Ciphertext Retrieval Research Articles

Time-Controlled Hierarchical Multikeyword Search Over Encrypted Data in Cloud-Assisted IoT

Internet of Things (IoT) devices and systems are becoming increasingly commonplace, and as such systems scale up, so do the computational and storage requirements. Hence, one recent trend is to outsource data from IoT devices to remote systems. To facilitate both ciphertext retrieval and data confidentiality in the outsourced data, a number of searchable encryption (SE) approaches have been proposed in the literature. However, due to limited keyword space, a number of SE schemes are vulnerable to keyword guessing attacks (KGAs). In addition, existing SE approaches generally do not consider the hierarchical structure in which users at different levels require varying access privileges. Furthermore, existing SE schemes seldom provide time-controlled access control. Therefore, in this article, we propose a time-controlled hierarchical multikeyword search by using a double-server architecture to mitigate KGA. In our approach, we also build a public key tree to support different access permissions for hierarchical users. Formal security analysis shows that our scheme is secure, and extensive experiments demonstrate that our scheme is practical.

Fast, Searchable, Symmetric Encryption Scheme Supporting Ranked Search

Searchable encryption (SE) is one of the effective techniques for searching encrypted data without decrypting it. This technique can provide a secure indexing mechanism for encrypted data and utilize a secure trapdoor to search for the encrypted data directly, thus realizing a secure ciphertext retrieval function. Existing schemes usually build a secure index directly on the whole dataset and implement the retrieval of encrypted data by implementing a secure search algorithm on the index. However, this approach requires testing many non-relevant documents, which diminishes the query efficiency. In this paper, we adopt a clustering method to preclassify the dataset, which can filter out quite a portion of irrelevant documents, thus improving the query. Concretely, we first partition the dataset into multiple document clusters using the k-means clustering algorithm; then, we design index building and searching algorithms for these document clusters; finally, by using the asymmetric scalar-product-preserving encryption (ASPE) scheme to encrypt the indexes and queries, we propose a fast searchable symmetric encryption scheme that supports ranked search. Detailed security analysis demonstrates that the proposed scheme can guarantee the data and query security of the search process. In addition, theoretical and experimental analysis indicates that our scheme outperforms other similar schemes in terms of query efficiency.

An efficient multikeyword fuzzy ciphertext retrieval scheme based on distributed transmission for Internet of Things

As traditional computing and cloud computing integrate, the Internet of Things (IoT) has evolved into a layered and cloud-network-edge-end architecture. However, most searchable encryption models still use triples, in which hierarchical structures are neglected, and insecure intermediate nodes are exposed to external environment. Meanwhile, mainstream schemes adopting accurate retrieval are incompatible with IoT end users' features of differentiation. To address these issues, we innovatively design an efficient and credible search model with an accurate multikeyword fuzzy ciphertext retrieval scheme in the context of IoT. First, based on network coding and key sharing, data are grouped, encoded, and transmitted in parallel to the receiver node through middle-layer nodes, with high efficiency and reliability. Second, to realize fuzzy retrieval of IoT, edit distance is selected as the standard of difference between keywords, and then document index vector and query vector are created based on locality sensitive hashing (LSH) and Bloom Filter. Furthermore, to improve the traditional scheme, query keywords are split into multiple single-word forms, inner products between each trapdoor of single word and encryption index vector are calculated, respectively, for the sum of each inner product and thus top $\mathrm{top}$ - k $k$ sorting search. Ultimately, feasibility, safety, and efficiency of our improved scheme are verified by security analysis, while simulation results support that our scheme has better accuracy and efficiency.

