Multi-Key Searchable Encryption, Revisited

Ariel Hamlin, Abhi Shelat, Mor Weiss, Daniel Wichs

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

34 Scopus citations

Abstract

We consider a setting where users store their encrypted documents on a remote server and can selectively share documents with each other. A user should be able to perform keyword searches over all the documents she has access to, including the ones that others shared with her. The contents of the documents, and the search queries, should remain private from the server. This setting was considered by Popa et al. (NSDI ’14) who developed a new cryptographic primitive called Multi-Key Searchable Encryption (MKSE), together with an instantiation and an implementation within a system called Mylar, to address this goal. Unfortunately, Grubbs et al. (CCS ’16) showed that the proposed MKSE definition fails to provide basic security guarantees, and that the Mylar system is susceptible to simple attacks. Most notably, if a malicious Alice colludes with the server and shares a document with an honest Bob then the privacy of all of Bob’s search queries is lost. In this work we revisit the notion of MKSE and propose a new strengthened definition that rules out the above attacks. We then construct MKSE schemes meeting our definition. We first give a simple and efficient construction using only pseudorandom functions. This construction achieves our strong security definition at the cost of increasing the server storage overhead relative to Mylar, essentially replicating the document each time it is shared. We also show that high server storage overhead is not inherent, by giving an alternate (albeit impractical) construction that manages to avoid it using obfuscation.

Original languageEnglish
Title of host publicationPublic-Key Cryptography - PKC 2018 - 21st IACR International Conference on Practice and Theory of Public-Key Cryptography, Proceedings
EditorsMichel Abdalla, Ricardo Dahab
PublisherSpringer Science and Business Media Deutschland GmbH
Pages95-124
Number of pages30
ISBN (Print)9783319765778
DOIs
StatePublished - 2018
Externally publishedYes
Event21st IACR International Conference on Practice and Theory of Public-Key Cryptography, PKC 2018 - Rio de Janeiro, Brazil
Duration: 25 Mar 201829 Mar 2018

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10769 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference21st IACR International Conference on Practice and Theory of Public-Key Cryptography, PKC 2018
Country/TerritoryBrazil
CityRio de Janeiro
Period25/03/1829/03/18

Bibliographical note

Publisher Copyright:
© International Association for Cryptologic Research 2018.

Funding

Acknowledgments. We thank the anonymous PKC reviewers for suggesting to use hashing to reduce search time to O(1) in Construction 1. This work was supported by NSF grants CNS-1314722, CNS-1413964, TWC-1664445 and TWC-1646671. The third author was supported in part by The Eric and Wendy Schmidt Postdoctoral Grant for Women in Mathematical and Computing Sciences.

FundersFunder number
National Science FoundationTWC-1664445, CNS-1413964, TWC-1646671, CNS-1314722

    Fingerprint

    Dive into the research topics of 'Multi-Key Searchable Encryption, Revisited'. Together they form a unique fingerprint.

    Cite this