CLKS: Certificateless Keyword Search on Encrypted Data

Keyword search on encrypted data enables one to search keyword ciphertexts without compromising keyword security. We further investigate this problem and propose a novel variant, dubbed certificateless keyword search on encrypted data (CLKS). CLKS not only supports keyword search on encrypted data, but also brings promising features due to the certificateless cryptography. In contrast to the certificated-based keyword search, CLKS requires no validation on the trustworthy of the public key before encrypting keywords; in contrast to the identity-based keyword search, CLKS prevents the key issuer (e.g., key generator center) from penetrating any information on keyword ciphertexts by leveraging the capability of accessing all data users’ (partial) private keys. Specifically, we rigorously define the syntax and security definitions for CLKS, and present the construction that is provably secure in the standard model under the Decisional Linear assumption. We implemented the proposed CLKS scheme and evaluated its performance. To the best of our knowledge, this is the first attempt to integrate certificateless cryptography with keyword search on encrypted data.

[1]  Bo Zhu,et al.  PEKSrand: Providing Predicate Privacy in Public-Key Encryption with Keyword Search , 2011, 2011 IEEE International Conference on Communications (ICC).

[2]  Eu-Jin Goh,et al.  Secure Indexes , 2003, IACR Cryptol. ePrint Arch..

[3]  Elaine Shi,et al.  Predicate Privacy in Encryption Systems , 2009, IACR Cryptol. ePrint Arch..

[4]  Cong Wang,et al.  Enabling Secure and Efficient Ranked Keyword Search over Outsourced Cloud Data , 2012, IEEE Transactions on Parallel and Distributed Systems.

[5]  Shouhuai Xu,et al.  VABKS: Verifiable attribute-based keyword search over outsourced encrypted data , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[6]  N. Cao,et al.  Privacy-preserving multi-keyword ranked search over encrypted cloud data , 2011, 2011 Proceedings IEEE INFOCOM.

[7]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[8]  Robert H. Deng,et al.  Private Query on Encrypted Data in Multi-user Settings , 2008, ISPEC.

[9]  Charalampos Papamanthou,et al.  Dynamic searchable symmetric encryption , 2012, IACR Cryptol. ePrint Arch..

[10]  Angelo De Caro,et al.  jPBC: Java pairing based cryptography , 2011, 2011 IEEE Symposium on Computers and Communications (ISCC).

[11]  Xinwen Zhang,et al.  CL-PRE: a certificateless proxy re-encryption scheme for secure data sharing with public cloud , 2012, ASIACCS '12.

[12]  Robert H. Deng,et al.  Authorized Keyword Search on Encrypted Data , 2014, ESORICS.

[13]  Michael Mitzenmacher,et al.  Privacy Preserving Keyword Searches on Remote Encrypted Data , 2005, ACNS.

[14]  Jan Camenisch,et al.  Blind and Anonymous Identity-Based Encryption and Authorised Private Searches on Public Key Encrypted Data , 2009, Public Key Cryptography.

[15]  Hugo Krawczyk,et al.  Outsourced symmetric private information retrieval , 2013, IACR Cryptol. ePrint Arch..

[16]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.

[17]  David A. Schmidt,et al.  Aggregating vulnerability metrics in enterprise networks using attack graphs , 2013, J. Comput. Secur..

[18]  M. Bellare,et al.  Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions , 2008, Journal of Cryptology.

[19]  Yuh-Min Tseng,et al.  Efficient searchable ID-based encryption with a designated server , 2014, Ann. des Télécommunications.

[20]  Mihir Bellare,et al.  Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions , 2005, Journal of Cryptology.

[21]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[22]  Gwoboa Horng,et al.  Certificateless Signatures: Structural Extensions of Security Models and New Provably Secure Schemes , 2013, IACR Cryptol. ePrint Arch..

[23]  Alexander W. Dent A Note On Game-Hopping Proofs , 2006, IACR Cryptol. ePrint Arch..

[24]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[25]  Joonsang Baek,et al.  Certificateless Public Key Encryption Without Pairing , 2005, ISC.

[26]  Joonsang Baek,et al.  Public Key Encryption with Keyword Search Revisited , 2008, ICCSA.

[27]  Yiwei Thomas Hou,et al.  Protecting your right: Attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[28]  Andreas Peter,et al.  Distributed Searchable Symmetric Encryption , 2014, 2014 Twelfth Annual International Conference on Privacy, Security and Trust.

[29]  Kaoru Kurosawa,et al.  UC-Secure Searchable Symmetric Encryption , 2012, Financial Cryptography.

[30]  Xinwen Zhang,et al.  After we knew it: empirical study and modeling of cost-effectiveness of exploiting prevalent known vulnerabilities across IaaS cloud , 2014, AsiaCCS.

[31]  Guang Gong,et al.  Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers , 2012, 2012 IEEE International Conference on Communications (ICC).

[32]  Atul Prakash,et al.  Distilling critical attack graph surface iteratively through minimum-cost SAT solving , 2011, ACSAC '11.

[33]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: improved definitions and efficient constructions , 2006, CCS '06.

[34]  Qiang Tang,et al.  Towards asymmetric searchable encryption with message recovery and flexible search authorization , 2013, ASIA CCS '13.

[35]  Dong Hoon Lee,et al.  Trapdoor security in a searchable public-key encryption scheme with a designated tester , 2010, J. Syst. Softw..

[36]  Chengyu Hu,et al.  An Enhanced Searchable Public Key Encryption Scheme with a Designated Tester and Its Extensions , 2012, J. Comput..