Encrypted Documents Retrieval From The Cloud With Searchable Encryption : A Searchable Encryption Scheme Implementation

Sammanfattning: Encrypting data is a solution to enhance the privacy and confidentiality of the data owners when outsourcing storage to cloud storage providers. However, using conventional encryption algorithms would render search queries based on the content of the data useless. One solution to that problem is encrypting the data using a searchable encryption scheme which allows querying the encrypted data by its contents while keeping it encrypted on the cloud to maintain the privacy and confidentiality of the data. One sector that might benefit from using a searchable encryption scheme is the public procurement sector. Preparing to bid on public procurement can be complex because the potential bidder needs to fulfill requirements to confirm that they are eligible. The information and documents needed to win a bid are confidential. Thus, privacy is essential. Tendium offers services to potential bidders to manage their documents with potentially sensitive data in a cloud-based environment. Clients using this service can benefit from using a searchable encryption scheme. A searchable encryption scheme was designed and implemented as a proof of concept. The implemented scheme builds an index database based on keywords extracted from the documents where each keyword is encrypted and stored in the database. Each entry in the database has encrypted keywords and associated identifiers for the corresponding document that the keyword occurs in. The documents are then encrypted using the AES encryption algorithm. Searching the database is performed by utilizing deterministic cryptographic primitives to encrypt the searched keywords and query the database for the resulting ciphertext, which returns its corresponding document identifiers. The document identifiers are used to retrieve the encrypted documents. The documents are decrypted after they are retrieved. The implemented scheme has a linear time complexity relative to the number of words in the document when encrypting a document. The implemented scheme utilizes MongoDB for its index database. It is demonstrated that the scheme is efficient and performs queries for single keyword search and multi-keyword search in less than one millisecond.