The Clusion Library

Clusion is an easy to use software library for searchable symmetric encryption (SSE). Its goal is to provide modular implementations of various state-of-the-art SSE schemes. Clusion includes constructions that handle single, disjunctive, conjunctive and (arbitrary) boolean keyword search. All the implemented schemes have sub-linear asymptotic search complexity in the worst-case.

Clusion is provided as-is under the GNU General Public License v3 (GPLv3).

Implementation

Indexing. The indexer takes as input a folder that can contain pdf files, Micorosft files such .doc, .ppt, media files such as pictures and videos as well as raw text files such .html and .txt. The indexing step outputs two lookup tables. The first associates keywords to document filenames while the second associates filenames to keywords. For the indexing, we use Lucene to tokenize the keywords and get rid of noisy words. For this phase, Apache Lucene, PDFBox and POI are required. For our data structures, we use Google Guava.

Cryptographic primitives. All the implementations make use of the Bouncy Castle library. The code is modular and all cryptographic primitives are gathered in the CryptoPrimitives.java file. The file contains AES-CTR, HMAC_SHA256/512, AES-CMAC, key generation based on PBE PKCS1 and random string generation based on SecureRandom. It also contains a synthetic IV AES encryption and AES based authenticated encryption. In addition, it also contains an implementation of the HCB1 online cipher from [BBKN07].

The following SSE schemes are implemented:

Build Instructions

Quick Test

For a quick test, create folder and store some input files, needed jars and test classes are already created

Documentation

Clusion currently does not have any documentation. The best way to learn how to use the library is to read through the source of the test code:

Requirements

Clusion is written in Java.

Below are Dependencies added via Maven (3.3.9 or above) , need not be downloaded manually

Clusion was tested with Java version 1.7.0_75.

References

  1. [CJJJKRS14]: Dynamic Searchable Encryption in Very-Large Databases: Data Structures and Implementation by D. Cash, J. Jaeger, S. Jarecki, C. Jutla, H. Krawczyk, M. Rosu, M. Steiner.

  2. [KM17]: : Boolean Searchable Symmetric Encryption with Worst-Case Sub-Linear Complexity by S. Kamara and T. Moataz.

  3. [Goh03]: Secure Indexes by E. Goh.

  4. [ABLMTY13]: Parallelizable and Authenticated Online Ciphers by E. Andreeva, A. Bogdanov, A. Luykx, B. Mennink, E. Tischhauser, and K. Yasuda. .

  5. [BBKN07]: On-Line Ciphers and the Hash-CBC Constructions by M. Bellare, A. Boldyreva, L. Knudsen and C. Namprempre.

  6. [AKM19]: Breach-Resistant Structured Encryption by G. Amjad, S. Kamara and T. Moataz.