Secure and controllable [formula omitted]-NN query over encrypted cloud data with key confidentiality

Abstract

To enjoy the advantages of cloud service while preserving security and privacy, huge data are increasingly outsourced to cloud in encrypted form. Unfortunately, most conventional encryption schemes cannot smoothly support encrypted data analysis and processing. As a significant topic, several schemes have been recently proposed to securely compute k-nearest neighbors (k-NN) on encrypted data being outsourced to cloud server (CS). However, most existing k-NN search methods assume query users (QUs) are fully-trusted and know the key of data owner (DO) to encrypt/decrypt outsourced database. It is not realistic in many situations.In this paper, we propose a new secure k-NN query scheme on encrypted cloud data. Our approach simultaneously achieves: (1) data privacy against CS: the encrypted database can resist potential attacks of CS, (2) key confidentiality against QUs: to avoid the problems caused by key-sharing, QUs cannot learn DO’s key, (3) query privacy against CS and DO: the privacy of query points is preserved as well, (4) query controllability: QUs cannot launch a feasible k-NN query for any new point without approval of DO. We provide theoretical guarantees for security and privacy properties, and show the efficiency of our scheme through extensive experiments.