Skip navigation

Oblivious keyword search with authorization and verification for IoT devices in untrusted Cloud environments

Oblivious keyword search with authorization and verification for IoT devices in untrusted Cloud environments

Wei, Zhongkai ORCID logoORCID: https://orcid.org/0009-0001-1701-1043, Zhao, Bo ORCID logoORCID: https://orcid.org/0000-0002-7600-2278, Yang, Haining ORCID logoORCID: https://orcid.org/0000-0002-1958-3117, Qin, Jing ORCID logoORCID: https://orcid.org/0000-0003-2380-0396 and Ma, Jixin ORCID logoORCID: https://orcid.org/0000-0001-7458-7412 (2025) Oblivious keyword search with authorization and verification for IoT devices in untrusted Cloud environments. IEEE Internet of Things Journal. ISSN 2327-4662 (Online) (doi:10.1109/JIOT.2025.3550198)

[thumbnail of Author's Accepted Manuscript]
Preview
PDF (Author's Accepted Manuscript)
50009 MA_Oblivious_Keyword_Search_With_Authorization_And_Verification_For_IoT_Devices_In_Untrusted_Cloud_Environments_(AAM)_2025.pdf - Accepted Version

Download (1MB) | Preview

Abstract

With the rapid advancement of Internet of Things (IoT) technology, large volumes of data are exchanged among users via cloud servers. However, in an untrusted cloud server environment, the risk of data tampering is significant. For instance, a cloud server may fail to update its records promptly after receiving updated data from a data sender. Consequently, when the data receiver retrieves the relevant information, the cloud server may return outdated data, leading to security issues in data utilization. To address this problem, we propose a scheme that facilitates efficient verification in untrustworthy cloud environments. Our research approach is to utilize cryptographic accumulators within the oblivious searchable encryption model to achieve efficient verification. The data sender first uses a cryptographic accumulator to calculate the cumulative value of all messages to be uploaded, which are publicly accessible. In addition, the accumulator generates witness values for messages authorized to the data recipient. Before retrieving data, the data receiver can leverage the cryptographic accumulator to verify the timeliness of incoming messages, ensuring that the data is current and free from tampering. Furthermore, the data sender retains the flexibility to dynamically update the data stored in the cloud and efficiently refresh both the encrypted accumulator and its corresponding witness value. This paper presents a rigorous security proof and a comparative experiment was carried out, supported by both analytical evaluations and experimental results, which collectively confirm the practical applicability of the proposed scheme in the context of the Internet of Things (IoT).

Item Type: Article
Uncontrolled Keywords: Internet of Things (IoT), cloud servers, searchable encryption, oblivious keyword search, authentication, cryptographic accumulator, cloud computing, receivers, cryptography
Subjects: Q Science > Q Science (General)
Q Science > QA Mathematics
Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Faculty / School / Research Centre / Research Group: Faculty of Engineering & Science
Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS)
Related URLs:
Last Modified: 30 Apr 2025 10:19
URI: http://gala.gre.ac.uk/id/eprint/50009

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics