Security Analysis on One-to-Many Order Preserving Encryption-Based Cloud Data Search

Author

Ke Li ; Weiming Zhang ; Ce Yang ; Nenghai Yu

Author_Institution

Key Lab. of Electromagn. Space Inf., Univ. of Sci. & Technol. of China, Hefei, China

Volume

10

Issue

9

fYear

2015

fDate

Sept. 2015

Firstpage

1918

Lastpage

1926

Abstract

For ranked search in encrypted cloud data, order preserving encryption (OPE) is an efficient tool to encrypt relevance scores of the inverted index. When using deterministic OPE, the ciphertexts will reveal the distribution of relevance scores. Therefore, Wang et al. proposed a probabilistic OPE, called one-to-many OPE, for applications of searchable encryption, which can flatten the distribution of the plaintexts. In this paper, we proposed a differential attack on one-to-many OPE by exploiting the differences of the ordered ciphertexts. The experimental results show that the cloud server can get a good estimate of the distribution of relevance scores by a differential attack. Furthermore, when having some background information on the outsourced documents, the cloud server can accurately infer the encrypted keywords using the estimated distributions.

Keywords

cloud computing; cryptography; probability; ciphertexts; deterministic OPE; differential attack; encrypted keywords; inverted index relevance score encryption; one-to-many OPE; one-to-many order preserving encryption-based cloud data search; probabilistic OPE; ranked search; searchable encryption; security analysis; Cloud computing; Encryption; Indexes; Keyword search; Servers; Searchable encryption; cloud computing; order preserving encryption; privacy; searchable encryption;

fLanguage

English

Journal_Title

Information Forensics and Security, IEEE Transactions on

Publisher

ieee

ISSN

1556-6013

Type

jour

DOI

10.1109/TIFS.2015.2435697

Filename

7110579