Privacy-Guarding Optimal Route Finding with Support for Semantic Search on Encrypted Graph in Cloud Computing Scenario

The arrival of cloud computing age makes data outsourcing an important and convenient application. More and more individuals and organizations outsource large amounts of graph data to the cloud computing platform (CCP) for the sake of saving cost. As the server on CCP is not completely honest and trustworthy, the outsourcing graph data are usually encrypted before they are sent to CCP. The optimal route finding on graph data is a popular operation which is frequently used in many fields. The optimal route finding with support for semantic search has stronger query capabilities, and a consumer can use similar words of graph vertices as query terms to implement optimal route finding. Due to encrypting the outsourcing graph data before they are sent to CCP, it is not easy for data customers to manipulate and further use the encrypted graph data. In this paper, we present a solution to execute privacy-guarding optimal route finding with support for semantic search on the encrypted graph in the cloud computing scenario (PORF). We designed a scheme by building secure query index to implement optimal route finding with support for semantic search based on searchable encryption idea and stemmer mechanism. We give formal security analysis for our scheme. We also analyze the efficiency of our scheme through the experimental evaluation.


Introduction
With the rapid progress of electronic devices and communication technologies, it promotes the advent of the era of cloud computing that has an important impact and value on all walks of life [1,2]. Cloud computing also speeds up data outsourcing service and makes it an important and convenient application [3,4]. Graph is a structure that is often used in various fields, such as traffic graph [5], social graph [6], and molecular structure graph [7]. Due to the powerful processing capability of cloud computing and the problem of cost saving, the enormous graph data are usually outsourced to the cloud computing platform (CCP) which is responsible for storing, managing, and processing these data. But the server on CCP is not completely honest and trustworthy, the privacy and security issues of the outsourcing graph data need to be considered and handled. Encrypting the outsourcing graph data is an effective and commonly used method before they are outsourced to CCP [8]. However, it is not easy for data customers to manipulate and further use the encrypted outsourcing graph data. Therefore, it is an extremely meaningful work to implement privacy-guarding optimal route finding with support for semantic search on the encrypted graph in the cloud computing scenario.
The optimal route finding on graph is an operation that is frequently used in many fields, and related applications include shortest path query [9], path planning [10], and minimum spanning tree [11]. The optimal route finding with support for semantic search has stronger query capabilities, and a customer can use similar words of graph vertices as query terms to implement optimal route finding. For instance, in a traffic network graph, the graph vertices represent locations, and the weight on the edge represents the route cost between two locations. The optimal path finding is to query for the path with the least cost between two locations. To realize semantic search, the porter stemmer mechanism commonly used in information retrieval [12] is adopted in this paper. The graph vertex set is transformed into a new set by the stemmer mechanism, and the new set is similar to the original set of vertices in semantics. When performing optimal route finding, the new set serves as the source set of query terms. Our work researches optimal route finding over encrypted graph data, and we also take into account cost savings; it is expensive in cost to download all the graph data from the remote server. In view of this, it is of great significance to implement optimal route finding with support for semantic search on encrypted graph. However, it is not an easy job to carry out the optimal route finding in consideration of the security and privacy issues in the cloud computing scenario.
To implement query operations on the remote server in the cloud computing scenario, the idea of searchable encryption is very effective [13][14][15][16][17]. The remote server performs query through encrypted query terms, and the server cannot obtain the privacy information of the query terms and query results. The searchable encryption is a research hotspot in the area of information security, and the research progress in this field has also been advancing. Soon after, some dynamic and extended searchable encryption schemes have emerged [18][19][20][21][22], but the above searchable encryption schemes cannot be used to implement route finding with support for semantic search on encrypted graph. Recently, some researchers have studied and implemented some query schemes on the encrypted graph [23][24][25][26][27]. Chase et al. studied the query problem on the encrypted graph and proposed the structured encryption method [23]. Privacy preserving subgraph query problems were researched in the literatures [24,25]. Shen et al. studied the problem of cloud-based approximate constrained shortest distance queries over encrypted graphs with privacy protection [26]. Ciucanu et al. presented a secure framework for graph outsourcing and SPARQL evaluation in the literature [27]. However, these methods cannot address the problem of optimal route finding with support for semantic search on encrypted graph.
To solve the problem on CCP, we present a solution to execute privacy-guarding optimal route finding with support for semantic search on the encrypted graph in the cloud computing scenario (PORF). In the PORF scheme, the server on CCP implements the privacy-guarding optimal route finding with the help of the index we build. Firstly, we use porter stemmer mechanism to transform the graph vertices into a new set to achieve semantic search. Then, based on the new set, we build the chain tables, and each node of which contains optimal route information. Finally, we build a secure index on the basis of all the chain tables, and the index is stored on the server of CCP, and the server executes optimal route finding by the index and the encrypted query terms. The server cannot learn the privacy contents of the query results and query terms. The security analysis and the experimental evaluation show that our proposed PORF scheme is secure and efficient.
The contributions of our paper are described below.
(1) We present a scheme to address the problem of optimal route finding with support for semantic search on the encrypted graph in the cloud computing scenario (2) We give the formal security analysis of the scheme to ensure the privacy and security of query results and query terms (3) We conduct an experimental analysis to demonstrate the efficiency of our scheme The rest of our paper is organized below. Section 2 presents the related work. Section 3 gives the design and analysis process of our PORF scheme. Section 4 analyzes the security of the PORF scheme. Section 5 demonstrates the PORF scheme through experiment and comparison. Finally, section 6 summarizes our paper.

