数据隐私保护关键词检索技术研究综述与应用分析

doi:10.19788/j.issn.2096-6369.000012

摘要/Abstract

摘要：

在现代信息社会，数据隐私保护成为公众关注的焦点。随着互联网用户对个人信息安全的日益重视，信息检索领域的隐私保护研究变得至关重要。隐私保护关键词检索技术旨在在不泄露用户查询意图的情况下，提供安全、保护隐私的检索服务。尽管现有技术在满足基本需求方面取得了进展，但如何在保持效率的同时减少隐私泄露风险，仍是一个挑战。为此，本文对隐私保护关键词检索技术进行了详细回顾，系统地分析了当前主流技术的原理、优势与不足。研究发现，尽管已有技术能够对用户查询进行加密处理，防止敏感信息直接泄露，但在查询模式、访问模式与返回结果之间，仍存在着潜在的隐私泄露风险。针对这一问题，本文提出了一系列改进方向，以增强隐私保护的效果。此外，当前的隐私保护技术在实际应用中面临诸多挑战，这些挑战涉及技术增强、隐私合规等多个方面。通过对隐私保护关键词检索相关前沿技术的融合与创新，有望为解决这些技术问题提供新的思路和方案，推动隐私保护技术向更高水平发展。本文最后对隐私保护关键词检索技术的未来发展方向和创新应用模式进行了展望。

关键词: 可搜索加密, 隐匿查询, 查询

Abstract:

In the modern information society, data privacy protection has become a focal point of public attention. As internet users increasingly prioritize personal information security, research on privacy protection in the field of information retrieval has become crucial. Privacy-protecting keyword search technology aims to provide secure and private search services without revealing users' query intentions. Although existing technologies have made progress in meeting basic needs, how to reduce the risk of privacy leaks while maintaining efficiency remains a challenge. For this purpose, this paper provides a detailed review of privacy-protecting keyword search technology, systematically analyzing the principles, strengths, and weaknesses of current mainstream technologies. The study finds that although existing technologies can encrypt user queries to prevent direct leakage of sensitive information, there is still a potential risk of privacy leakage between the query pattern, access mode, and returned results. In response to this issue, the paper proposes a series of improvement directions to enhance the effectiveness of privacy protection. Furthermore, current privacy protection technologies face numerous challenges in practical applications, involving aspects such as technological enhancement and privacy compliance. By integrating and innovating cutting-edge technologies related to privacy-protecting keyword search, new ideas and solutions are expected to resolve these technical problems and promote the development of privacy protection technology to a higher level. Finally, the paper provides an outlook on the future development directions and innovative application models of privacy-protecting keyword search technology.

Key words: searchable encryption, private information retrieval, search

杨渝, 王炜, 陈世武. 数据隐私保护关键词检索技术研究综述与应用分析[J]. 农业大数据学报, 2024, 6(2): 185-204.

YANG Yu, WANG Wei, CHEN ShiWu. A Review and Analysis of Keyword Search Technologies for Data Privacy Protection[J]. Journal of Agricultural Big Data, 2024, 6(2): 185-204.

