What is Symmetric Searchable Encryption?
Symmetric Searchable Encryption (SSE) is a promising encryption technique that squarely fits the cloud paradigm and can pave the way for the development of cloud services that will respect users’ privacy even in the case of a compromised Cloud Service Provider (CSP). Additionally, SSE schemes can be seen as a first, fundamental step for protecting users’ data from both external and internal attacks (e.g. a malicious administrator). This is due to the fact that in an SSE scheme, users generate all the secret information (encryption key) locally and encrypt all of their data on client side (i.e. the encryption key is never revealed to the CSP). The service offered by the CSP is only used for storing and retrieving the generated ciphertexts. In contrast to traditional encryption schemes, SSE offers a remarkable functionality – it allows users to search for specific keywords directly through the stored ciphertexts. This is done by asking the CSP to execute search queries in a privacy-preserving way. In other words, the CSP can find all the ciphertexts containing a specific keyword, without knowing the underlying keyword or anything about the content of the corresponding files.
How does it work in ASCLEPIOS?
In ASCLEPIOS, we use an SSE scheme in which the search queries depend on the number of times a keyword has been searched for and the number of files the keyword exists in. Thus, every time a user searches for all files containing a specific keyword, the search query is different even if she is searching for the same keyword! The reason we chose this approach is to prevent a potential adversary extract valuable information from past queries.
Naturally, since our scheme makes use of dynamic search queries, users need to be synchronised to create consistent queries, in the sense that they need to know how many times the keyword has been searched for and how many files the keyword exists in. To deal with this, we make use of a Trusted Authority (TA) running in Trusted Execution Environment (TEE) where this information is stored in two indexes SearchCount[w] and FileCount[w]. For a user to search for all files containing the keyword w, she must first contact the TA to request for the aforementioned values.
Range Queries
Our construction can be further enhanced to support range queries. A range query can be of two different forms:
- “Find all elements smaller/greater than n”, where n ∈ R
- “Find all elements between a and b”, where [a,b] ⊂ R
It is clear, that enhancing an SSE scheme with this property is really important, especially in the healthcare sector where a doctor could issue a query such as “Find all patients between 35 and 45 years old”.
To provide our scheme with this extension, one more index – Order[w] – needs to be generated and sent to the TA. This index will contain an encryption of each keyword, sorted by the plaintext. Hence, when a user wishes to search for all values in the interval [a,b], she first sends the hashes h(a) and h(b) to the TA. Upon reception, TA retrieves the index Order[w], locates the values h(a) and and h(b) sends back to the user every element that lies between h(a) and h(b). Finally, for every element returned, the user performs a search operation as described earlier.
Conclusion
Searchable encryption has a lot of potential for increasing the security of cloud solutions. It is a very interesting direction in order to obtain more practical solutions that can be deployed to preserve users’ privacy. If you are interested in finding out more technical details about how our schemes work, you can find our paper “Modern Family: A Revocable Hybrid Encryption Scheme Based on Attribute-Based Encryption, Symmetric Searchable Encryption and SGX” by Alexandros Bakas and Antonis Michalas, available in the Proceedings of SecureComm 2019 here.
For more info on how the functionalities we described will be offered through the ASCLEPIOS framework, stay tuned for upcoming blogposts!
ASCLEPIOS is a project funded by the EU and will end at November 2021.