Abstract
We consider a setting where users store their encrypted documents on a remote server and can selectively share documents with each other. A user should be able to perform keyword searches over all the documents she has access to, including the ones that others shared with her. The contents of the documents, and the search queries, should remain private from the server. This setting was considered by Popa et al. (NSDI ’14) who developed a new cryptographic primitive called Multi-Key Searchable Encryption (MKSE), together with an instantiation and an implementation within a system called Mylar, to address this goal. Unfortunately, Grubbs et al. (CCS ’16) showed that the proposed MKSE definition fails to provide basic security guarantees, and that the Mylar system is susceptible to simple attacks. Most notably, if a malicious Alice colludes with the server and shares a document with an honest Bob then the privacy of all of Bob’s search queries is lost. In this work we revisit the notion of MKSE and propose a new strengthened definition that rules out the above attacks. We then construct MKSE schemes meeting our definition. We first give a simple and efficient construction using only pseudorandom functions. This construction achieves our strong security definition at the cost of increasing the server storage overhead relative to Mylar, essentially replicating the document each time it is shared. We also show that high server storage overhead is not inherent, by giving an alternate (albeit impractical) construction that manages to avoid it using obfuscation.
Original language | English |
---|---|
Title of host publication | Public-Key Cryptography - PKC 2018 - 21st IACR International Conference on Practice and Theory of Public-Key Cryptography, Proceedings |
Editors | Michel Abdalla, Ricardo Dahab |
Publisher | Springer Science and Business Media Deutschland GmbH |
Pages | 95-124 |
Number of pages | 30 |
ISBN (Print) | 9783319765778 |
DOIs | |
State | Published - 2018 |
Externally published | Yes |
Event | 21st IACR International Conference on Practice and Theory of Public-Key Cryptography, PKC 2018 - Rio de Janeiro, Brazil Duration: 25 Mar 2018 → 29 Mar 2018 |
Publication series
Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|
Volume | 10769 LNCS |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | 21st IACR International Conference on Practice and Theory of Public-Key Cryptography, PKC 2018 |
---|---|
Country/Territory | Brazil |
City | Rio de Janeiro |
Period | 25/03/18 → 29/03/18 |
Bibliographical note
Publisher Copyright:© International Association for Cryptologic Research 2018.
Funding
Acknowledgments. We thank the anonymous PKC reviewers for suggesting to use hashing to reduce search time to O(1) in Construction 1. This work was supported by NSF grants CNS-1314722, CNS-1413964, TWC-1664445 and TWC-1646671. The third author was supported in part by The Eric and Wendy Schmidt Postdoctoral Grant for Women in Mathematical and Computing Sciences.
Funders | Funder number |
---|---|
National Science Foundation | TWC-1664445, CNS-1413964, TWC-1646671, CNS-1314722 |