图/表 3

参考文献 69

[1]	Chor B, Gilboa N, Naor M. Private information retrieval by keywords[J]. Journal of Cryptology, 1998, 11(2):193-205. http://eprint.iacr.org/1998/003.
[2]	Kushilevitz E, Ostrovsky R. Replication is not needed: Single database, computationally-private information retrieval[C]. Proceedings 38th annual symposium on foundations of computer science. IEEE, 1997: 364-373. https://doi.org/10.1109/SFCS.1997.646125.
[3]	Ogata W, Kurosawa K. Oblivious keyword search[J]. Journal of complexity, 2004, 20(2-3):356-371. https://doi.org/10.1016/j.jco.2003.08.023.
[4]	Olumofin F, Goldberg I. Revisiting the computational practicality of private information retrieval[C]. International Conference on Financial Cryptography and Data Security, 2011: 158-172. https://doi.org/10.1007/978-3-642-27576-0_13.
[5]	Jarecki S, Jutla C, Krawczyk H, et al. Outsourced symmetric private information retrieval[C]. ACM SIGSAC conference on Computer and communications security, 2013: 875-888. https://doi.org/10.1145/250886.2516730.
[6]	Goh E J. Secure indexes[J]. Cryptology ePrint Archive, 2003. https://eprint.iacr.org/2003/216.
[7]	Waters B R, Balfanz D, Durfee G, et al. Building an encrypted and searchable audit log[C]. NDSS. 2004, 4: 5-6. https://www.researchgate.net/publication/221655531.
[8]	Ostrovsky R, Skeith III W E. Private searching on streaming data[J]. Journal of cryptology, 2007: 397-430. https://doi.org/10.1007/s00145-007-0565-3
[9]	Chang Y C, Mitzenmacher M. Privacy preserving keyword searches on remote encrypted data[C]. International conference on applied cryptography and network security, 2005: 442-455, https://doi.org/10.1007/11496137_30.
[10]	Freedman M J, Ishai Y, Pinkas B, et al. Keyword search and oblivious pseudorandom functions[C]. Theory of Cryptography: Second Theory of Cryptography Conference, 2005: 303-324. ttps://www.semanticscholar.org/paper.
[11]	Abdalla M, Bellare M, Catalano D, et al. Searchable encryption revisited: Consistency properties, relation to anonymous IBE, and extensions[C]. Advances in Cryptology-CRYPTO 2005: 25th Annual International Cryptology Conference, 2005: 205-222. https://doi.org/10.1007/11535218.
[12]	Abdalla M, Bellare M, Catalano D, et al. Searchable encryption revisited: Consistency properties, relation to anonymous IBE, and extensions[J]. Journal of cryptology, 2008, 21:350-391. https://doi.org/10.1007/s00145-007-9006-6.
[13]	Curtmola R, Garay J, Kamara S, et al. Searchable symmetric encryption: improved definitions and efficient constructions[C]. Proceedings of the 13th ACM conference on Computer and communications security, 2006: 79-88, https://doi.org/10.1145/1180405.1180417.
[14]	Boneh D, Waters B. Conjunctive, subset, and range queries on encrypted data[C]. Theory of Cryptography:4th Theory of Cryptography Conference, 2007: 535-554. https://doi.org/10.1007/978-3-540-70936-7_29.
[15]	Boneh D, Kushilevitz E, Ostrovsky R, et al. Public key encryption that allows PIR queries[C]. Advances in Cryptology-CRYPTO 2007: 27th Annual International Cryptology Conference, 2007: 50-67. https://doi.org/10.1007/978-3-540-74143-5_4.
[16]	Bao F, Deng R H, Ding X, et al. Private query on encrypted data in multi-user settings[C]. International Conference on Information Security Practice and Experience, 2008: 71-85. https://doi.org/10.1007/978-3-540-79104-1_6.
[17]	Liu Q, Tan C C, Wu J, et al. Efficient information retrieval for ranked queries in cost-effective cloud environments[C]. 2012 Proceedings IEEE INFOCOM. IEEE, 2012: 2581-2585. https://doi.org/10.1109/INFCOM.2012.6195657.