Related Work
With the rapid development of computer technology and the huge increase of people's demands [28][29][30][31], privacy and security issues have increasingly become an important consideration [32][33][34][35]. In the field of data outsourcing security, searchable encryption plays an important role and can realize the query of outsourcing data without disclosing privacy information [36,37]. Generally speaking, there are two kinds of searchable encryption types: searchable symmetric encryption and searchable asymmetric encryption [16,17]. Usually, the querying of symmetric encryption is more efficient than that of asymmetrical encryption. Thus, we use symmetric encryption idea in our scheme.
Searchable encryption becomes an efficient cryptographic primitive in remote data query which plays an important value in data outsourcing [13][14][15][16]. The concept and idea of searchable symmetric encryption was first presented in the literature [13]. Goh came up with the secure index strategy in which the bloom filter was used to address the search question on outsourced data in the literature [14]. Curtmola et al. put forward the conception of nonadaptive searchable symmetric encryption and adaptive searchable symmetric encryption in the literature [16]. Chang et al. adopted pseudorandom functions to solve the problem of privacy preserving keyword searches on remote encrypted data and solved the update problem [17]. Thereafter, some researchers in the field of security proposed a lot of outspread searchable encryption solutions [18][19][20][21][22]. Wang et al. investigate the problem of secure and efficient similarity search over outsourced cloud data and proposed a new symbol-based trietraverse searching mechanism [18]. The questions of the secure and efficient ranked search over encrypted outsourcing data were studied in the literatures [19,20]. Du et al. presented a dynamic multiclient searchable symmetric encryption scheme supporting Boolean queries which allowed the data owner to authorize multiple users to excute Boolean queries over the encrypted data [21]. Li et al. used the k-nearest neighbor and attribute-based encryption 2 Wireless Communications and Mobile Computing techniques to present a dynamic searchable symmetric encryption scheme and addressed the key sharing problem [22], but all the searchable encryption solutions cannot be used to perform optimal route finding with support for semantic search over encrypted graph data. In recent years, the secure query questions on encrypted graph were studied, and some relative research achievements have been acquired [23][24][25][26][27]. Chase et al. presented the idea of structured encryption and proposed the application of controlled disclosure in the literature [23]. Cao et al. adopted the "filtering-and-verification" principle to study and address the problem of subgraph query on the encrypted graph [24]. Fan et al. proposed a private subgraph query solution for large graphs, and the query subgraph needed to be protected while the data graph did not [25]. Shen et al. proposed a graph encryption scheme to achieve the constrained shortest distance query and presented a tree-based ciphertext comparison protocol [26]. Ciucanu et al. designed and implemented a secure framework to perform the quey with SPARQL evaluation on outsourcing graphs in the literature [27]. However, all the existing solutions of encrytped graph search have not addressed the issue of privacy-guarding optimal route finding with support for semantic search on encrypted graph.
In this paper, we come up with a solution on the strength of searchable encryption idea and porter stemmer mechanism to perform optimal route finding with support for semantic search. We first transform graph vertices into new word set and build the chain tables based on the new set. We next build an index which is sent to the server on CCP, and the server excutes optimal route finding through the index and the encrypted query terms. We finally analyze and evaluate our solution both from security and experiment.

