Researchers at IIT-Kharagpur have developed a solution to access encrypted data on cloud server with keywords, without the need for decryption nor compromising the security of the system, a statement said on Wednesday.
The solution by the Secured Embedded Architecture Lab (SEAL) at IIT Kharagpur is pragmatic in the sense that it allows analytics on the encrypted data itself, it said, adding that this eliminates the need to decrypt the data or compromise system security.
“We need cryptosystems that allow searchable encryption, or more simply, keyword search over encrypted document collections and databases” said researcher Sikhar Patranabis at SEAL.
The research has led to Controlled Access Searchable Encryption (CASE), a new public-key searchable encryption, or the process of encoding a message or information in such a way that only authorised parties can access it.
“We are expecting to have a full-fledged prototype implementation of our controlled-access searchable encryption set-up by the end of 2017,” Patranabis said.
CASE allows a data owner to generate a controlled-search access that can restrict the search capabilities of a data user to a specific subset of documents in the collection.
“This prevents the vulnerability of the full data set. CASE also preserves the privacy of the underlying plain-text data under well-known cryptographic assumptions,” said Debdeep Mukhopadhyay, lead researcher of the project and Director of incubation at Embedded Security and Privacy Pvt Ltd. (ESP), STEP-IIT Kharagpur.
Data encryption which is used as solution to data security often makes data searching and data mining operations difficult.
The solution involving sending data back to the owner for decryption and returning to the same client, is time-consuming with high costs as it requires heavy bandwidth and storage capabilities.
It also under-utilises the computational ability of the cloud, which is usually much greater than that of individual devices. CASE addresses the gap, say the researchers.