Efficient keyword search on encrypted dynamic cloud data

Abstract

Sensitive information is increasingly being outsourced to the cloud. In order to protect the privacy of such sensitive data, cloud users (clients) encrypt their data before outsourcing. However, this poses a difficulty to later perform search operations on the encrypted data. Searchable encryption schemes enable a client to search and retrieve the cloud data (based on the keywords present in the data) when the data is encrypted. Dynamic searchable encryption schemes allow the client to search over the encrypted cloud data even when new documents are added to or deleted from the encrypted data. There is a trade-off between security (that is measured in terms of information leaked to the cloud) and the efficiency of dynamic searchable encryption schemes. Stronger security guarantees often come at a cost of less efficiency.In this work, we propose a new dynamic searchable encryption scheme for cloud data that achieves better security guarantees and improved efficiency compared to popular dynamic searchable encryption schemes. Our scheme uses an efficient data structure that reduces storage, lookup (search) time, and database modification time. We build a prototype of our scheme and experiment on large real-life datasets. We show our scheme performs better than the existing schemes, which provide similar (or weaker) security.