PORF Scheme Construction
3.1. Preliminaries. Goldwasser et al. presented the concepts of semantic security and indistinguishability in the literature [38]. A system is semantically secure if whatever an adversary can compute about the plaintext given the ciphertext, he can also compute without the ciphertext [38]. In this paper, we use the set ðKge, Enc, DecÞ containing three polynomialsize algorithms to represent a semantically secure encryption mechanism [39]. Kge is a secret key generating algorithm. Enc and Dec represent the encryption algorithm and decryption algorithm, respectively.
To implement semantic search in our PORF scheme, we adopt the porter stemmer mechanism in information retrieval [12], but not limited to only this method can achieve. We use V = fv 1 , ⋯, v n g to represent the vertices set of outsourcing graph, and the new word set after transformation through porter stemmer mechanism is represented as A = fa 1 , ⋯, a u g, where |A | ≤|V|. The main notations used in our paper follow in Table 1.

PORF Overview.
In the cloud computing scenario, the architecture about outsourcing query illustrated in Figure 1 is mainly composed of three entities: the server on CCP, the data owner, and data customers. The server provide data owners and customers with storage, management, and query services. To enable the server to implement optimal route finding on the encrypted outsourcing graph, we construct an index and encrypt the query request and then put them on the server. In this work, our main task is to study and achieve optimal route finding with support for semantic search. With respect to the query control and authentication of data customers, we adopt the thought of preexisting searchable encryption such as broadcast encryption [16].
Our PORF scheme can perform optimal route finding with support for semantic search over the encrypted graph on CCP, and the following design targets can be achieved.
The customer can achieve privacy-guarding optimal route finding with support for semantic search by means of the server on CCP (2) Security guarantee. We can give the security guarantee for our scheme through formal analysis, and it The number of optimal routes of graph G xΔy The words x and y are concatenated as a whole c The maximum number of optimal routes about querying vertices in graph G The set of optimal route finding results of query term Q i,j Enc key · ð Þ The symmetric encryption algorithm Dec key · ð Þ The symmetric decryption algorithm 3 Wireless Communications and Mobile Computing prevents the server from getting the privacy of the query results and query terms (3) Efficiency. We can implement our scheme of optimal route finding with less overhead In the PORF scheme design, we make use of index and chain table on the part of data structures. Our work considers the undirected graph as the research object, and the processing operation of directed graph is similar. We adopt the chain tables to store the optimal route information. Query vertices need to be processed and encrypted before being sent to the server, and the index is then built to complete privacyguarding optimal route finding via the server on CCP.
To implement the optimal route finding in the cloud computing scenario, we try to deal with it in three steps. Firstly, we build the chain tables, and each node of the chain tables consists of the vertices and optimal route information which need to be encrypted. Secondly, we are going to build a secure index to randomly store all the nodes of the chain tables. Finally, the query vertices of a customer are delivered to the server after security processing, and the server executes optimal route finding with support for semantic search on CCP with the help of the built index. Consistent with the thought of existing symmetric searchable encryption schemes [16,18,19], we assume that the server on CCP will adopt the adaptive attack model, and the query customers have the mutual request authentication and query control mechanisms with the data owner [16].
3.3. Scheme Design and Implementation. In the PORF scheme, our main work is to build the index and how to implement optimal route finding by means of the index on CCP. The several used algorithms in our scheme are described below.
(i) Genkeys (1 ℓ ): symmetric secret key generation algorithm. The parameter ℓ is taken as the input, and the symmetric secret key k is used as the output (ii) Chaintablebuilding (G, K): building the chain tables of graph vertices to store the contents of optimal route. The graph data G and the symmetric secret key set K serve as inputs, and the outputs are the work set A with similar meanings of graph vertices, the set W of compound terms about work set, and the chain table set F (iii) Indexbuilding (W, F, K, K ′ ): building query index algorithm. The inputs are the set W, chain table set F, and the key sets K and K ′ , and the output is the query index I (iv) Querybuilding (w i , K): building query term algorithm. The inputs include the word w i from the set W and the key set K. The encrypted query term set Q i serves as the output (v) Queryperforming (I , Q i ): implementing optimal route finding on CCP. The index I and the query term set Q i serve as the inputs, and the set of optimal route is the output In our work, we use ℓ to be the security parameter and adopt ðKge, Enc, DecÞ as a secure symmetric encryption scheme in our optimal route finding solution. The building process of our proposed PORF scheme is as follows. Table. To implement the semantic search, we adopt the porter stemmer mechanism to turn graph vertices set V into a new set A = fa 1 , ⋯, a u g, where u ≤ n. We combine two arbitrary inequable words in the set A to form a new compound term, and new term set is denoted as W = fw 1 , w 2 , ⋯, w m g. For every member w i of the set W (0 ≤ i ≤ m), we build its chain table F i , and we use elem to represent the node of the chain table. The creation process of chain tables is described in Algorithm 1. The content of each node in the chain table F i consists of optimal route information, and we write it in terms of the   · c). Therefore, the total time complexity of the algorithm Chaintablebuilding is OðnÞ+O(m · c).

