Abstract
A Content Delivery Network (CDN) is a distributed system composed of a large number of nodes that allows users to request objects from nearby nodes. CDN not only reduces the end-to-end latency on the user side but also offloads Content Providers (CPs) providing resilience against Distributed Denial of Service (DDoS) attacks. However, by caching objects and processing users' requests, CDN service providers could infer user preferences and the popularity of objects, thus resulting in information leakage. Unfortunately, such information leakage may result in compromising users' privacy and reveal businessspecific information to untrusted or potentially malicious CDN providers. State-of-the-art Searchable Encryption (SE) schemes can protect the content of sensitive objects but cannot prevent the CDN providers from inferring users' preferences and the popularity of objects.
In this work, we present a privacy-preserving encrypted CDN system not only to hide the content of objects and users' requests, but also to protect users' preferences and the popularity of objects from curious CDN providers. We encrypt the objects and user requests in a way that both the CDNs and CPs can perform the search operations without accessing those objects and requests in cleartext. Our proposed system is based on a scalable key management approach for multi-user access, where no key regeneration and data re-encryption are needed for user revocation.