A Secure and Fine-Grained Query Results Verification Scheme for Private Search Over Encrypted Cloud Data

Abstract

In a secure query scheme over the encrypted cloud data, an authorized cloud user can obtain data files of interest by submitting encrypted query keywords to the cloud server, which performs a certain secure search algorithm and returns back the corresponding data file set. In practice, the returned query results may be incorrect or incomplete due to possible data corruption, software bugs, or intermediate attackers who maliciously tamper with results; moreover, the cloud server may also intentionally omit some qualified results to save computational resources and communication overhead. Thus, a well-functioning secure query system should provide the query results verification mechanism that allows the data user to verify results. In this paper, we design three varigrained and secure query results verification constructions leveraging the Bloom filter and cryptographic hash functions, for a query result set R, by which the data user can verify: (1) the correctness of each data file in R, (2) how many qualified data files are not returned by the cloud, and (3) which qualified data files are not returned by the cloud, respectively. Furthermore, our proposed verification mechanism can be very easily integrated into all secure query schemes for cloud computing. Performance evaluation shows that the proposed schemes are practical and efficient.