Building Optimal Route Finding Index.
To enable the server to perform optimal route finding in the cloud computing scenario, we propose to implement this by building an index. The process of creating our index is described in Algorithm 2. For each chain table F i (0 ≤ i ≤ m), the contents of each node contain optimal route information, and the number of nodes (that is, the number of optimal routes about the compound term |w i | ) is denoted as |F i | . For 1 ≤ j ≤ |F i | , we generate a tag for the term w i by concatenating w i and j, and the tag is represented as w i Δj. Then, all the tags about the term w i are denoted as a set γ w i = fw i Δ1, ⋯, w i Δ | F i | g. The matching optimal route informaton of each member in the set γ w i is placed in the index. Performing optimal route finding of the term w i is equivalent to seeking for the corresponding members in the index I via all the correlative tags in the set γ w i . To prevent the server on CCP from getting information about the number of optimal routes of each member w i , we need to add the extra elements (We call them the disturbing values) to pad the index such that the number of optimal routes of each member in the set W is the same; that is, it is the maximum number of optimal routes c in the graph G. If |F i | <c, we need to add c − |F i | extra elements.
In the algorithm Indexbuilding of generating the index, we need to calculate the storage location of index members and then assign values to each member of the index. The chain table set F contains m chain tables, and each table has at most c nodes. All of the nodes in the chain table set F are stored in the index I . As a result, the time complexity of the algorithm Indexbuilding is O(m · c).

Performing Optimal Route Finding.
After the index is built, we will consider how to execute optimal route finding through the server on CCP. To accomplish this operation, for the element w i from set W (0 ≤ i ≤ m), we need to build the query term Q i = ðψ i1 , ⋯, ψ ic Þ. More specifically, the query term is created by the symmetric encryption algorithm Enc key ð·Þ, that is Q i = ðψ i1 , ⋯, ψ ic Þ = ðEnc k i ðw i Δ1Þ, ⋯, Enc k i ðw i ΔcÞÞ. When a customer is going to execute optimal route finding about the word w i , the query term Q i is delivered to the server on CCP. With the help of the query term and the index, the server completes the operation of optimal route finding in the cloud computing scenario through Algorithm 3.
In the algorithm Queryperf orming, for the query term Q i (0 ≤ i ≤ m), if I ½ψ ij is not a disturbingvalue (1 ≤ y ≤ c), we will put I ½ψ ij into R Q i . Therefore, the time complexity of the algorithm Queryperf orming is OðcÞ.
In the paper, we propose a solution to solve the problem of privacy-guarding optimal route finding with support for semantic search on the encrypted graph in the cloud computing scenario. By the aid of encrypted query terms and a secure index, the server of CCP executes the privacyguarding optimal route finding and returns the encrypted query results to the query customer. Our scheme satisfies the efficiency and the query security, and the server cannot obtain the privacy information of the query terms and the retrieval results.

