Towards Forward Secure Searchable Symmetric Encryption Supporting Conjunctive Keyword Search

The primitive of Searchable Symmetric Encryption (SSE) allows a server to perform search directly over encrypted documents. Recently, forward secure SSE (FSSE) has attracted significant attention due to its secure property for document update. That is, it can prevent the server from learning whether the newly updated document contains previously queried keywords. Most of the existing FSSE schemes are designed for single keyword search. For the case of conjunctive keyword search, prior dedicated FSSE constructions either require inefficient tools or suffer from significant leakage (i.e., it leaks the documents matching each queried keywords). To deal with this challenge, we propose a general framework to design efficient conjunctive keyword FSSE schemes without significant leakage: a basic scheme FOXT-B and an enhanced one FOXT-E. Specifically, in our basic scheme, we combine XSet structure in the Oblivious Cross-Tags protocol (CRYPTO 2013) with a single keyword FSSE to support conjunctive keyword search. However, this simple combination is limited to support document update. That is, the user cannot perform search until all the keyword-document pairs in a document have been updated. To support flexible keyword-document update, we design a new XSet for our enhanced scheme, in which the user can perform search at any time. Finally, we present a formal security analysis and implement our schemes on a real-world database, which demonstrates that our proposed schemes can achieve the desired security goals with practical efficiency.