RESeED: Regular Expression Search over Encrypted Data in the Cloud

Capabilities for trustworthy cloud-based computing and data storage require usable, secure and efficient solutions which allow clients to remotely store and process their data in the cloud. In this paper, we present RESeED, a tool which provides user-transparent and cloud-agnostic search over encrypted data using regular expressions without requiring cloud providers to make changes to their existing infrastructure. When a client asks RESeED to upload a new file in the cloud, RESeED analyzes the file´s content and updates novel data structures accordingly, encrypting and transferring the new data to the cloud. RESeED provides regular expression search over this encrypted data by translating queries on-the-fly to finite automata and analyzes efficient and secure representations of the data before asking the cloud to download the encrypted files. We evaulate a working prototype of RESeED experimentally (currently publicly available) and show the scalability and correctness of our approach using real-world data sets from arXiv.org and the IETF. We show absolute accuracy for RESeED, with very low (6%) overhead, and high performability, even beating grep for some benchmarks.