Slashdot Mirror

← Back to Stories (view on slashdot.org)

Encrypted But Searchable Online Storage?

Posted by timothy on from the give-some-to-that-lawyer dept.

An anonymous reader asks "Is there a solution for online storage of encrypted data providing encrypted search and similar functions over the encrypted data? Is there an API/software/solution or even some online storage company providing this? I don't like Google understanding all my unencrypted data, but I like that Google can search them when they are unencrypted. So I would like to have both: the online storage provider does not understand my data, but he can still help me with searching in them, and doing other useful stuff. I mean: I send to the remote server encrypted data and later an encrypted query (the server cannot decipher them), and the server sends me back a chunk of my encrypted data stored there — the result of my encrypted query. Or I ask for the directory structure of my encrypted data (somehow stored in my data too — like in a tar archive), and the server sends it back, without knowing that this encrypted chunk is the directory structure. I googled for this and found some papers, however no software and no online service providing this yet." Can anyone point to an available implementation?

5 of 266 comments (clear)

  1. Re:It's not possible even in theory by TheRaven64 · · Score: 5, Interesting

    It is possible. When you upload the data, you also upload an index. When you connect again, you download the index (which is much smaller than the data) and search that on the local machine. Neither the index, nor the data, is ever unencrypted on the server.

    As for frequency analysis, I don't think any encryption algorithms published in the last 40 years have been vulnerable to this sort of attack...

    --
    I am TheRaven on Soylent News
  2. Re:It's not possible even in theory by TheRaven64 · · Score: 5, Informative

    Replying to myself: the scheme in the linked paper is not feasible. It performs O(n) searches, but this means that the amount of data you need to upload for the query is equal to the total amount stored. Since most consumer Internet links are asymmetric, it would be cheaper and easier to simply download the entire data search locally. The paper proposes having a server-side cache. This means that, for a typical block cypher, you would have a cache of every search term encrypted for each block. The server could then compare this to each block, but would not know what the plaintext is. This is not useful in any real-world scenario. The cache would be orders of magnitude bigger than the stored data and the search would sill be O(n), which is painfully slow. As I suggested above, uploading an encrypted index with the data makes more sense. Look at Apache Lucene or Apple's SearchKit for how to do this.

    --
    I am TheRaven on Soylent News
  3. A guy walks into a bar... by skathe · · Score: 5, Insightful

    ...and when the bartender asks him what he would like to drink, the guy says "I want what I always get, but I don't want you to actually pour the drink, just help me search behind the bar for the liquor I want, and the hand it to me without seeing what it actaully is, and charge me correctly without any knowledge of what it is you just helped me find."

  4. Re:huh? by HTH+NE1 · · Score: 5, Funny

    if the server cannot decipher the query it cannot execute it on a binary blob of encrypted data. FAIL.

    Gung jbhyq qrcraq ba ubj gevivny lbhe rapelcgvba zrgubq vf.

    --
    Oh, say does that Star-Spangled Banner entwine / The myrtle of Venus with Bacchus's vine?
  5. Re:It's not possible even in theory by felipekk · · Score: 5, Funny

    Gee guys, isn't this a little bit too much work just to hide your porn?

    Just mark the directory as hidden, your mom will not find it.