Wildcard search in encrypted text
First Claim
1. A method for wildcard searchable encryption of cloud stored data, comprising:
- receiving, using a hardware processor, a file destined for a cloud storage service;
processing, using the hardware processor, the content of the file to generate a plurality of keyword-wildcard combinations in plaintext for some or all of the keywords in the file;
generating a processed file including the original file content and the keyword-wildcard combinations in plaintext appended to the original file;
encrypting the processed file using an exact match searchable encryption algorithm;
generating a search index stored using the hardware processor and including a mapping of encrypted keywords of the processed file to a document index identifying the file being encrypted, the encrypted keywords of the processed file including encrypted keywords of the original file content and encrypted keyword-wildcard combinations appended to processed file; and
transmitting the encrypted file to the cloud storage service.
11 Assignments
0 Petitions
Accused Products
Abstract
A wildcard searchable encryption method enables wildcard search of encrypted text in a cloud-stored encrypted file. In some embodiments, the wildcard searchable encryption method is implemented in a network intermediary, such as a proxy server. The network intermediary encrypts files on behalf of a user or an enterprise destined to be stored on a cloud storage service. The wildcard searchable encryption method performs keyword pre-processing of the file to be encrypted to generate a set of keyword-wildcard combinations in plaintext for some or all of the keywords in the file. The processed file is encrypted using an exact match searchable encryption algorithm. As a result of the encryption process, a search index is generated to include the keyword-wildcard combinations. As thus configured, the wildcard searchable encryption method enables wildcard search of the encrypted text, such as searches for prefixes or suffixes of the keywords.
-
Citations
16 Claims
-
1. A method for wildcard searchable encryption of cloud stored data, comprising:
-
receiving, using a hardware processor, a file destined for a cloud storage service; processing, using the hardware processor, the content of the file to generate a plurality of keyword-wildcard combinations in plaintext for some or all of the keywords in the file; generating a processed file including the original file content and the keyword-wildcard combinations in plaintext appended to the original file; encrypting the processed file using an exact match searchable encryption algorithm; generating a search index stored using the hardware processor and including a mapping of encrypted keywords of the processed file to a document index identifying the file being encrypted, the encrypted keywords of the processed file including encrypted keywords of the original file content and encrypted keyword-wildcard combinations appended to processed file; and transmitting the encrypted file to the cloud storage service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for wildcard searchable encryption of cloud stored data, comprising:
-
a memory; and a hardware processor coupled to the memory, wherein the hardware processor is configured to receive a file destined for a cloud storage service, to process the content of the file to generate a plurality of keyword-wildcard combinations in plaintext for some or all of the keywords in the file, to generate a processed file including the original file content and the keyword-wildcard combinations in plaintext appended to the original file, to encrypt the processed file using an exact match searchable encryption algorithm, to generate a search index stored in the network intermediary and including a mapping of encrypted keywords of the processed file to a document index identifying the file being encrypted where the encrypted keywords of the processed file include encrypted keywords of the original file content and encrypted keyword-wildcard combinations appended to processed file, and to transmit the encrypted file to the cloud storage service. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification