Verifiable and Privacy-Enhanced Authorized Keyword Search for Mobile Cloud Storage

Mobile cloud storage enables IoT devices to use on-demand resources and share data with different mobile devices, where these outsourced data on the cloud are encrypted due to data confidentiality concern. Although dynamic searchable symmetric encryption (DSSE) allows data owners to directly search and update its encrypted data, it rarely considers implementing authorized search towards different mobile devices. Existing authorized keyword search systems for mobile cloud storage suffer from the following limitations: (i) only achieves Type-III backward privacy; (ii) no support for verification of search result; (iii) incurs high time overhead for data update and search. Therefore, we propose VE-FLY++, an efficient, verifiable and authorized DSSE system with forward and enhanced backward privacy for mobile cloud storage. Technically, VE-FLY++ presents a verifiable inverted bitmap index (VIBI) to achieve forward privacy and enhanced Type-I (a.k.a., Type-I-) backward privacy, with supporting verification of search results. In addition, we combine symmetric encryption with homomorphic addition with introduced VIBI for fast authorized search function. To further enable efficiently handling hundreds of millions of files, we adopt chunking technology to present a highly-scalable VE-FLY++. Finally, we use Raspberry Pi, Rock Pi, and Huawei Cloud on real datasets to conduct extensive experiments to clarify practical efficiency of VE-FLY++.