Implementation of Hardware Primitives for a Highly-Scalable Searchable Symmetric Encryption Protocol
Data storage in external servers is becoming increasingly popular as it benefits database owners. With this trend, security of the stored data also raises a concern. Simple encryption limits the searching capabilities on the encrypted data. The implementation of such highly scalable advanced searchable encryption schemes (protocols) enabling encrypted search while protecting the confidentiality of data and queries have motivated much research efforts. In this work, two primitives used in the Searchable Symmetric Encryption (SSE) protocol namely TSet and Bloom filter core (Prefix Sum) are implemented. A TSet primitive takes an array T and a keyword query as input and recovers the search results by retrieving the same data tuple associated with the queried keyword. The Hardware Design of TSet is divided into two parts: Datapath and Controller. The Datapath is further partitioned into sub-modules which are designed, tested individually, and then integrated into a top level module. The Controller is implemented as a Finite State Machine (FSM) and top-level signals are handled by MicroBlaze soft-core in ZYNC 7000 SoC. A Bloom filter is a data structure that represents a set of elements and predicts the set membership that takes less computation time. One of the lightweight hash components, Prefix Sum is implemented to add the elements to Bloom filter. Most of the modules are parameterized with the least number of changes required to re-scale the design.
Keywords: Hardware Security, TSet, Bloom filter, Prefix Sum