TIIA: A blockchain-enabled Threat Intelligence Integrity Audit scheme for IIoT

With the widespread deployment of the Industrial Internet of Things technology (IIoT), the cyber security threats of IIoT systems are increasing. Threat intelligence sharing is an effective way to resist cyber security threats. However, there is a contradiction between information integrity and the requirement of building a complete attack chain in the threat intelligence sharing and utilization. Due to the limited capacity of block storage pattern, it can be found that threat intelligence is prone to fragmentation on blockchain. In this paper, a blockchain-enabled Threat Intelligence Integrity Audit (TIIA) scheme for IIoT is proposed. This scheme can audit the integrity of threat intelligence in ciphertext state to ensure the confidentiality protection requirements of threat intelligence on blockchain. A double chain structure is presented in the TIIA scheme. The storage-chain is used to store threat intelligence ciphertext, while the audit-chain is designed to achieve the integrity audit of the corresponding fragment on the storage-chain. In addition, Paillier homomorphic encryption and searchable encryption are used to realize the confidentiality and ciphertext retrieval of threat intelligence on the storage-chain. A redundant block deletion algorithm is designed to reduce the audit-chain load and improve audit efficiency. The performance analysis shows that the proposed scheme can effectively reduce the computational and communication costs, and has a high audit efficiency.

Transparent Ciphertext Retrieval System Supporting Integration of Encrypted Heterogeneous Database in Cloud-Assisted IoT

Ciphertext retrieval under heterogeneous data sets is a critical concern in the cloud-assisted Internet of Things (IoT). Previous ciphertext retrieval schemes eliminate computation burden and security concerns to some extent, but cannot support the encrypted heterogeneous data sets. To solve this problem, in this article we propose a transparent ciphertext retrieval system regardless of programming language, accessible platforms, and heterogeneity of data sets. The retrieval system is a novel combination of the proposed access and integration middleware with a current encrypted cloud database system. The middleware enables cross-language and cross-platform queries over various database systems, besides, it schedules the designed data integration method in heterogeneous databases to realize cross-database queries over the encrypted cloud data sets. The proposed ciphertext retrieval system achieves efficient data sharing among different IoT applications with various database systems. We prove that the system guarantees data security by avoiding malicious hackers. Extensive experiments show that our design is efficient and feasible in practice.

Quantum delegated computing ciphertext retrieval scheme

Quantum physics has some unique properties, such as quantum entanglement and quantum superposition. Encryption algorithms designed based on quantum physical properties usually have higher security than classical computing. Applying quantum cryptography to data retrieval can realize cloud database encryption of quantum information. We propose a cloud ciphertext retrieval scheme, which combines quantum encryption and quantum search algorithm to ensure the privacy of data while the server completes information retrieval. In this scheme, the data are stored in the form of qubits string and placed in the quantum superposition state. We establish the mapping relationship between classical information and quantum states. Our scheme solves the problem of a large amount of computing and lack of sufficient computing resources at the client, assigns computing tasks to servers with sufficient resources, and ensures the security of information.

Image Security Retrieval Based on Chaotic Algorithm and Deep Learning

At present, most image retrieval methods are based on plain-text images which poses a threat to some professional fields, such as medicine, military, and finance. In order to achieve greater security for the network transmission security of the image, we establish a deep artificial neural network model to extract features by sample training. Then an image-encryption algorithm that matches and secures image retrieval is designed and integrated into an image-retrieval process based on deep learning. Experiments on multiple authoritative datasets show that the proposed algorithm can not only achieve secure retrieval of ciphertext images, but also improve retrieval efficiency obviously. Specifically, the experimental results on five data sets show that compared with the average performance of 16 comparison algorithms, each evaluation indicator has been significantly improved in our research, with <i>Pre</i> increased by 12.54% - 88.20%, <i>Rec</i> increased by 1.46% - 10.95%, <i>F1</i> increased by 2.86% - 13.55% and <i>mAP</i> increased by 16.64% - 82.47%. Futhermore, the successful realization of the ciphertext retrieval provides some reference for the information security retrieval research.

