Public-Key Encryption with Delegated Search

In a public key setting, Alice encrypts an email with the public key of Bob, so that only Bob will be able to learn the contents of the email. Consider a scenario where the computer of Alice is infected and unbeknown to Alice it also embeds a malware into the message. Bob's company, Carol, cannot scan his email for malicious content as it is encrypted so the burden is on Bob to do the scan. This is not efficient. We construct a mechanism that enables Bob to provide trapdoors to Carol such that Carol, given an encrypted data and a malware signature, is able to check whether the encrypted data contains the malware signature, without decrypting it. We refer to this mechanism as public-key encryption with delegated search (PKEDS). We formalize PKEDS and give a construction based on ElGamal public-key encryption (PKE). The proposed scheme has ciphertexts which are both searchable and decryptable. This property of the scheme is crucial since an entity can search the entire content of the message, in contrast to existing searchable public-key encryption schemes where the search is done only in the metadata part. We prove in the standard model that the scheme is ciphertext indistinguishable and trapdoor indistinguishable under the Symmetric External Diffie-Hellman (SXDH) assumption. We prove also the ciphertext one-wayness of the scheme under the modified Computational Diffie-Hellman (mCDH) assumption. We show that our PKEDS scheme can be used in different applications such as detecting encrypted malware and forwarding encrypted email.

[1]  Mihir Bellare,et al.  Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions , 2005, Journal of Cryptology.

[2]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[3]  Brent Waters,et al.  Building an Encrypted and Searchable Audit Log , 2004, NDSS.

[4]  Joonsang Baek,et al.  Public Key Encryption with Keyword Search Revisited , 2008, ICCSA.

[5]  Kenneth G. Paterson,et al.  Pairings for Cryptographers , 2008, IACR Cryptol. ePrint Arch..

[6]  Brent Waters,et al.  Anonymous Hierarchical Identity-Based Encryption (Without Random Oracles) , 2006, CRYPTO.

[7]  M. Bellare,et al.  Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions , 2008, Journal of Cryptology.

[8]  Christoph Meinel,et al.  Secure Communication Using Identity Based Encryption , 2010, Communications and Multimedia Security.

[9]  Hideki Imai,et al.  Generic Combination of Public Key Encryption with Keyword Search and Public Key Encryption , 2007, CANS.

[10]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[11]  Joonsang Baek,et al.  On the Integration of Public Key Data Encryption and Public Key Encryption with Keyword Search , 2006, ISC.

[12]  John F. Morar,et al.  CAN CRYPTOGRAPHY PREVENT COMPUTER VIRUSES , 2000 .

[13]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.

[14]  Pascal Paillier,et al.  Decryptable Searchable Encryption , 2007, ProvSec.

[15]  Pil Joong Lee,et al.  Public Key Encryption with Conjunctive Keyword Search and Its Extension to a Multi-user System , 2007, Pairing.

[16]  Matthew Green,et al.  Correlation-Resistant Storage via Keyword-Searchable Encryption , 2005, IACR Cryptol. ePrint Arch..

[17]  Sanjit Chatterjee,et al.  On cryptographic protocols employing asymmetric pairings - The role of Ψ revisited , 2011, Discret. Appl. Math..

[18]  Elaine Shi,et al.  Predicate Privacy in Encryption Systems , 2009, IACR Cryptol. ePrint Arch..

[19]  Dennis Hofheinz,et al.  Searchable encryption with decryption in the standard model , 2008, IACR Cryptol. ePrint Arch..

[20]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.