Updatable Searchable Symmetric Encryption with Fine-Grained Delete Functionality

Abstract

With the wide spread of Cloud service, users are outsourcing their data to the third party servers. When we delegate our data to the cloud servers, there is such a potential risk that the data stored in the servers is stolen. If the data are stored in the encrypted form, the damage caused by data theft is low because the data will not leak to other parties. However, a new problem arises, that is, users are not able to operate encrypted data, which loses the merit of cloud computing. To solve such a problem, searchable symmetric encryption(SSE) is proposed. SSE is a cryptographic protocol that can execute keyword search over encrypted documents without decrypting them. Secure Indexes is one of realizations of SSE that provides constant time keyword search per document with the help of pseudo-random function and Bloom filters. However, Secure Indexes dose not support addition and deletion of documents. Tekin and Sahin proposed an improved Secure Indexes scheme that supports addition and deletion by employing Bloom filter and counting Bloom filter. The drawback of their scheme is that these operations are implemented in user side, which is not desired in the cloud computing since the aim of cloud computing is to delegate as many operations as possible. This paper proposes new SSE scheme. The proposed scheme also employ counting Bloom filter, but provide more fine-grained operations compared to the scheme by Tekin and Sahin in the sense that the proposed scheme provides not only search documents but add and delete the elements of document. Moreover, these operations are executed in the server side. The performance of the proposed SSE is comparable to the existing scheme which provides constant time for search, add and delete per document. We also implemented this SSE scheme, and verified that the scheme performed well not only theoretically but also in practice.