Input:
The graph data G, and the symmetric key set K: Output: The chain table set F 1: The set of graph vertices is V = fv 1 , v 2 , ⋯, v n g, and the symmetric key set is K = fk 1 , k 2 , ⋯, k m g 2: for all i ∈ ½1, n do 3: Each member v i in the set V is turned into a new word after conversion via porter stemmer mechanism, and the new word set is represented as A = fa 1 , ⋯, a u g, where u ≤ n 4: end for 5: for all i, j ∈ ½1, u do 6: Two arbitrary inequable words a i and a j in the set A are combined into a new compound term, and all the new terms set is denoted as W = fw 1 , w 2 , ⋯, w m g; and |w i | (1 ≤ i ≤ m) represents the number of optimal route about the compound term w i 7: end for 8: for all i ∈ ½1, m do 9: for all j ∈ ½1,|w i | do 10: w i,j =Enc k i ðoptrvalueÞ; 11: F i → elem j = w i,j ; 12: end for 13: end for 14: F = fF 1 , F 2 , ⋯F m g 15: return F.

Security Analysis
Now, we analyze the security of the PORF scheme. We first give several concepts used in security analysis of our scheme [10].
(i) History: the interaction between the server on CCP and a query customer, containing the graph data G and the set of query terms, expressed as H q = ðG, Q 1 , ⋯, Q q Þ. The partial history is expressed as H t (ii) View: existing the history H q about the key k, a view is defined as V k ðH q Þ = ðEnc k ðGÞ, I , Q 1 , ⋯, Q q Þ. The partial view is V t k ðH q Þ = ðEnc k ðGÞ, I , Q 1 , ⋯, Q t Þ, where t ≤ q (iii) Access Pattern: existing the history H q about the key k, the access pattern is defined as a tuple RðH q Þ = ðR Q 1 , (v) Trace: existing the history H q about the key k, the trace is defined as a tuple T r ðH q Þ = ðjEnc k ðGÞj, RðH q Þ, Q q Þ, where |Enc k ðGÞ | is the overall size of the outsourcing graph, and RðH q Þ and Q q are the access pattern and the search pattern of the history H q , respectively. The trace of partial history is defined as T r ðH t q Þ = ð|Enc k ðGÞ|,RðH t q Þ, The server on CCP will perform optimal route finding through the index and the query term and cannot get the contents of the query results and the query term. In our work, we prove our optimal route finding scheme meets the adaptive semantic security. About the adaptive attack model, the server on CCP can make a choice from the query request on account of the query term and the results about optimal Input:W, F, K, K ′ Output: I 1: The compound terms set is W = fw 1 , w 2 , ⋯, w m g, and the chain table set is F = fF 1 , F 2 , ⋯F m g; The two secret key sets are K = fk 1 , k 2 , ⋯, k m g and K ′ = fk 1 ′, k 2 ′, ⋯, k m ′ g; 2: for all F i ∈ F (0 ≤ i ≤ m) do 3: for all j ∈ ½1, jF i j do 4: loc = Enc k i ′ ðw i ΔjÞ ; / * loc is the location of members in the index * / 5:  Wireless Communications and Mobile Computing route finding of previous queries [10,36]. For the consideration of security analysis, we follow the security idea adopted in the previous schemes [10,36]. According to the security guarantee of our PORF scheme, the server on CCP cannot obtain the additional information apart from the trace, and hence our proposed scheme of optimal route finding is secure. The security theorem of our PORF scheme is stated below.
Theorem 1. Our PORF scheme meets the adaptive semantic security of searchable symmetric encryption idea.
Proof. To prove the security of the PORF scheme, we first describe a polynomial-size simulator ε. For all q ∈ N, in the case of existing the trace T r ðH t q Þ of a partial history, the simulator ε can build a view ðV t q Þ * which is used to simulate the view V t k ðH q Þ of the adversary, and such that ðV t q Þ * and V t k ð H q Þ cannot be distinguished, where k is a symmetrical key and 0 ≤ t ≤ q.
