Recently, several practical attacks raised serious concerns over the securityof searchable encryption. The attacks have brought emphasis on forward privacy,which is the key concept behind solutions to the adaptive leakage-exploitingattacks, and will very likely to become mandatory in the design of newsearchable encryption schemes. For a long time, forward privacy impliesinefficiency and thus most existing searchable encryption schemes do notsupport it. Very recently, Bost (CCS 2016) showed that forward privacy can beobtained without inducing a large communication overhead. However, Bost'sscheme is constructed with a relatively inefficient public key cryptographicprimitive, and has a poor I/O performance. Both of the deficienciessignificantly hinder the practical efficiency of the scheme, and prevent itfrom scaling to large data settings. To address the problems, we first presentFAST, which achieves forward privacy and the same communication efficiency asBost's scheme, but uses only symmetric cryptographic primitives. We thenpresent FASTIO, which retains all good properties of FAST, and further improvesI/O efficiency. We implemented the two schemes and compared their performancewith Bost's scheme. The experiment results show that both our schemes arehighly efficient, and FASTIO achieves a much better scalability due to itsoptimized I/O.
展开▼