[18]	Melchor C A, Barrier J, Fousse L, et al. XPIR: Private information retrieval for everyone[J]. Proceedings on Privacy Enhancing Technologies, 2016, :155-174. https://dx.doi.org/10.1515/popets-2016-0010.
[19]	Goldberg I. Improving the robustness of private information retrieval[C]. 2007 IEEE Symposium on Security and Privacy (SP' 07), 2007: 131-148. https://doi.org/10.1109/SP.2007.23.
[20]	Freij-Hollanti R, Gnilke O W, Hollanti C, et al. Private information retrieval from coded databases with colluding servers[J]. SIAM Journal on Applied Algebra and Geometry, 2017, 1(1):647-664, https://doi.org/10.1137/16M1102562.
[21]	Tajeddine R, Gnilke O W, Karpuk D, et al. Private information retrieval from coded storage systems with colluding, Byzantine, and unresponsive servers[J]. IEEE Transactions on information theory, 2019, 65(6):3898-3906. https://doi.org/10.1109/TIT.2018.2890285.
[22]	Chen Z, Wang Z, Jafar S A. The capacity of T-private information retrieval with private side information[J]. IEEE Transactions on Information Theory, 2020, 66(8):4761-4773. https://doi.org/10.1109/TIT.2020.2977919.
[23]	Curtmola R, Garay J, Kamara S, et al. Searchable symmetric encryption: improved definitions and efficient constructions[C]. Proceedings of the 13th ACM conference on Computer and communications security, 2006: 79-88, https://doi.org/10.1145/1180405.1180417.
[24]	Xia Z, Wang X, Zhang L, et al. A privacy-preserving and copy-deterrence content-based image retrieval scheme in cloud computing[J]. IEEE transactions on information forensics and security, 2016, 11(11):2594-2608. https://doi.org/10.1109/TIFS.2016.2590944.
[25]	Golle P, Staddon J, Waters B. Secure conjunctive keyword search over encrypted data[C]. Applied Cryptography and Network Security: Second International Conference, 2004: 31-45. https://doi.org/10.1007/978-3-540-24852-1_3.
[26]	Fu Z, Ren K, Shu J, et al. Enabling personalized search over encrypted outsourced data with efficiency improvement[J]. IEEE transactions on parallel and distributed systems, 2015, 27(9): 2546-2559. https://doi.org/10.1109/TPDS.2015.2506573.
[27]	Cao N, Wang C, Li M, et al. Privacy-preserving multi-keyword ranked search over encrypted cloud data[J]. IEEE Transactions on parallel and distributed systems, 2013, 25(1): 222-233. https://doi.org/10.1109/TPDS.2013.45.
[28]	Xia Z, Wang X, Sun X, et al. A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data[J]. IEEE transactions on parallel and distributed systems, 2015, 27(2): 340-352. https://doi.org/10.1109/TPDS.2015.2401003.
[29]	Chor B, Goldreich O, Kushilevitz E, et al. Private information retrieval[J]. IEEE Annual Symposium on Foundations of Computer Science (FOCS), 1995, : 41-50. https://doi.org/10.1109/SFCS.1995.492461.
[30]	Chor B, Kushilevitz E, Goldreich O, et al. Private information retrieval[J]. Journal of the ACM (JACM), 1998, 45(6): 965-981, https://doi.org/10.1145/293347.293350.
[31]	Gertner Y, Ishai Y, Kushilevitz E, et al. Protecting data privacy in private information retrieval schemes[C]. ACM Symposium on Theory of Computing (STOC), 1998: 151-160, https://doi.org/10.1145/276698.276723.
[32]	Rabin M O. How to exchange secrets with oblivious transfer[J]. Technical Memo TR-81, 1981. https://eprint.iacr.org/2005/187.
[33]	Henzinger A, Hong M M, Corrigan-Gibbs H, et al. One server for the price of two: simple and fast single-server private information retrieval[C]. SEC '23: Proceedings of the 32nd USENIX Conference on Security Symposium, 2023: 3889-3905. https://dl.acm.org/doi/10.5555/3620237.3620455.
[34]	Angel S, Chen H, Laine K, et al. PIR with compressed queries and amortized query processing[C]. 2018 IEEE symposium on security and privacy (SP). IEEE, 2018: 962-979. https://doi.org/10.1109/SP.2018.00062.
