Dynamic Searchable Symmetric Encryption Schemes Supporting Range Queries with Forward/Backward Privacy
This work addresses security vulnerabilities in encrypted cloud storage for users needing range queries, though it is incremental as it extends existing forward/backward-private DSSE concepts.
The paper tackles the problem of dynamic searchable symmetric encryption (DSSE) schemes being vulnerable to file-injection attacks and content leaks, proposing two new schemes that support range queries with forward or backward privacy, where one handles many documents and the other offers backward privacy but with limited document capacity.
Dynamic searchable symmetric encryption (DSSE) is a useful cryptographic tool in encrypted cloud storage. However, it has been reported that DSSE usually suffers from file-injection attacks and content leak of deleted documents. To mitigate these attacks, forward privacy and backward privacy have been proposed. Nevertheless, the existing forward/backward-private DSSE schemes can only support single keyword queries. To address this problem, in this paper, we propose two DSSE schemes supporting range queries. One is forward-private and supports a large number of documents. The other can achieve backward privacy, while it can only support a limited number of documents. Finally, we also give the security proofs of the proposed DSSE schemes in the random oracle model.