Refrain From Inquiring About My Scalable Storage and Boolean Queries for Secure Cloud

Outsourcing personal data to a convenient and affordable cloud platform has become a popular practice. Considering the risk of privacy leakage, users usually encrypt their data before uploading it to the cloud server. Searchable encryption (SE) allows cloud servers to manage and search data in encrypted form based on user-specified requests. However, coercion attacks are rarely considered, where users may be forced to open search records and results. Therefore, deniable SE solutions against coercion attacks are presented, but they suffer from large storage overhead or fail to consider the dual coercion situation towards both sides of data owners and data users. In this paper, we roughly combine oblivious cross-tags protocol (OXT) and deniable encryption to propose a deniable SE (deniable cross-tag, DXT) scheme, which supports boolean queries and resists dual coercion attacks. Technically, we formalize a new primitive called updatable deniable encryption, and combine it with OXT in a non-trivial manner. In addition, we give formal system model, security model, and security proof of DXT. By employing the HUAWEI cloud platform, we conduct sufficient comparative experiments between DXT and state-of-the-art solutions based on a public dataset. The experimental results demonstrate that DXT outperforms higher search efficiency while achieving better features.