Secure k-NN as a Service Over Encrypted Data in Multi-User Setting

TL;DR

This paper identifies a security flaw in a recent secure k-NN scheme, proposes an improved solution with enhanced properties including query verification, and demonstrates its effectiveness through security analysis and experiments.

Contribution

The paper reveals a vulnerability in a prior secure k-NN scheme and introduces a new, more secure scheme with additional query verification capabilities.

Findings

Broken query controllability in previous scheme

Proposed scheme satisfies all four original properties plus query check verification

Experimental results show efficiency in real-world scenarios

Abstract

To securely leverage the advantages of Cloud Computing, recently a lot of research has happened in the area of "Secure Query Processing over Encrypted Data". As a concrete use case, many encryption schemes have been proposed for securely processing k Nearest Neighbors (SkNN) over encrypted data in the outsourced setting. Recently Zhu et al[25]. proposed a SkNN solution which claimed to satisfy following four properties: (1)Data Privacy, (2)Key Confidentiality, (3)Query Privacy, and (4)Query Controllability. However, in this paper, we present an attack which breaks the Query Controllability claim of their scheme. Further, we propose a new SkNN solution which satisfies all the four existing properties along with an additional essential property of Query Check Verification. We analyze the security of our proposed scheme and present the detailed experimental results to showcase the efficiency in real world scenario.