On the Security of a Certificateless Public Key Encryption with Keyword Search

Public key encryption with keyword search (PEKS) is one of searchable encryption mechanisms. It not only provides user to retrieve ciphertext by keyword but also protects the confidentiality of keyword. In the past, many PEKS schemes based on different cryptosystems were proposed. Recently. Zheng et al. proposed a certificateless based PEKS scheme called CLKS. In this paper, we show that Zheng et al.’s CLKS scheme has some security flaw, i.e. their scheme suffered from an off-line keyword guessing attack.

[1]  Aytac Azgin,et al.  CLKS: Certificateless Keyword Search on Encrypted Data , 2015, NSS.

[2]  Rajeev Anand Sahu,et al.  Practical and secure integrated PKE+PEKS with keyword privacy , 2015, 2015 12th International Joint Conference on e-Business and Telecommunications (ICETE).

[3]  V. R. Ghorpade,et al.  Multi-user multi-keyword privacy preserving ranked based search over encrypted cloud data , 2015, 2015 International Conference on Pervasive Computing (ICPC).

[4]  Colin Boyd,et al.  Strongly Secure Certificateless Key Agreement , 2009, Pairing.

[5]  Chengyu Hu,et al.  An Enhanced Searchable Public Key Encryption Scheme with a Designated Tester and Its Extensions , 2012, J. Comput..

[6]  Shoulin Yin,et al.  A New Provable Secure Certificateless Aggregate Signcryption Scheme , 2016, J. Inf. Hiding Multim. Signal Process..

[7]  Wei Wang,et al.  Public-Key Encryption with Fuzzy Keyword Search: A Provably Secure Scheme under Keyword Guessing Attack , 2013, IEEE Transactions on Computers.

[8]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[9]  Kihyun Kim,et al.  Public Key Encryption with Conjunctive Field Keyword Search , 2004, WISA.

[10]  Pil Joong Lee,et al.  Public Key Encryption with Conjunctive Keyword Search and Its Extension to a Multi-user System , 2007, Pairing.

[11]  Jie Cui,et al.  An Improved Identity-Based Multi-Proxy Multi-Signature Scheme , 2016, J. Inf. Hiding Multim. Signal Process..

[12]  Xiangxue Li,et al.  Certificateless signature and proxy signature schemes from bilinear pairings , 2005 .

[13]  Ma Wenping,et al.  An Effective Fuzzy Keyword Search Scheme in Cloud Computing , 2013, 2013 5th International Conference on Intelligent Networking and Collaborative Systems.

[14]  Yuh-Min Tseng,et al.  An ID-Based Mutual Authentication and Key Exchange Protocol for Low-Power Mobile Devices , 2010, Comput. J..

[15]  Chengyu Hu,et al.  Public Key Encryption with Ranked Multi-keyword Search , 2013, 2013 5th International Conference on Intelligent Networking and Collaborative Systems.

[16]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[17]  Peng Changgen,et al.  Certificateless public key encryption with keyword search , 2014, China Communications.

[18]  Wang BingJian,et al.  Security Improvement Against Malicious Server's Attack for a dPEKS Scheme , 2011 .

[19]  Yuh-Min Tseng,et al.  Efficient searchable ID-based encryption with a designated server , 2014, Ann. des Télécommunications.

[20]  Willy Susilo,et al.  Secure searchable public key encryption scheme against keyword guessing attacks , 2009, IEICE Electron. Express.

[21]  Liqun Chen,et al.  Identity-based key agreement protocols from pairings , 2017, International Journal of Information Security.

[22]  Chunhua Su,et al.  Efficient Multi-Function Data Sharing and Searching Mechanism for Cloud-Based Encrypted Data , 2016, AsiaCCS.

[23]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.

[24]  Kenneth G. Paterson,et al.  Certificateless Encryption Schemes Strongly Secure in the Standard Model , 2008, Public Key Cryptography.

[25]  Yi Mu,et al.  On the Security of Certificateless Signature Schemes from Asiacrypt 2003 , 2005, CANS.

[26]  Dong Hoon Lee,et al.  Trapdoor security in a searchable public-key encryption scheme with a designated tester , 2010, J. Syst. Softw..

[27]  Raphael C.-W. Phan,et al.  Keyword guessing attacks on secure searchable public key encryption schemes with a designated tester , 2013, Int. J. Comput. Math..

[28]  Dong Hoon Lee,et al.  Off-Line Keyword Guessing Attacks on Recent Keyword Search Schemes over Encrypted Data , 2006, Secure Data Management.

[29]  Zhen Li,et al.  Multi-user searchable encryption with a designated server , 2017, Annals of Telecommunications.

[30]  Jeng-Shyang Pan,et al.  On the Security of a Certificateless Searchable Public Key Encryption Scheme , 2016, ICGEC.

[31]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[32]  Hua Zhang,et al.  A novel privacy preserving keyword searching for cloud storage , 2013, 2013 Eleventh Annual Conference on Privacy, Security and Trust.

[33]  Li Ling,et al.  General and Efficient Certificateless Public Key Encryption Constructions , 2007, Pairing.

[34]  Spiridon Bakiras,et al.  Privacy-Preserving Ranked Search on Public-Key Encrypted Data , 2013, 2013 IEEE 10th International Conference on High Performance Computing and Communications & 2013 IEEE International Conference on Embedded and Ubiquitous Computing.

[35]  Joonsang Baek,et al.  Public Key Encryption with Keyword Search Revisited , 2008, ICCSA.

[36]  Haiyong Luo,et al.  An RSSI gradient-based AP localization algorithm , 2014, China Communications.