SeUpdate: Secure Encrypted Data Update for Multi-User Environments

Abstract

Searchable Symmetric Encryption (SSE) is a key tool for secure data processing. To date, most of the SSEs were studied alone, while an SSE supporting update operations over encrypted data remained a challenging problem due to various statistical attacks and multi-user environments. In this article, we propose <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">SeUpdate</i> , the first SSE scheme that simultaneously achieves keyword search and controlled update over encrypted data, with flexible read (search) and write (update) access control policies among multiple users. In <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">SeUpdate</i> , users do not need to share secret keys and a single query enables one to efficiently search all his authorized data. We formally define a security model, and prove our scheme have both forward and backward security. We note that the write permission of an SSE is realized for the first time. We further extend the basic scheme with dynamic access policy update and support of a large number of files. We also implement <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">SeUpdate</i> and some related work. The theoretical and experimental analyses demonstrate our scheme and its extension are practical and efficient.