Mitsubishi Electric Develops String-searchable Encryption Software

First software to support partial-match searching of encrypted data with access control

PDF Version(PDF:729.6KB)

TOKYO, February 4, 2016 - Mitsubishi Electric Corporation (TOKYO: 6503) announced today it has developed the first string-searchable encryption software that enables both partial-match searching of encrypted data without decryption in cloud services and access control to ensure information security. Compared to the exact-match searches of the company's existing searchable encryption platform software, the new software offers greater functionality to enhance the usability and flexibility of cloud services. Mitsubishi Electric plans to introduce its new software in products in the fiscal year 2018 ending March, 2018.

Mitsubishi Electric Develops String-searchable Encryption Software

The new software encrypts each character of the registered data and searched keywords. Simultaneously, character position information showing how far the encrypted character is located from the beginning character is embedded into the corresponding ciphertext. The embedded character position can be transposed to match any encrypted text without decryption. In the existing software, character position and other information cannot be embedded in the ciphertext, limiting search results to inflexible exact matches. The new software uses embedded character position information to check if the encrypted keyword exactly matches its corresponding encrypted string of registered data. Character position information helps to facilitate partial-match searches of encrypted data.

Whereas the existing software limits the length of registered data and availability of keywords, the new software does not have such restrictions and therefore can be used for many cloud services.

Access control can be set up at the same time as the encrypting process to limit the personnel allowed to perform searches, ensuring high data security in the case of document sharing. The software prevents inference of keywords because queries for each search-even previously entered keywords-are encrypted into another individual ciphertext.

The encryption technology maintains the cohesion of ciphertexts by preventing them from being separated into individual characters, since computer viruses or malicious administrators can infer characters in registered data and keywords by using "frequent analysis" for each separated character. The new software prevents such misuse to ensure data security as strong as that of the existing software.

Cloud services are becoming even more important with the increasing use of IoT devices and personal data, such as medical records. Cloud services that store and utilize sensitive information or personal data are expected to offer a combination of data security and user conveniences including search functionality. In July 2013, Mitsubishi Electric announced its first searchable encryption platform software for keyword searches of encrypted data in cloud services without requiring decryption, backed by encryption key and data encryption management in company domains for protection against information leaks due to computer viruses or malicious administrators in the cloud.

Note that the releases are accurate at the time of publication but may be subject to change without notice.