Cross-User Leakage Mitigation for Authorized Multi-User Encrypted Data Sharing

Cloud computing has been a research focus in both academic and industrial communities for decades. Along with this trend, Searchable Encryption (SE) technology emerged and developed as data privacy concerns increased. Many schemes are proposed to solve the privacy-preserving data-sharing problem in multi-user scenarios. Most existing solutions are based on the assumption that all users are trusted. However, there will be cross-user leakage when there are malicious or compromised ones. This is because of the inherent linkability of authorization information and the search result when multiple users request data from the same database. To this end, we propose a cross-user leakage mitigation scheme for authorized encrypted data sharing in a two-server model. We utilize a blinding factor to delink authorizations based on Symmetric Multi-Key Searchable Encryption (SMKSE). To break the linkability of query results, we combine the zero-sum garbled Bloom filter with the oblivious transfer technique, where each of the two servers can only know partial information. We devise a group-based Bloom filter structure in indices to improve efficiency. We perform formal security analysis and also demonstrate the efficiency through comparative experiments.