Fast and Privacy-Preserving Attribute-Based Keyword Search in Cloud Document Services

Currently, various encryption techniques have been employed to protect the documents in cloud storage. In particular, attribute-based keyword search (ABKS) is a practical encryption primitive that can realize fine-grained access control and keyword based searching over encrypted documents. However, the search time in most of the existing ABKS schemes increases linearly with the size of document collection, which hinders the wide application of ABKS in cloud computing. To this end, we propose FAKS, a fast and privacy-preserving attribute-based keyword search system for cloud document services. Specifically, FAKS builds a Bloom filter tree structure from the document collection, which avoids matching keywords by traversing the entire collection. Then we introduce an attribute-based authenticated index retrieval (ABAIR) scheme to encrypt the Bloom filters in the tree node and retrieve the documents with the encrypted Bloom filters of the query keywords. Further, we give a concrete construction of FAKS from ABAIR to execute the keyword matching operations sublinearly in a top-down manner, and prove the security of FAKS against chosen keyword attack and keyword guessing attack. Finally, we conduct extensive experiments over the Wikipedia dataset, which show better and more stable search efficiency of FAKS compared to existing schemes.