encryption with Access Control},
      howpublished = {Cryptology ePrint Archive, Paper 2017/679},
      year = {2017},
      note = {\url{https://eprint.iacr.org/2017/679}},
      url = {https://eprint.iacr.org/2017/679}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.