Security and Privacy Preserving Keyword Search for Cipher Text Retrieval in Cloud Computing based on Oppositional Grasshopper optimization

Security and Privacy Preserving Keyword Search for Cipher Text Retrieval in Cloud Computing based on Oppositional Grasshopper optimization

A fully homomorphism encryption scheme based on LWR

We believe that isomorphic encryption technology can provide strong technical support for users’ privacy protection in a distributed computing environment. There are three types of quasi-homomorphism encryption methods: partial homomorphism encryption, shallow homomorphism encryption, and full homomorphism encryption. homomorphism encryption methods have important applications for ciphertext data computing in distributed computing environments, such as secure cloud computing, fee computing, and remote file storage ciphertext retrieval. It is pointed out that the construction of the homomorphism encryption method is still in the theoretical stage and cannot be used for real high-density data calculation problems. How to design (natural) isomorphic encryption schemes according to algebraic systems is still a challenging research. This question discusses the problem of Learning With Rounding (LWR). Based on the difficulty of LWR, multiple IDs, and attribute categories, a fully homomorphism encryption method corresponding to an ID is proposed. In this paper, in order to reflect the effectiveness of the proposed method, we propose a homomorphism encryption technology based on the password search attribute.

Privacy-Preserving Efficient Data Retrieval in IoMT Based on Low-Cost Fog Computing

The rapid development of Internet of Medical Things (IoMT) is remarkable. However, IoMT faces many problems including privacy disclosure, long delay of service orders, low retrieval efficiency of medical data, and high energy cost of fog computing. For these, this paper proposes a data privacy protection and efficient retrieval scheme for IoMT based on low-cost fog computing. First, a fog computing system is located between a cloud server and medical workers, for processing data retrieval requests of medical workers and orders for controlling medical devices. Simultaneously, it preprocesses physiological data of patients uploaded by IoMT, collates them into various data sets, and transmits them to medical institutions in this way. It makes the entire execution process of low latency and efficient. Second, multidimensional physiological data are of great value, and we use ciphertext retrieval to protect privacy of patient data in this paper. In addition, this paper uses range tree to build an index for storing physiological data vectors, and meanwhile a range retrieval method is also proposed to improve data search efficiency. Finally, bat algorithm (BA) is designed to allocate cost on a fog server group for significant energy cost reduction. Extensive experiments are conducted to demonstrate the efficiency of the proposed scheme.

Forward and backward secure keyword search with flexible keyword shielding

Dynamic Searchable Symmetric Encryption (DSSE) has gained increasing popularity as it enables users to perform both file updates and ciphertext retrieval over encrypted data. However, existing DSSE schemes still lead to privacy leakage (e.g., forward and backward privacy) in the dynamic setting. Some forward and backward secure DSSE schemes have been proposed, but still cannot support the keyword shielding flexibly. To solve this challenging issue, we propose a Forward and Backward Authorized Keyword Search (FB-AKS) scheme with recoverable keyword shielding by using trapdoor permutations and puncturable encryption in this paper. Compared with existing forward and backward private schemes, FB-AKS achieves keyword authorization flexibly (e.g., keyword shielding, keyword un-shielding). The formal security analysis proves that FB-AKS achieves forward and backward security. And extensive experiments demonstrate that FB-AKS has less computation and storage overheads.

Trusted data sharing with flexible access control based on blockchain

Along with the progress of cloud service, a growing quantity of data owners store their data on cloud databases, which can not only reduce data owners’ storage cost but also provide a quick search function. However, while cloud storage brings some conveniences to users, new privacy problems may emerge, such as the leakage of data privacy and user’s query privacy. The best way of protecting data privacy is to encrypt the data. So how to efficiently retrieve the ciphertext to make it available becomes a hot issue in recent years. In this paper, new searchable encryption with multiple keywords is described, it can improve the accuracy of retrieval results, and we present a secure and trusted data sharing framework based on attribute-based encryption (ABE), searchable encryption, and blockchain. Unlike the previous studies, we realize flexible data sharing by using ABE. Furthermore, we transfer the related calculation of ciphertext retrieval to blockchain for credible execution without relying on any trusted third party. The security analysis proves that our method meets the proposed security requirements of data, keyword index, trapdoor, and query. Finally, the experimental results indicate that our scheme suggested has certain practicability and efficiency.

