Pattern Hiding and Authorized Searchable Encryption for Data Sharing in Cloud Storage

Secure cloud storage is a prevalent way to provide data retrieval services, where users' data are encrypted before uploading to the cloud. To effectively perform keyword searches over the encrypted data, the approach of searchable encryption (SE) was introduced. However, the leakage of the keyword-pair result pattern to the cloud could be exploited to reconstruct the queried keywords. To mitigate such information leakages, numerous result pattern-hiding SE systems were proposed but rarely supported data sharing with expressive queries and even owner-enforced authorization. Therefore, we present a result pattern hiding and authorized SE system (AXT) supporting conjunctive queries for cloud-based data sharing. Technically, we construct an authorized label private set intersection protocol from a refined authorized public key encryption with an equality test and then combine it with an introduced asymmetric variant of oblivious cross-tag protocol. Moreover, we introduce the system and security model of AXT along with rigorous security proof. Furthermore, we conduct comparative experiments between state-of-the-art solutions with AXT on HUAWEI Cloud platform under the widely recognized Enron dataset, which reveal that AXT achieves practical performance with retaining authorized data sharing and result pattern hiding, specifically, the time overhead for conjunctive queries with 10 keywords is reduced by 20%.