Temporary Keyword Search for Secure Cloud Storage

Abstract

Temporary keyword search on confidential data in a cloud environment is the main focus of this research. The cloud providers are not fully trusted. So, it is necessary to outsource data in the encrypted form. In the attribute-based keyword search (ABKS) schemes, the authorized users can generate some search tokens and send them to the cloud for running the search operation. These search tokens can be used to extract all the ciphertexts which are produced at any time and contain the corresponding keyword. Since this may lead to some information leakage, it is more secure to propose a scheme in which the search tokens can only extract the ciphertexts generated in a specified time interval. To this end a new cryptographic primitive was introduced called key-policy attribute-based temporary keyword search (KPABTKS) which provide this property. To evaluate the security of our scheme, we formally prove that our proposed scheme achieves the keyword secrecy property and is secure against selectively chosen keyword attack (SCKA) both in the random oracle model and under the hardness of Decisional Bilinear Diffie-Hellman (DBDH) assumption. Furthermore, the complexity of the encryption algorithm is linear with respect to the number of the involved attributes are provided. Performance evaluation shows our scheme’s practicality.

Existing System

Public key encryption with keyword search is a cryptographic primitive which was first introduced to facilitate searching on the encrypted data. In PEKS, each data owner who knows the public key of the intended data user generates a searchable ciphertext by means of his/her public key and outsources it to the cloud. Then, the data user extracts a search token related to an arbitrary keyword by using his/her secret key, and issues it to the cloud. The Cloud Service Provider runs the search operation by using the received search token on behalf of the data. User to find the relevant results to the intended keywords.

Proposed System

The novel notion of KP-ABTKS, and proposed a concrete construction for this new cryptographic services. The proposed concrete scheme is designed based on bilinear pairing. In the proposed KP-ABTKS, each user is identified with an access control policy. The data owner selects an attribute set, and runs the encryption algorithm with regard to it. If a data user’s attributes set satisfies the access tree of the data owner, then he/she can generate a valid search token. The cloud applies the generated search token to find the corresponding ciphertexts which have been encrypted in a time interval specified by the data user. Two security definitions was generated for KPABTKS in the standard model. One of them defines its security against selectively chosen keyword attack, and the other one defines the keyword secrecy of KP-ABTKS. It formally proves that othe proposed scheme satisfies these security definitions under the hardness of the Decisional Diffe-Hellman assumption. The performance of the proposed construction was evaluated of KP-ABTKS in terms of both computational complexity and the execution time. The performance evaluation shows the practical aspects of this project.

Architecture

ARCHITECTURE DIAGRAM