Paper 2024/1541

Findex: A Concurrent and Database-Independent Searchable Encryption Scheme

Théophile Brézot, Cosmian
Chloé Hébant, Cosmian
Abstract

State-of-the-art database implementations offer a wide range of functionalities and impressive performances while supporting highly concurrent loads. However they all rely on the server knowing the content of the database, which raises issues when sensitive information is being stored on a server that cannot be trusted. Encrypting documents before sending them to a remote server solves the confidentiality issue at the cost of loosing the keyword search functionality. Cryptographic primitives such as Symmetric Searchable Encryption (SSE) schemes have been proposed to recover this functionality. However, no SSE construction properly defines correctness and successfully guarantees security in a concurrent setting. This paper attempts a first step in this direction by recommending linearizability as the standard notion of correctness for a concurrent SSE. We study the impact of concurrency on security and stress the need for finer-grained security models. Hence, we propose the log-security model that guarantees security against an adversary having access to persistency-related logs, fixing a blind spot in the snapshot model while capturing security in a concurrent setting. We also build the first concurrent SSE solution proven correct and secure in a concurrent setting, that can be implemented on top of any database. Our scheme proved to be fast thanks to optimal wait-free search operations and sequentially-optimal, lock-free modifications, that both execute under one micro-second per binding, while only incurring a 13.3% storage expansion.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
SSESearchable EncryptionLinearizabilityConcurrency
Contact author(s)
theophile brezot @ cosmian com
chloe hebant @ cosmian com
History
2024-10-04: approved
2024-10-02: received
See all versions
Short URL
https://ia.cr/2024/1541
License
Creative Commons Attribution-NonCommercial-NoDerivs
CC BY-NC-ND

BibTeX

@misc{cryptoeprint:2024/1541,
      author = {Théophile Brézot and Chloé Hébant},
      title = {Findex: A Concurrent and Database-Independent Searchable Encryption Scheme},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1541},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1541}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.