Public key encryption with keyword search secure against keyword guessing attacks without random oracle

The notion of public key encryption with keyword search (PEKS) was put forth by Boneh et al. to enable a server to search from a collection of encrypted emails given a “trapdoor” (i.e., an encrypted keyword) provided by the receiver. The nice property in this scheme allows the server to search for a keyword, given the trapdoor. Hence, the verifier can merely use an untrusted server, which makes this notion very practical. Following Boneh et al.’s work, there have been subsequent works that have been proposed to enhance this notion. Two important notions include the so-called keyword guessing attack and secure channel free, proposed by Byun et al. and Baek et al., respectively. The former realizes the fact that in practice, the space of the keywords used is very limited, while the latter considers the removal of secure channel between the receiver and the server to make PEKS practical. Unfortunately, the existing construction of PEKS secure against keyword guessing attack is only secure under the random oracle model, which does not reflect its security in the real world. Furthermore, there is no complete definition that captures secure channel free PEKS schemes that are secure against chosen keyword attack, chosen ciphertext attack, and against keyword guessing attacks, even though these notions seem to be the most practical application of PEKS primitives. In this paper, we make the following contributions. First, we define the strongest model of PEKS which is secure channel free and secure against chosen keyword attack, chosen ciphertext attack, and keyword guessing attack. In particular, we present two important security notions namely IND-SCF-CKCA and IND-KGA. The former is to capture an inside adversary, while the latter is to capture an outside adversary. Intuitively, it should be clear that IND-SCF-CKCA captures a more stringent attack compared to IND-KGA. Second, we present a secure channel free PEKS scheme secure without random oracle under the well known assumptions, namely DLP, DBDH, SXDH and truncated q-ABDHE assumption. Our contributions fill the gap in the literature and hence, making the notion of PEK

Generic Construction of Public-key Authenticated Encryption with Keyword Search Revisited: Stronger Security and Efficient Construction

Public-key encryption with keyword search (PEKS) does not provide trapdoor privacy, i.e., keyword information is leaked through trapdoors. To prevent this information leakage, public key authenticated encryption with keyword search (PAEKS) has been proposed, where a sender\u27s secret key is required for encryption, and a trapdoor is associated with not only a keyword but also the sender. Liu et al. (ASIACCS 2022) proposed a generic construction of PAEKS based on word-independent smooth projective hash functions (SPHFs) and PEKS. In this paper, we propose a new generic construction of PAEKS. The basic construction methodology is the same as that of the Liu et al. construction, where each keyword is converted into an extended keyword using SPHFs, and PEKS is used for extended keywords. Nevertheless, our construction is more efficient than Liu et al.\u27s in the sense that we only use one SPHF, but Liu et al. used two SPHFs. In addition, for consistency we considered a security model that is stronger than Liu et al.\u27s. Briefly, Liu et al. considered only keywords even though a trapdoor is associated with not only a keyword but also a sender. Thus, a trapdoor associated with a sender should not work against ciphertexts generated by the secret key of another sender, even if the same keyword is associated. Our consistency definition considers a multi-sender setting and captures this case. In addition, for indistinguishability against chosen keyword attack (IND-CKA) and indistinguishability against inside keyword guessing attack (IND-IKGA), we use a stronger security model defined by Qin et al. (ProvSec 2021), where an adversary is allowed to query challenge keywords to the encryption and trapdoor oracles. We also highlight several issues associated with the Liu et al. construction in terms of hash functions, e.g., their construction does not satisfy the consistency that they claimed to hold

INTEGRATED KEY SEARCH WITH SELECTED SUPPORTER AND TEMPORAL ARRANGEMENT ACTIVATED CONCEAL RE-FORMATION UTILITY FOR ON-LINE HEALTH RECORDS

A digital health record technique is one application which will bring great convenience in healthcare. Within this paper, we introduce one cryptographic primitive named as conjunctive keyword search with designated tester and timing enabled proxy re-file file encryption function, which is a type of sometime-dependent SE plan. We design one searchable file encryption plan supporting secure conjunctive keyword search and approved delegation function. The searchable file encryption (SE) plan may well be a technology to include security protection and favorable operability functions together, that may play a huge role within the e-health record system. As opposed to existing schemes, the task is able to do timing enabled proxy re-file file encryption with effective delegation revocation. The security and privacy within the sensitive private information would be the major concerns within the users that could hinder further development and broadly adoption within the systems. It might enable patients to delegate partial access legal rights along with other individuals to function search functions over their records in the while period. How big time-frame for your delegate to look and decrypt the delegator’s encrypted documents may be controlled. The comparison and extensive simulations show it provides a small computation and storage overhead. We formulate a method model along with a security model for your suggested Re-dtPECK plan to exhibit it's competent plan proven secure within the standard model. The experimental results and security analysis indicate our plan holds much greater security compared to existing solutions by having an acceptable overhead for cloud applications

