Searching on Encrypted E-Data Using Random Searchable Encryption (RanSCrypt) Scheme
my (M.A.M.A.); firstname.lastname@example.org (M.Y.I.B.I.); Tel.: +88-016-7658-2838 (M.A.M.A.); +60-172-096-296 (M.Y.I.B.I.) Abstract: Cloud computing is intensifying the necessity for searchable encryption (SE) for data protection in cloud storage. SE encrypts data to preserve its confidentiality while offering a secure search facility on the encrypted data. Typical index-based SEs in data sharing scenarios can effectively search secure keyword indexes. However, due to the smaller size of the keyword space,
... SEs using a public key are susceptible to a Keyword Guessing Attack (KGA) and other statistical information leakage. In this paper, for secure search in a data sharing scenario, we propose Random Searchable enCryption (RanSCrypt) that adds randomness to a transformed keyword to increase its space and aspires to make it irreversible. At the core of the mechanism, two keywords are garbled with randomness, still enabling another party to determine if the two garbled keywords (RanSCrypt's terms REST and Trapdoor) are the same or not without knowing the actual keywords. As SE in a public key setting suffers from vulnerability to KGA, RanSCrypt transfers into a symmetric key setting with minimum overhead and without losing the features of a data sharing scenario. RanSCrypt also adulterates the search result to add perplexity and provides full control of access only to the data receiver. The receiver can cull out the erroneous results from the search result locally. Finally, we introduce a new type of attack on SE, namely, the Keyword Luring Attack (KLA), and show that RanSCrypt is safe from KLA attack due to adulteration of the result. Our security analysis proves RanSCrypt is invulnerable against KGA and leaks no information.