VFIRM: Verifiable Fine-Grained Encrypted Image Retrieval in Multi-Owner Multi-User Settings

Abstract

To ensure the security of images outsourced to the malicious cloud without affecting searchability on such outsourced (typically encrypted) images, one could use privacy-preserving Content-Based Image Retrieval (CBIR) primitive. However, conventional privacy-preserving CBIR schemes based on Searchable Symmetric Encryption (SSE) are not capable of supporting efficient fine-grained access control and result verification simultaneously. Therefore, in this article, we propose a <u>V</u> erifiable <u>F</u> ine-grained encrypted <u>I</u> mage <u>R</u> etrieval scheme in the <u>M</u> ulti-owner multi-user settings (VFIRM). VFIRM first utilizes a novel polynomial-based access strategy to provide efficient fine-grained access control. Then, it employs the dual secure <inline-formula><tex-math notation="LaTeX">$k$</tex-math></inline-formula> -nearest neighbor technique to distribute distinct keys to different data owners and data users, and finally implements an adapted homomorphic MAC technique to check the correctness of search results. Our formal security analysis shows that VFIRM is non-adaptive semantic secure if the client's search key is generated randomly and keeps in secret. Our empirical experiments using two real-world datasets (i.e., Caltech101 and Corel5k) demonstrate the practicality of VFIRM.