Efficient and expressive keyword search over encrypted data in the cloud

National Research Foundation (NRF) Singapor

A NOVEL KEYWORD SEARCH WITH ELECTED TESTER AND TIMING ENABLED ALTERNATE RE-ENCRYPTION FUNCTION FOR ONLINE HEALTH CLOUDS

An computerized well-being (e-health) list process is really a unique utilization that would produce glorious assistance in contemporary healthcare. Striking separateness furthermore surveillance referring to melodramatic tense claimed intelligence is a startling major business in reference to melodramatic users, that could block similarly progress as well as widespread approbation related to suspenseful wiring. Suspenseful searchable encryption (SE) action is really an applied science down to consolidate bond stability moreover suitable operability functions fit, that could game a necessary appearance swank spectacular e-health performance rule. Own this report, individually include a peculiar cryptographic primeval favored as long as undivided secret sign scan including titled transitional as a consequence determine enabled backup re-encryption to execute (re-dtpeck), which is actually a kind consisting of a time-dependent se game plan. It may sanction use up to accredit minded get right of entry to due nesses becoming preference until keep go through functions overmuch their annals now poor ages. the delegate could be automatically deprived of the access and search authority after a specified period of effective time. It can also support the conjunctive keywords search and resist the keyword guessing attacks. By the solution, only the designated tester is able to test the existence of certain keywords. We formulate a system model and a security model for the proposed Re-dtPECK scheme to show that it is an efficient scheme proved secure in the standard model. The comparison and extensive simulations demonstrate that it has a low computation and storage overhead

PUBLIC-KEY ENCRYPTION WITH KEY PURSUE SURE DISTRACT STORAGE IN DOUBLE SERVER

A predominant segment of our planning for dual-hostess community key file encryption with abraxas explore stretch projective hash role, an idea created by Cramer and Soup. During this report, we must have added vital goods of civilized projective hash roles. We initiate two games, i.e. semantic-insurance counter to selected secret sign hurt also in detect ingenuity vs abraxas reckoning raid1 to grab the security of PEKS ciphers text and postern door, proportionately. In discomfit of body eliminate classified key sharing, PEKS schemes are suffering by a simple vulnerability relating to the postern door secret sign concealment, specifically interior Keyword Guessing Attack. Regrettably, it archaic incorporated the typical PEKS scheme is struggle with an all-instinctive instability admitted as innards abraxas reckoning raid put in motion adopting the vengeful waitress. To knob this confidence understrength, we recommend a thoroughly new PEKS groundwork opted dual-assistant PEKS. You need show a systematic system of sure DS-PEKS from LH-SPHF. Our plan is transcendent potent when it comes to PEKS reckoning. For the impetus that our plan doesn't incorporate pairing estimation. Particularly, already stated plan necessitates abstract calculation cost by reason 2 pairing calculation per PEKS generation

Authorized keyword search over outsourced encrypted data in cloud environment

For better data availability and accessibility while ensuring data secrecy, end-users often tend to outsource their data to the cloud servers in an encrypted form. However, this brings a major challenge to perform the search for some keywords over encrypted content without disclosing any information to unintended entities. This paper proposes a novel expressive authorized keyword search scheme relying on the concept of ciphertext-policy attribute-based encryption. The originality of the proposed scheme is multifold. First, it supports the generic and convenient multi-owner and multi-user scenario, where the encrypted data are outsourced by several data owners and searchable by multiple users. Second, the formal security analysis proves that the proposed scheme is semantically secure against chosen keyword and outsider's keyword guessing attacks. Third, an interactive protocol is introduced which avoids the need of any secure channels between users and service provider. Fourth, due to the concept of bilinear-map accumulator, the system can efficiently revoke users and/or their attributes, and authenticate them prior to launching any expensive search operations. Fifth, conjunctive keyword search is provided thus enabling to search for multiple keywords simultaneously, with minimal cost. Sixth, the performance analysis shows that the proposed scheme outperforms closely-related works

VMKDO: Verifiable multi-keyword search over encrypted cloud data for dynamic data-owner

Date online: 15 August 2016</p