Secure and Lightweight Fine-Grained Searchable Data Sharing for IoT-Oriented and Cloud-Assisted Smart Healthcare System

It is a new trend in healthcare informatization construction to build the smart healthcare system by using the Internet of Things (IoT) and cloud. This IoT-oriented and cloud-assisted healthcare system enables the doctor to monitor the patient’s health state to respond to the paroxysmal diseases in real time. Considering the sensitivity of the patient’s privacy, it is necessary to encrypt the cloud-stored health data to prevent the semi-trusted cloud and unauthorized users from accessing them. However, the encrypted health data stored in the cloud brings inconvenience to the retrieval for the data user. In addition, the expensive computational consumption also raises the challenge to the resource-constrained devices in the patient and doctor sides. To support efficient ciphertext retrieval and cope with the performance challenge, in this article we propose a lightweight attribute-based searchable encryption (LABSE) scheme, which realizes fine-grained access control and keyword search, while reducing the computational overhead for the resource-constrained devices. We rigorously prove the semantic security of the proposed LABSE scheme, and analyze other security properties to response the security requirements under the healthcare scenario. Subsequently, we construct a concrete deployment model for LABSE under the healthcare system. We also compare LABSE with the state-of-the-art related schemes in terms of functionality and complexity. Finally, we demonstrate the practicality and performance advantages by the experiment.

Multi-keyword Cipher-text Retrieval Method for Smart Grid Edge Computing*

With the continuous deepening of China's power grid intelligent upgrading and the rise of edge computing technology, power grid terminals can carry out data storage and intelligent calculation at the edge of the power grid. However, the generated data by users may cause the leakage of user privacy information. The power grid edge system can retrieve the user's electricity data on demand, so as to improve the level of privacy protection and reduce the demand of transmission and computing resources through the localized storage of data. Therefore, how to carry out privacy protection and on-demand retrieval is a key problem to realize the intelligent power grid edge. In this paper, a multi-keyword cipher-text retrieval scheme (MCR- SGEC) for smart grid edge computing is proposed, which can achieve accurate matching of index and trap door, and has low spatial complexity. At the same time, on this basis, a multi-keyword fuzzy cipher-text retrieval method for smart grid edge computing (MFSE-SGEC) is proposed, which allows users to have spelling errors, which makes the user experience better.

A Privacy-Aware and Traceable Fine-Grained Data Delivery System in Cloud-Assisted Healthcare IIoT

The emerging of healthcare Industrial Internet of Things (HealthIIoT) cannot only facilitate high-quality care services for patients but also enable efficient telemedicine platform for healthcare practitioners. However, it faces several fundamental security and privacy challenges, such as secure fine-grained data delivery, privacy preserving keyword-based ciphertext retrieval, malicious key delegation, and efficiency of the system. To combat these issues, we propose a privacy-aware and traceable fine-grained system (PTFS) for secure data delivery in cloud-assisted HealthIIoT. Compared to the existing solutions that only implement some of the preceding features, the proposed solution enables secure fine-grained data delivery, privacy-preserving data retrieval, efficient encryption and decryption operations, and trace of malicious key delegation simultaneously. For security analysis, rigorous proofs of the proposed scheme are provided to prove its security. In addition, extensive simulations and experiments are conducted for performance evaluation, which demonstrate the feasibility and effectiveness of PTFS.

