OS2: Oblivious similarity based searching for encrypted data outsourced to an untrusted domain

Zeeshan Pervez, Mahmood Ahmad, Asad Masood Khattak, Naeem Ramzan, Wajahat Ali Khan, Kim-Kwang Raymond Choo
2017 PLoS ONE  
Public cloud storage services are becoming prevalent and myriad data sharing, archiving and collaborative services have emerged which harness the pay-as-you-go business model of public cloud. To ensure privacy and confidentiality often encrypted data is outsourced to such services, which further complicates the process of accessing relevant data by using search queries. Search over encrypted data schemes solve this problem by exploiting cryptographic primitives and secure indexing to identify
more » ... tsourced data that satisfy the search criteria. Almost all of these schemes rely on exact matching between the encrypted data and search criteria. A few schemes which extend the notion of exact matching to similarity based search, lack realism as those schemes rely on trusted third parties or due to increase storage and computational complexity. In this paper we propose Oblivious Similarity based Search (OS2) for encrypted data. It enables authorized users to model their own encrypted search queries which are resilient to typographical errors. Unlike conventional methodologies, OS2 ranks the search results by using similarity measure offering a better search experience than exact matching. It utilizes encrypted bloom filter and probabilistic homomorphic encryption to enable authorized users to access relevant data without revealing results of search query evaluation process to the untrusted cloud service provider. Encrypted bloom filter based search enables OS2 to reduce search space to potentially relevant encrypted data avoiding unnecessary computation on public cloud. The efficacy of OS2 is evaluated on Google App Engine for various bloom filter lengths on different cloud configurations. OPEN ACCESS Citation: Pervez Z, Ahmad M, Khattak AM, Ramzan N, Khan WA (2017) OS2: Oblivious similarity based searching for encrypted data outsourced to an untrusted domain. PLoS ONE 12(7): e0179720.
doi:10.1371/journal.pone.0179720 pmid:28692697 pmcid:PMC5503255 fatcat:fumxu4oacvfhtnmcygbwka6ijm