Abstract
Symmetric Searchable Encryption (SSE) is a promising primitive to securely perform keyword queries and to efficiently retrieve associated files from a curious server without sacrificing data privacy. Unfortunately, besides being curious, an untrusted server could also be malicious, which would return incorrect or incomplete results to a client. Since a client does not maintain its entire dataset locally after outsourcing, preventing malicious servers is necessary and challenging. In this paper, we propose a lightweight Verifiable SSE scheme, which can verify the correctness and completeness of keyword search results obtained from SSE against a malicious server. Our scheme not only achieves an asymptotically efficient verification time and communication overhead, but also outperforms previous solutions in practice. Moreover, our scheme can efficiently support updates on verification metadata. We formally define and analyze the security of our scheme, and conduct extensive experiments on massive datasets to demonstrate the efficiency of our scheme.
