Trinity: A Scalable and Forward-Secure DSSE for Spatio-Temporal Range Query

TL;DR

This paper introduces Trinity, a scalable and forward-secure encrypted data structure for spatio-temporal queries, significantly improving update efficiency, storage, and security in location-based services.

Contribution

It presents a novel filter-based scheme supporting low-cost dynamic updates and a forward secure, verifiable scheme with minimized storage overhead, validated by formal security analysis.

Findings

Reduces storage by 80%

Retrieves 1 million records in 0.01 seconds

Achieves 10x update efficiency compared to existing methods

Abstract

Cloud-based outsourced Location-based services have profound impacts on various aspects of people's lives but bring security concerns. Existing spatio-temporal data secure retrieval schemes have significant shortcomings regarding dynamic updates, either compromising privacy through leakage during updates (forward insecurity) or incurring excessively high update costs that hinder practical application. Under these circumstances, we first propose a basic filter-based spatio-temporal range query scheme \TrinityI that supports low-cost dynamic updates and automatic expansion. Furthermore, to improve security, reduce storage cost, and false positives, we propose a forward secure and verifiable scheme \TrinityII that simultaneously minimizes storage overhead. A formal security analysis proves that \TrinityI and \TrinityII are Indistinguishable under Selective Chosen-Plaintext Attack (IND-SCPA). Finally, extensive experiments demonstrate that our design \TrinityII significantly reduces storage requirements by 80\%, enables data retrieval at the 1 million-record level in just 0.01 seconds, and achieves 10 $\times$ update efficiency than state-of-art.