For t = 0, the simulator ε generates the simulative encrypted outsourcing graph with the same size as the real graph through random strings. In the meantime, the simulator ε constructs the index I * through randomly generating strings on the T r ðH 0 q Þ which is also used to simulate the real index I and has the same size as the real index. The index I * will be used to simulate the real index in other partial views ðV t q Þ * , where 1 ≤ t ≤ q. It is very obvious that the simulative encrypted graph is indistinguishable from the real outsourcing graph, and the index I * is indistinguishable from the index I . Otherwise, one can distinguish between the outputs of the semantically secure symmetric encryption and the random strings with the same size. Thus, ðV 0 q Þ * is indistinguishable from V 0 k ðH q Þ. For 1 ≤ t ≤ q, the simulator ε can still use the index I * that was built before. The search pattern matrix Q t about t query terms belongs to the trace T r ðH t q Þ. The simulator ε will generate the query terms ðQ * 1 , ⋯, Q * t Þ that are contained in the view ðV t q Þ * . In the generation of these query terms, the query terms ðQ * 1 , ⋯, Q * t−1 Þ contained in the view ðV t−1 q Þ * may be reused. Or else, the simulator ε will regenerate these query terms from T r ðH t−1 q Þ. To generate Q * t , the simulator ε first needs to determine whether H t−1 q contains Q t through checking whether Q t ½t, j = 1, where 1 ≤ j ≤ t − 1. If H t−1 q cannot contain Q t , the simulator ε utilizes the information of T r ðH t q Þ about R Q t , i.e, R Q t = ðRðw t Δ1Þ, ⋯, Rðw t ΔcÞÞ. The simulator ε selects an address x i at random from the simulative index I * for 1 ≤ i ≤ c, making sure that all addresses are different and generates the query term Q * t = ðx 1 , ⋯, x c Þ. The simulator ε will remember the correlation between Q * t and w t . Otherwise, if H t−1 q contains w t , the simulator ε will retrieve the query contents in connection with w t and assigns it to Q * t . This is to ensure that if H t−1 q contains repeated query terms, then the query contents that are involved in ðV t q Þ * are identical.
It is very obvious that the query terms ðQ * 1 , ⋯, Q * t Þ in ðV t q Þ * are indistinguishable from the query terms ðQ 1 , ⋯, Otherwise, one could distinguish between the outputs of the semantically secure symmetric encryption and the random strings with the same size. Therefore, for 0 ≤ t ≤ q, there is no polynomial-size adversary that could distinguish between ðV t q Þ * and V t k ðH q Þ. Thus, the security theorem of the PORF scheme has been proven.

Experimental Evaluations
In this section, we will carry out experimental analysis of our scheme on the Enron email network graph [40,41] and then give the evaluation results. The content of the experiment is completed through using C language program coding over the server on CCP and the local machine. The server on CCP is configured with the Linux operating system of 6 CPU cores with 3.0 GHz and 16 GB of RAM, and the local machine runs on the Windows 10 operating system equipped with Intel Core 4 CPU of 2.6 GHz. In our experimental analysis and evaluation, the index generation, query term generation, and the decryption of query results are performed on the local machine. The operation of optimal route finding is implemented on the server of CCP.
To verify the efficiency of our scheme in the experimental analysis, we compare our PORF scheme with the optimal route finding scheme in plaintext, which is referred to as MORF. The MORF scheme is similar with the PORF scheme, and the index is constructed in a similar way. But in the MORF scheme, the data and index are not encrypted. Comparing our PORF scheme with the MORF scheme, it is intended to evaluate the time and memory overhead over encrypted graph. For the outsourcing graph of the same number of vertices, the difference of the number of edges can have a certain effect on the experimental analysis. Therefore, for the outsourcing graph used in our experiment, we adopt five graph data sets chose at random and think about two circumstances to compare and evaluate the performances. One circumstance is that the outsourcing graph includes more edges, and the number of edges in the graph sets is, respectively, 7958, 16934, 35819, 73586, and 119823. The other circumstance includes less edges which contains half of the number or so of the first circumstance. In the experimental evaluation, we use PORF1 and MORF1 to denote the experiments containing much more edges, and PORF2 and MORF2 to denote the experiments containing less edges. The comparative analysis of our experiment about these circumstances can assess overhead issues of optimal route finding and validate the efficiency of our PORF scheme.

