Attribute Based Search in Encrypted Data: ABSE

Searchable encryption enables users to delegate search functionalities to third-parties without giving them the ability to decrypt. Existing schemes assume that the sender knows the identity of the receiver. In this paper we relax this assumption by proposing the first Attribute Based Searchable Encryption Scheme (ABSE). An ABSE is a type of public key encryption with keyword search that allows the user encrypting the data to specify a policy that determines, among the users of the system, who is eligible to decrypt and search the data. Each user of the system owns a set of attributes and the policy is a function of these attributes expressed as a predicate. Only members who own sufficient attributes to satisfy that policy can send the server a valid search query. In our work we introduce the concept of a secure ABSE by defining the functionalities and the relevant security notions such as correctness, chosen keyword attacks, and attribute forgeability attacks. Our definitions are based on provable security formalizations. We further propose a secure construction of an ABSE based on bilinear maps. We illustrate the use of our proposed scheme in a shared storage for medical records.

[1]  Dalia Khader,et al.  Introduction to Attribute Based Searchable Encryption , 2014, Communications and Multimedia Security.

[2]  Melissa Chase,et al.  Multi-authority Attribute Based Encryption , 2007, TCC.

[3]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[4]  Alexander W. Dent,et al.  A Brief History of Provably-Secure Public-Key Encryption , 2008, AFRICACRYPT.

[5]  Dalia Khader,et al.  Public Key Encryption with Keyword Search Based on K-Resilient IBE , 2006, ICCSA.

[6]  Arnold Neumaier,et al.  Introduction to Numerical Analysis , 2001 .

[7]  Huafei Zhu,et al.  A new public key encryption scheme provably secure against adaptive chosen cipher-text attack , 2002, IACR Cryptology ePrint Archive.

[8]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[9]  Kihyun Kim,et al.  Public Key Encryption with Conjunctive Field Keyword Search , 2004, WISA.

[10]  Dan Boneh,et al.  Efficient Selective Identity-Based Encryption Without Random Oracles , 2011, Journal of Cryptology.

[11]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[12]  Bok-Min Goi,et al.  Off-Line Keyword Guessing Attacks on Recent Public Key Encryption with Keyword Search Schemes , 2008, ATC.

[13]  James H. Davenport,et al.  Certificate-Free Attribute Authentication , 2009, IMACC.

[14]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[15]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[16]  Joonsang Baek,et al.  Public Key Encryption with Keyword Search Revisited , 2008, ICCSA.

[17]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.

[18]  Pil Joong Lee,et al.  Public Key Encryption with Conjunctive Keyword Search and Its Extension to a Multi-user System , 2007, Pairing.

[19]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.