Improved and Secure Search Function for Encrypted Cloud Data

Segev Gil, HUJI, School of Computer Science and Engineering, Computer Science

Searchable symmetric encryption with practical big-data performance and strong security

  • Outsourcing data storage to remote servers offers invaluable benefits while introducing many concerns when dealing with sensitive data.
  •  In the presence of potentially-vulnerable servers, strong user-side encryption preserves the confidentiality of the data but renders essential operations (such as keyword search) extremely expensive and sometimes even unfeasible.
  • To overcome this problem, the cryptography and security community has developed various searchable symmetric encryption (SSE) methods that enable searching through encrypted data without revealing any unnecessary information.
  • However, despite the rapidly increasing commercial interest in SSE technology, it has been shown that the performance of the existing methods scales badly to big data, not due to their usage of expressive cryptographic tools, but rather due to their poor data locality.
  • Practical big-data performance and strong security are the two most essential ingredients for unleashing the potential of SSE technology, but have so far emerged as two extremely conflicting goals.

Our Innovation

  • The first searchable symmetric encryption (SSE) method that offers practical big-data performance while guaranteeing strong security. The method can be based on any off-the- shelf block cipher and enjoys essentially optimal space and communication overheads together with near-optimal data locality.


Key Features

  • A breakthrough combination of cryptographic and algorithmic techniques
  • Significant improvements over previous SSE systems in both security and performance
  • Practical big-data performance
  • Strong and precise security guarantees
  • Low-cost implementation given any off-the- shelf block cipher

Patent Status

Granted US 10,331,913

Contact for more information:

Anna Pellivert
Contact ME: