Public-key authenticated encryption with keyword search achieving both multi-ciphertext and multi-trapdoor indistinguishability

Abstract The notion of Public-key Encryption with Keyword Search (PEKS) was first proposed by Boneh et al. in 2004. However, almost all PEKS schemes cannot resist offline Keyword Guessing Attacks (KGA). To address this issue, Huang and Li introduced the notion of Public-key Authenticated Encryption with Keyword Search (PAEKS) in 2017. Recently, Qin et al. put forward a new security model named Multi-Ciphertext Indistinguishability (MCI), in which an adversary aims to distinguish two tuples of ciphertexts. They found that Huang and Li’s scheme cannot achieve MCI-security, so they proposed a new scheme which is able to achieve MCI-security. Furthermore, Qin et al. refered to another security model named Multi-Trapdoor Indistinguishability (MTI). They stated that the future work direction is to design a scheme which can achieve both MCI-security and MTI-security. In this paper, we present a new PAEKS scheme and prove that it is capable of achieving MCI-security and MTI-security simultaneously with the help of random oracles. Finally, we compare our scheme with Huang and Li’s PAEKS scheme and Qin et al.’s PAEKS scheme using PBC library and provide experimental results. It turns out that our scheme achieves a higher security level with a little more cost.

[1]  Joonsang Baek,et al.  Public Key Encryption with Keyword Search Revisited , 2008, ICCSA.

[2]  Yu-Chi Chen,et al.  SPEKS: Secure Server-Designation Public Key Encryption with Keyword Search against Keyword Guessing Attacks , 2015, Comput. J..

[3]  Chien-Ming Chen,et al.  A provably secure certificateless public key encryption with keyword search , 2019, Journal of the Chinese Institute of Engineers.

[4]  Guomin Yang,et al.  Towards Enhanced Security for Certificateless Public-Key Authenticated Encryption with Keyword Search , 2019, ProvSec.

[5]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[6]  Chengyu Hu,et al.  An Enhanced Searchable Public Key Encryption Scheme with a Designated Tester and Its Extensions , 2012, J. Comput..

[7]  Brent Waters,et al.  Building an Encrypted and Searchable Audit Log , 2004, NDSS.

[8]  Shouhuai Xu,et al.  VABKS: Verifiable attribute-based keyword search over outsourced encrypted data , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[9]  Raphael C.-W. Phan,et al.  Keyword guessing attacks on secure searchable public key encryption schemes with a designated tester , 2013, Int. J. Comput. Math..

[10]  Jian Shen,et al.  Designated-server identity-based authenticated encryption with keyword search for encrypted emails , 2019, Inf. Sci..

[11]  Dong Hoon Lee,et al.  Improved searchable public key encryption with designated tester , 2009, ASIACCS '09.

[12]  Yong Wang,et al.  An efficient certificateless public key encryption scheme with authorized equality test in healthcare environments , 2020, J. Syst. Archit..

[13]  Baodong Qin,et al.  An Efficient Searchable Public-Key Authenticated Encryption for Cloud-Assisted Medical Internet of Things , 2020, Wirel. Commun. Mob. Comput..

[14]  Dong Hoon Lee,et al.  Off-Line Keyword Guessing Attacks on Recent Keyword Search Schemes over Encrypted Data , 2006, Secure Data Management.

[15]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[16]  Cong Wang,et al.  Efficient verifiable fuzzy keyword search over encrypted data in cloud computing , 2013, Comput. Sci. Inf. Syst..

[17]  Aytac Azgin,et al.  CLKS: Certificateless Keyword Search on Encrypted Data , 2015, NSS.

[18]  Wang BingJian,et al.  Security Improvement Against Malicious Server's Attack for a dPEKS Scheme , 2011 .

[19]  Nasrollah Pakniat,et al.  Designated tester certificateless encryption with keyword search , 2019, J. Inf. Secur. Appl..

[20]  Willy Susilo,et al.  Public key encryption with keyword search secure against keyword guessing attacks without random oracle , 2013, Inf. Sci..

[21]  Willy Susilo,et al.  Secure searchable public key encryption scheme against keyword guessing attacks , 2009, IEICE Electron. Express.

[22]  Fagen Li,et al.  An efficient attribute-based online/offline searchable encryption and its application in cloud-based reliable smart grid , 2019, J. Syst. Archit..

[23]  John F. Roddick,et al.  Security Analysis of Rhee et al.'s Public Encryption with Keyword Search Schemes: A Review , 2018, J. Netw. Intell..

[24]  Ziba Eslami,et al.  Public key authenticated encryption with keyword search: revisited , 2019, IET Inf. Secur..

[25]  Brent Waters,et al.  Secure Conjunctive Keyword Search over Encrypted Data , 2004, ACNS.

[26]  Fuchun Guo,et al.  Server-Aided Public Key Encryption With Keyword Search , 2016, IEEE Transactions on Information Forensics and Security.

[27]  Pil Joong Lee,et al.  Public Key Encryption with Conjunctive Keyword Search and Its Extension to a Multi-user System , 2007, Pairing.

[28]  Mihir Bellare,et al.  Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions , 2005, Journal of Cryptology.

[29]  Wei Wang,et al.  Public-Key Encryption with Fuzzy Keyword Search: A Provably Secure Scheme under Keyword Guessing Attack , 2013, IEEE Transactions on Computers.

[30]  Peng Jiang,et al.  Private Keyword-Search for Database Systems Against Insider Attacks , 2017, Journal of Computer Science and Technology.

[31]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[32]  Ximeng Liu,et al.  Public-key authenticated encryption with keyword search revisited: Security model and constructions , 2020, Inf. Sci..

[33]  Qiong Huang,et al.  An efficient public-key searchable encryption scheme secure against inside keyword guessing attacks , 2017, Inf. Sci..

[34]  Sherali Zeadally,et al.  Dual-Server Public-Key Authenticated Encryption with Keyword Search , 2019, IEEE Transactions on Cloud Computing.