Content deleted Content added
added section on security |
No edit summary |
||
Line 27:
The problem of searching on encrypted data was considered by [[Dawn Song|Song]], [[David A. Wagner|Wagner]] and [[Adrian Perrig|Perrig]] <ref name=":0" /> though previous work on [[Oblivious RAM]] by [[Oded Goldreich|Goldreich]] and [[Rafail Ostrovsky|Ostrovsky]] <ref>{{Cite journal|last=Goldreich|first=Oded|last2=Ostrovsky|first2=Rafail|date=1996-05|title=Software protection and simulation on oblivious RAMs|url=http://dx.doi.org/10.1145/233551.233553|journal=Journal of the ACM|volume=43|issue=3|pages=431–473|doi=10.1145/233551.233553|issn=0004-5411}}</ref> could be used in theory to address the problem. This work <ref name=":0" /> proposed an SSE scheme with a search algorithm that runs in time <math>O(s)</math>, where <math>s = |\mathbf{D}|</math>. Goh <ref name=":2">{{Cite web|last=Goh|first=Eu-Jin|title=Secure Indexes|url=https://eprint.iacr.org/2003/216}}</ref> and Chang and [[Michael Mitzenmacher|Mitzenmacher]] <ref name=":3">{{Cite journal|last=Chang|first=Yan-Cheng|last2=Mitzenmacher|first2=Michael|date=2005|editor-last=Ioannidis|editor-first=John|editor2-last=Keromytis|editor2-first=Angelos|editor3-last=Yung|editor3-first=Moti|title=Privacy Preserving Keyword Searches on Remote Encrypted Data|url=https://link.springer.com/chapter/10.1007/11496137_30|journal=Applied Cryptography and Network Security|series=Lecture Notes in Computer Science|language=en|___location=Berlin, Heidelberg|publisher=Springer|pages=442–455|doi=10.1007/11496137_30|isbn=978-3-540-31542-1}}</ref> gave new SSE constructions with search algorithms that run in time <math>O(n)</math>, where <math>n</math> is the number of documents. Curtmola, Garay, [[Seny Kamara|Kamara]] and [[Rafail Ostrovsky|Ostrovsky]] <ref name=":1" /> later proposed two static constructions with <math>O(\mathrm{opt} )</math> search time, where <math>\mathrm{opt}</math> is the number of documents that contain <math>w</math>, which is optimal. This work also proposed a semi-dynamic construction with <math>O(\mathrm{opt}\cdot \log(u))</math> search time, where <math>u</math> is the number of updates. An optimal dynamic SSE construction was later proposed by [[Seny Kamara|Kamara]], Papamanthou and Roeder. <ref>{{Cite journal|last=Kamara|first=Seny|last2=Papamanthou|first2=Charalampos|last3=Roeder|first3=Tom|date=2012-10-16|title=Dynamic searchable symmetric encryption|url=https://doi.org/10.1145/2382196.2382298|journal=Proceedings of the 2012 ACM conference on Computer and communications security|series=CCS '12|___location=New York, NY, USA|publisher=Association for Computing Machinery|pages=965–976|doi=10.1145/2382196.2382298|isbn=978-1-4503-1651-4}}</ref>
Goh <ref name=":2" /> and Chang and [[Michael Mitzenmacher|Mitzenmacher]] <ref name=":3" /> proposed security definitions for SSE
Ramification, Attack and Mitigation|url=https://www.ndss-symposium.org/wp-content/uploads/2017/09/06_1.pdf|journal=Network and Distributed System Security (NDSS) Symposium}}</ref>
| |||