Dual-Server Boolean Data Retrieval for Highly-Scalable Secure File Sharing Services

Searchable encryption (SE) is a promising strategy for cloud-based file retrieval services, via structuring correspondences between files and keywords. Public key encryption with keyword search (PEKS) has been generally employed in file-sharing services, as compared to searchable symmetric encryption (SSE). However, PEKS is inherently vulnerable to keyword guessing attacks (KGA) launched by a malicious server. To resist such attacks, classic solutions are dual-server PEKS (DS-PEKS) [TIFS’2015] and server-aided PEKS (SA-PEKS) [TIFS’2016]. However, the query model in these two solutions only support single keyword search pattern, which inevitably limits their wide deployments in practice due to efficiency concern. In this work, we present DSB-SE, a new cloud-based file sharing & retrieval system that supports boolean queries while retaining KGA-resistance. Compared to DS-PEKS and SA-PEKS, the cost of documents searching in DSB-SE is 25, 000 times (resp. 6, 600 times) faster when $\#\text {keyword}=10$ and $s\text {-term}=1$ , where $s$ -term is the least frequent keyword in the query pattern. Technically, the performance gain derives from revisiting traditional boolean SSE by: (i) introducing a pairing-free DDH-based transformation key modular that allows a data reader’s query pattern to be treated as a data writer’s; (ii) employing the dual-server methodology to support boolean query with efficient validity checks. In particular, the client-to-cloud communication cost for retrieving index of a single document is bounded to $10^{-2}s$ , and the cost of sending a token ranges from $8\times 10^{-2}s\sim 13\times 10^{-2}s$ . Nevertheless, DSB-SE is $1.5\times 10^{-2}s$ slightly slower than DS-PEKS (but $1.35\times 10^{-2}s$ faster than SA-PEKS) for key generation cost. Overall, the experiments show that the DSB-SE is practical and sufficient for real cloud applications, which is conducted over Enron dataset under a real-world cloud platform.