[35]	SealPIR: A computational PIR library that achieves low communication costs and high performance, 2020. https://.github.com/microsoft/SealPIR.
[36]	Song D X, Wagner D, Perrig A. Practical techniques for searches on encrypted data[C]. Proceeding 2000 IEEE symposium on security and privacy, 2000: 44-55. https://doi.org/10.1109/SECPRI.2000.848445.
[37]	Boneh D, Di Crescenzo G, Ostrovsky R, et al. Public key encryption with keyword search[C]. Advances in Cryptology-EUROCRYPT, 2004: 506-522. https://doi.org/10.1007/978-3-540-24676-3_30.
[38]	Shamir A. Identity-based cryptosystems and signature schemes[C]. Advances in Cryptology, 1985: 47-53. https://doi.org/10.1007/3-540-39568-7_5.
[39]	Boneh D, Franklin M. Identity-based encryption from the Weil pairing[C]. Advances in Cryptology, 2001: 213-229. https://doi.org/10.1007/3-540-44647-8_13.
[40]	Abdalla M, Bellare M, Catalano D, et al. Searchable encryption revisited: Consistency properties, relation to anonymous IBE, and extensions[C]. Advances in Cryptology, 2005: 205-222. https://doi.org/10.1007/11535218_13.
[41]	Abdalla M, Bellare M, Catalano D, et al. Searchable encryption revisited: consistency properties, relation to anonymous IBE, and extensions[J]. Journal of cryptology, 2008, 21: 350-391. https://doi.org/10.1007/s00145-007-9006-6.
[42]	Bellare M, Boldyreva A, O’Neill A. Deterministic and efficiently searchable encryption[C]. Advances in Cryptology, 2007: 535-552. https://doi.org/10.1007/978-3-540-74143-5_30.
[43]	Katz J, Sahai A, Waters B. Predicate encryption supporting disjunctions, polynomial equations, and inner products[C]. Advances in Cryptology, 2008: 146-162. https://doi.org/10.1007/978-3-540-78967-3_9.
[44]	Cash D, Jarecki S, Jutla C, et al. Highly-scalable searchable symmetric encryption with support for boolean queries[C]. Advances in Cryptology, 2013: 353-373. https://doi.org/10.1007/978-3-642-40041-4_20.
[45]	Cash D, Jaeger J, Jarecki S, et al. Dynamic searchable encryption in very-large databases: Data structures and implementation[J]. Cryptology ePrint Archive, 2014. https://doi.org/10.14722/ndss.2014.23264.
[46]	Fuller B, Mitchell D, Cunningham R, et al. Security and privacy assurance research (SPAR) pilot final report[R]. Technical report, MIT Lincoln Laboratory Lexington United States, 2015. https://archive.org/details/DTIC_AD1045281.
[47]	Pappas V, Krell F, Vo B, et al. Blind seer: a scalable private DBMS[C]. Symposium on Security and Privacy. IEEE, 2014: 359-374. https://doi.org/10.1109/SP.2014.30.
[48]	Patranabis S, Mukhopadhyay D. Forward and backward private conjunctive searchable symmetric encryption[C]. 28th Annual Network and Distributed System Security Symposium, 2021. https://doi.org/10.3929/ethz-b-000447960.
[49]	Shang Z, Oya S, Peter A, et al. Obfuscated access and search patterns in searchable encryption[C]. 28th Annual Network and Distributed System Security Symposium, 2021. https://doi.org/10.48550/arXiv.2102.09651.
[50]	Ostrovsky R. Efficient computation on oblivious RAMs[C]. ACM Symposium on Theory of Computing, 1990: 514-523. https://doi.org/10.1145/100216.100289.
[51]	Ostrovsky R, Skeith III W E. A survey of single-database private information retrieval: Techniques and applications[C]. International Workshop on Public Key Cryptography, 2007: 393-411. https://doi.org/10.1007/978-3-540-71677-8_26.
[52]	Devet C, Goldberg I, Heninger N. Optimally robust private information retrieval[C]. Security'12: Proceedings of the 21st USENIX Conference on Security Symposium, 2012: 269-283. https://dl.acm.org/doi/10.5555/2362793.2362806.
