Security Analysis on Cloud Data Search by using one to many Order Preserving Encryption

Authors

  • Karishma Pathan  KJEI's Trinity Academy of Engineering, Pune, Maharashtra, India
  • Krushna Phad  KJEI's Trinity Academy of Engineering, Pune, Maharashtra, India
  • Nisha Waikar  KJEI's Trinity Academy of Engineering, Pune, Maharashtra, India
  • Sonal Yenpure  KJEI's Trinity Academy of Engineering, Pune, Maharashtra, India

Keywords:

Access controls, Authentication, Cryptographic controls, Information flow controls, Invasive software (e.g. viruses, worms, Trojan horses), Security kernels, Verification.

Abstract

Cloud computing economically enables the paradigm of data service out-sourcing. However, to protect data privacy, sensitive cloud data have to be encrypted before outsourced to the commercial public cloud, which makes effective data utilization service a very challenging task .For ranked search in encrypted cloud data, order preserving encryption (OPE) is an efficient tool to encrypt relevance scores of the inverted index. When using deterministic OPE, the cipher texts will reveal the distribution of relevance scores. Therefore it is called one-to-many OPE, for applications of searchable encryption, which can flatten the distribution of the plain texts. We proposed a differential attack on one-to-many OPE by exploiting the differences of the ordered cipher texts. The experimental results show that the cloud server can get a good estimate of the distribution of relevance scores by a differential attack. Thus sensitive data have to be encrypted before being outsourced to a commercial public cloud. By using recurrence score we can retrieve the file from cloud.

References

  1. Subashini and V. Kavitha, "A survey on security issues in service delivery models of cloud computing," J. Netw. Comput. Appl., vol. 34, no. 1, pp. 1–11, 2011.
  2. Boldyreva, N. Chenette, Y. Lee, and A. O'Neill, "Order-preserving symmetric encryption," in Advances in Cryptology. Berlin, Germany: Springer-Verlag, 2009, pp. 224–241.
  3. Boldyreva, N. Chenette, and A.O'Neill, "Order-preserving encryption revisited: Improved security analysis and alternative solutions,"in Advances in Cryptology. Berlin, Germany: Springer-Verlag, 2011, pp. 578 595.
  4. Xiao and I.-L. Yen, "Security analysis for order preserving encryption schemes," in Proc. 46th Annu. Conf. Inf. Sci. Syst., Mar. 2012, pp. 1–6
  5. Wang, N. Cao, K. Ren, and W. Lou, "Enabling secure and efficient ranked keyword search over outsourced cloud data," IEEE Trans. Parallel Distrib. Syst., vol. 23, no. 8, pp. 1467–1479, Aug. 2012.
  6. Yu, C. Wang, K. Ren, and W. Lou, "Achieving secure, scalable, and fine-grained data access control in cloud computing," in Proc. IEEE INFOCOM, Mar. 2010, pp. 1–9..

IInternational Journal of Scientific Research in Computer Science, Engineering and Information Technology

Downloads

Published

2017-04-30

Issue

Volume 2, Issue 2, March-April-2017

Section

Research Articles

License

Copyright (c) IJSRCSEIT

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Karishma Pathan, Krushna Phad, Nisha Waikar, Sonal Yenpure, " Security Analysis on Cloud Data Search by using one to many Order Preserving Encryption, IInternational Journal of Scientific Research in Computer Science, Engineering and Information Technology(IJSRCSEIT), ISSN : 2456-3307, Volume 2, Issue 2, pp.558-561 , March-April-2017.