In this work, we investigate the problem of secure wildcard search over encrypted data. The setting comprises of three entities, viz. the data owner, the server and the client. The data owner outsources the encrypted data to the server, who obliviously services the clients’ queries. We first analyze efficiency and security of two recent proposals from International Journal of Information Security, called, respectively, the Wei–Reiter (WR) and Hu–Han (HH) protocol. We demonstrate that HH protocol is completely insecure while WR is not scalable for the problem of wildcard search over encrypted data. Our main contribution consists of three protocols, viz. \(\mathsf {\Pi }_{\mathsf {OXT}}\), \(\mathsf {\Pi }_{{\mathsf {BS}}}\) and \(\mathsf {\Pi }_{{\mathsf {OTE}}}\), to support secure wildcard search over encrypted data. Protocols \(\mathsf {\Pi }_{\mathsf {OXT}}\) and \(\mathsf {\Pi }_{{\mathsf {BS}}}\) reduce the problem of secure wildcard search to that of boolean search. The search time in \(\mathsf {\Pi }_{\mathsf {OXT}}\) and \(\mathsf {\Pi }_{{\mathsf {BS}}}\) is sub-linear in the number of keywords. \(\mathsf {\Pi }_{\mathsf {OXT}}\) and \(\mathsf {\Pi }_{{\mathsf {BS}}}\) do not rule out false positives completely, but our experiment results indicate that the false positive rate of both the protocols is very less. Our third protocol \(\mathsf {\Pi }_{{\mathsf {OTE}}}\) utilizes Oblivious Transfer Extension protocols to achieve linear time wildcard search with no false positive. \(\mathsf {\Pi }_{\mathsf {OXT}}\)/\(\mathsf {\Pi }_{{\mathsf {BS}}}\) and \(\mathsf {\Pi }_{{\mathsf {OTE}}}\) can be easily combined to obtain the first construction that addresses the problem of wildcard search in the three-party setting achieving sub-linear search time with no false positives or false negatives. We provide performance analysis based on our prototype implementations to depict the feasibility of our proposed constructions.

在这项工作中，我们研究了对加密数据进行安全通配符搜索的问题。该设置包括三个实体，即。数据所有者，服务器和客户端。数据所有者将加密数据外包给服务器，服务器显然为客户的查询提供服务。我们首先分析《国际信息安全杂志》最近提出的两个建议，即Wei-Reiter（WR）和Hu-Han（HH）协议的效率和安全性。我们证明HH协议是完全不安全的，而WR不能解决对加密数据进行通配符搜索的问题。我们的主要贡献包括三个协议，即。\（\ mathsf {\ Pi} _ {\ mathsf {OXT}} \），\（\ mathsf {\ Pi} _ {{\ mathsf {BS}}} \）和\（\ mathsf {\ Pi} _ { {\ mathsf {OTE}}} \），以支持对加密数据进行安全的通配符搜索。协议\（\ mathsf {\ Pi} _ {\ mathsf {OXT}} \）和\（\ mathsf {\ Pi} _ {{\ mathsf {BS}}} \）减少了安全通配符搜索的问题布尔搜索。在搜索时间\（\ mathsf {\裨} _ {\ mathsf {OXT}} \）和\（\ mathsf {\裨} _ {{\ mathsf {BS}}} \）是在多个子线性关键字。\（\ mathsf {\ Pi} _ {\ mathsf {OXT}} \）和\（\ mathsf {\ Pi} _ {{\ mathsf {BS}}} \）不能完全排除误报，但是我们的实验结果表明，两种方案的误报率都非常低。我们的第三个协议\（\ mathsf {\ Pi} _ {{\ mathsf {OTE}}} \\）利用Oblivious Transfer Extension协议来实现线性时间通配符搜索，而不会出现误报。\（\ mathsf {\ Pi} _ {\ mathsf {OXT}} \\） / \（\ mathsf {\ Pi} _ {{\ mathsf {BS}}} \）和\（\ mathsf {\ Pi} _ { {\ mathsf {OTE}}} \）可以很容易地组合在一起，从而获得第一种结构，该结构解决了三方设置中通配符搜索的问题，实现了亚线性搜索时间，且没有误报或误报。我们基于原型实现提供性能分析，以描述我们提议的结构的可行性。