[53]	Kadhe S, Garcia B, Heidarzadeh A, et al. Private information retrieval with side information[J]. IEEE Transactions on Information Theory, 2019, 66(4): 2032-2043. https://doi.org/10.1109/TIT.2019.2948845.
[54]	Yang P, Xiong N, Ren J. Data security and privacy protection for cloud storage: A survey[J]. IEEE Access, 2020, 8: 131723-131740. https://doi.org/10.1109/ACCESS.2020.3009876.
[55]	Li J, Wang Q, Wang C, et al. Fuzzy keyword search over encrypted data in cloud computing[C]. 2010 Proceedings IEEE INFOCOM. IEEE, 2010: 1-5. https://doi.org/10.1109/INFCOM.2010.5462196.
[56]	Kays D M. Reasons to friend electronic discovery law[J]. Franchise Law Journal, 2012:35-40.
[57]	Gkoulalas-Divanis A, Vatsalan D, Karapiperis D, et al. Modern privacy-preserving record linkage techniques: An overview[J]. IEEE Transactions on Information Forensics and Security, 2021, 16: 4966-4987. https://doi.org/10.1109/TIFS.2021.3114026.
[58]	Erlingsson ú, Pihur V, Korolova A. Rappor: Randomized aggregatable privacy-preserving ordinal response[C]. ACM Conference on Computer and Communications Security (CCS), 2014: 1054-1067, https://doi.org/10.1145/2660267.2660348.
[59]	张小青, 张舒黎, 雷术梅, 等. 私有信息检索技术分析对比研究[J]. 通信技术, 2023, 56(2): 198-206.
[60]	Sengupta J, Shreedhar T, Nguyen D, et al. Through the Lens of Google CrUX: Dissecting web browsing experience across devices and countries[J]. Computer Science, 2023. https://doi.org/10.48550/arXiv.2308.06409.
[61]	Geradin D, Katsifis D. Competition in ad tech: A response to Google[J]. TILEC Discussion Paper, 2020. https://dx.doi.org/10.2139/ssrn.3617839.
[62]	Servan-Schreiber S, Hogan K, Devadas S. AdVeil: A private targeted advertising ecosystem[J]. Cryptology ePrint Archive, 2021. https://eprint.iacr.org/2021/1032.
[63]	Sun H, Jafar S A. The capacity of private information retrieval[J]. IEEE Transactions on Information Theory, 2017, 63(7): 4075-4088. https://doi.org/10.1109/TIT.2017.2689028.
[64]	Lai S, Patranabis S, Sakzad A, et al. Result pattern hiding searchable encryption for conjunctive queries[C]. ACM Conference on Computer and Communications Security (CCS). 2018: 745-762. https://doi.org/10.1145/3243734.3243753.
[65]	Yang Y, Dong X, Cao Z, et al. IXT: Improved searchable encryption for multi-word queries based on PSI[J]. Frontiers of Computer Science, 2023, 17(5): 175811. https://doi.org/10.1007/s11704-022-2236-9.
[66]	Garg S, Mohassel P, Papamanthou C. TWORAM: efficient oblivious RAM in two rounds with applications to searchable encryption[C]. Annual International Cryptology Conference, 2016: 563-592. https://doi.org/10.1007/978-3-662-53015-3_20.
[67]	Zhang R, Xue R, Liu L. Searchable encryption for healthcare clouds: A survey[J]. IEEE Transactions on Services Computing, 2017, 11(6): 978-996. https://doi.org/10.1109/TSC.2017.2762296.
[68]	Li H, Yang Y, Dai Y, et al. Achieving secure and efficient dynamic searchable symmetric encryption over medical cloud data[J]. IEEE Transactions on Cloud Computing, 2017, 8(2): 484-494. https://doi.org/10.1109/TCC.2017.2769645.
[69]	Florea I M, Ciocîrlan Ş D, Dura I. Practical analysis of searchable encryption strategies for financial architecture[C]. 2020 19th RoEduNet Conference:Networking in Education and Research (RoEduNet). IEEE, 2020: 1-6. https://doi.org/10.1109/RoEduNet51892.2020.9324881.

安全模型	PKS技术体系	效率	参考方案
IND-CKA	SE PKS	高效，适用于大多数常见的应用场景	[6,9]
ID-CCA	SE PKS	高效，适用于数据隐私和身份验证领域	[5456]
单服务器模型	PIR PKS	高效，适用于简单的数据检索场景	[4,10,334,5251]
多服务器模型	PIR PKS	较高效，适用于需要高度安全性的多服务器环境	[4,20,19,5432-545]
信息论安全模型	PIR PKS	相对低效，适用于对信息论安全性要求很高的场景	[3,19-21,29,5234-5456]
计算安全模型	PIR PKS	较低效，适用于对计算安全性有较高要求的场景	[1,31,410-423]
选择模型	PIR PKS	不适用于当前研究，可能是未来的研究方向	无