Index Building.
To perform secure optimal route finding on CCP, we first need to transform the graph vertices to complete the semantic search requirements and generate new word set. The chain tables are then built on top of the new word set to hold the optimal route information, and finally, the index is generated based on all the chain tables through    Wireless Communications and Mobile Computing index generation under MORF1 condition is more than that under MORF2 condition. For the encrypted graph query, we need to encrypt the graph data and build the encrypted index. As a result, the time of index generation is more than that on the plaintext graph. Under PORF condition, we get the security of private data with encryption time cost. After building the encrypted index, the queries on CCP can meet security requirements, and customers' privacy information cannot be compromised. Therefore, it is an effective way to increase index building time costs appropriately, and the process of encryption is done locally. The experimental analysis of the size about index generation is plotted in Figure 3. The abscissa of the figure shows the number of vertices in the graph data, and the ordinate  For outsourcing graphs of the same number of vertices, the more number of edges there are, the larger building size of the index is. Therefore, the index generation size of PORF1 is larger than that of PORF2, and the index generation size of MORF1 is larger than that of MORF2. The proposed PORF scheme can ensure the security of query process with additional storage overhead. The index generation size of PORF is a little larger than that in the plaintext query method, but the difference is not significant.

Performing Query.
In the process of optimal route finding, the server on CCP makes use of the index and query terms to implement the query task by the Queryperf ormin g algorithm, and the experimental analysis includes query time evaluation and decryption time evaluation. The experimental results about query and decryption are, respectively, shown in Figures 4 and 5, where the horizontal axis represents the number of vertices in the graph data, and the vertical axis represents the time of query or decryption. From Figure 4, we can conclude that the time of performing query changes nearly linearly with the rise of vertex count. The query processes under PORF2 and MORF2 conditions, respectively, take less time than that under PORF1 and MORF1 conditions.
After the query is processed, the server on CCP sends the encrypted retrieval results to the query customer that completes the decryption locally. The results of experimental analysis about decryption are plotted in Figure 5. The time of the decryption process in our experiment is related to the decryption mechanism and the size of the query results. We adopt the same decryption mechanism under PORF1 and PORF2 two conditions. The decryption time of PORF1 and PORF2 increases almost linearly with the rise of vertex count. Time consumption of the decryption process under PORF2 condition is less than that under PORF2 condition.
In general, the index building of our PORF scheme is completed on local machine, and the time and size of the index are nearly linear to vertex count of the outsourcing graph. The query process is executed by the server on CCP, and the query time also increases with the increasing of vertex count. Meanwhile, the server on CCP does not get the privacy contents about the retrieval results and query terms. Our PORF scheme implements optimal route finding with support for semantic search on the encrypted graph and satisfies the privacy and efficiency of the query process.

Conclusion
In this paper, we propose a novel solution to address the problem of optimal route finding with support for semantic search, in which we adopt searchable encryption idea and porter stemmer mechanism. We first convert all graph vertices into a new word set by porter stemmer mechanism to satisfy semantic search. Then, we build the chain tables based on the new word set to place optimal route information and build an index based on the chain tables which is used to exe-cute optimal route finding. Secondly, we prove the security of our scheme through formal analysis. Finally, we give experimental analysis and evaluation, and the results show that our scheme has good performance.
For our future work, we intend to build dynamic optimal route finding scheme to meet the needs of dynamic graphs. In addition, our other research direction is to combine encryption graph query with secret key management and update to meet a wider range of query requirements.

Data Availability
All relevant data to support the findings in this study belong to all authors and will be used for our future research. Requests for access to the data should be made to the corresponding author.

Conflicts of Interest
The authors declare that they have no conflicts of interest. Wireless Communications and Mobile Computing