THANK YOU FOR SUBSCRIBING
By apacciooutlook | Friday, February 05, 2016
TOKYO, JAPAN: Mitsubishi Electric announces the development of string-searchable encryption software, which allows partial-match search of encrypted data without decryption in cloud services and access control to ensure optimum information security.
The new software encrypts each character of the registered data and searched keywords. Simultaneously, character position information showing how far the encrypted character is located from the beginning character is embedded into the corresponding ciphertext. The embedded character position can be transposed to match any encrypted text without decryption. In the existing software, character position and other information cannot be embedded in the ciphertext, limiting search results toinflexible exact matches. The new software uses embedded character position information to check if the encrypted keyword exactly matches its corresponding encrypted string of registered data. Character position information helps to facilitate partial-match searches of encrypted data.
The existing searchable encryption platform software which has also been developed by Mitsubishi only has the ability to exact-match search. This software limits the length of registered data and availability of keywords, whereas the new software does not have such restrictions and therefore can be used for many cloud services.
The new software allows access control to prevent unauthorized personnel from performing the searches allowing secure document sharing. The software also prevents inference of keywords because queries for each search-even previously entered keywords-are encrypted into another individual ciphertext.
The encryption technology maintains the cohesion of ciphertexts by preventing them from being separated into individual characters, since computer viruses or malicious administrators can infer characters in registered data and keywords by using "frequent analysis" for each separated character. The new software prevents such misuse to ensure data security as strong as that of the existing software.