Keyword Semantic Extended Top-k Ciphertext Retrieval Scheme Over Hybrid Government Cloud Environment

Privacy protection is a key problem that must be solved when building government cloud system to realize data storage and sharing. In order to meet the privacy protection requirements of data security storage and document security sharing between data publishers and authorized data access users over the government cloud platform, this paper proposes a keyword semantic extended Top-k ciphertext retrieval scheme over hybrid government cloud environment. Firstly, the scheme uses the hybrid cloud mode to build the government cloud platform to realize the storage and sharing of government documents. Then, the key technologies such as mechanical segmentation method, term frequency-inverse document frequency statistics method, keyword semantic expansion method, homomorphic matrix encryption method and vector space model are used to retrieve the ciphertext documents in a completely confidential state. According to the correlation score calculated by ciphertext retrieval, the Top-k ciphertext target documents with the highest correlation score are returned. And then the scheme decrypts and restores to obtain the Top-k plaintext target documents. The analysis of security and experimental test results shows that this scheme can not only meet the data storage and sharing requirements over government cloud environment, but also prevent the privacy leakage risk of data over government cloud. It is an effective solution to promote the construction and development of government cloud.

An Efficient Ciphertext Retrieval Scheme Based on Homomorphic Encryption for Multiple Data Owners in Hybrid Cloud

An Efficient Ciphertext Retrieval Scheme Based on Homomorphic Encryption for Multiple Data Owners in Hybrid Cloud

Service Innovation of Insurance Data Based on Cloud Computing in the Era of Big Data

With the advent of the era of big data, great changes have taken place in the insurance industry, gradually entering the field of Internet insurance, and a large amount of insurance data has been accumulated. How to realize the innovation of insurance services through insurance data is crucial to the development of the insurance industry. Therefore, this paper proposes a ciphertext retrieval technology based on attribute encryption (HP‐CPABKS) to realize the rapid retrieval and update of insurance data on the premise of ensuring the privacy of insurance information and puts forward an innovative insurance service based on cloud computing. The results show that 97.35% of users are successfully identified in test set A and 98.77% of users are successfully identified in test set B, and the recognition success rate of the four test sets is higher than 97.00%; when the number of challenges is 720, the modified data block is less than 9%; the total number of complaints is reduced from 1300 to 249; 99.19% of users are satisfied with the innovative insurance service; the number of the insured is increased significantly. To sum up, the insurance innovation service based on cloud computing insurance data can improve customer satisfaction, increase the number of policyholders, reduce the number of complaints, and achieve a more successful insurance service innovation. This study provides a reference for the precision marketing of insurance services.

An attribute-based encryption scheme based on unrecognizable trapdoors

Attribute-Based Encryption (ABE) has been widely used for ciphertext retrieval in the cloud environment. However, bi-flexible attribute control and privacy keywords are difficult problems that have yet to be solved. In this paper, we introduce the denial of access policy and the mutual matching algorithm of a dataset used to realize bidirectional control of attributes in the cloud server. To solve the problem of keyword privacy, we construct a security trapdoor by adding random numbers that effectively resist keyword guessing attacks from cloud servers and external attackers. System security is reduced to the Deterministic Bilinear Diffie-Hellman (DBDH) hypothesis problem. We validate our scheme through theoretical security analysis and experimental verification. Experiments are conducted on a real dataset, and results show that the scheme has higher security and retrieval efficiency than previous methods.

Privacy-preserving searchable encryption in the intelligent edge computing

In intelligent edge computing, the private data of users are partly or entirely outsourced to the intelligent edge nodes for processing. To enforce security and privacy on edge network, data owners encrypt their private data and outsource it. It is particularly important to carry out efficient search and update on encrypted data. In this paper, we propose a searchable scheme to solve these problems on the intelligent edge network. Specially, we first propose S-HashMap index structure to make data update efficiently and safely while promising multi-keyword fuzzy ciphertext retrieval. Secondly, to measure the similarity between the query vector and the index nodes, we utilize the secure k-nearest neighbor to calculate the Euclidean distance. In addition to eliminating the necessity of pre-defined dictionaries, we achieve efficient multi-keyword fuzzy search and index updating without increasing search complexity. At the same time, this paper makes a thorough theoretical analysis and simulation of the proposed scheme. Compared with other schemes, we demonstrate that our scheme has better security and efficiency.