781 research outputs found
Affiliated Keyword Search Cognomiate Reviewer and Indite Accredit Envoy Inscription Province for E-Harch Clouds
We present a novel cryptographic primitive named as conjunctive keyword search with assigned analyzer and timing empowered intermediary re-encryption work (Re-dtPECK), which is a sort of a period subordinate SE conspire. It could empower patients to appoint incomplete access rights to others to work search works over their records in a constrained day and age. The length of the day and age for the delegatee to search and decode the delegator's scrambled reports can be controlled. Also, the delegatee could be naturally denied of the entrance and inquiry expert after a predetermined time of compelling time. It can likewise bolster the conjunctive keywords hunt and oppose the keyword speculating assaults. By the arrangement, just the assigned analyzer can test the presence of specific keywords. We define a framework demonstrate and a security display for the proposed Re-dtPECK plan to demonstrate that it is an effective plan demonstrated secure in the standard model
A Novel Asymmetric Searchable Encryption Scheme with Granting search capability
Nowadays, information is known as the main asset of each organization, which causes data generation to be exponentially increasing. Hence, different capacity issues and requirements show up with it, e.g. storage and maintenance of generating data, searching among them, and analyzing them. Cloud computing is one of the common technologies used to meet these requirements. Popularity of this technology is extremely growing as it can be used to handle high amount of data in a cost efficient and highly available (anytime and anywhere) manner. However, there are still extensive security challenges (e.g. data confidentiality) with this technology. Cryptography is one of the main methods used to fulfill privacy preserving of people and organizations. Encryption methods can impressively keep data private, so it is not possible to search among encrypted messages in order to retrieve information, after applying traditional encryption. Searchable encryption can enable searching among encrypted data and overcome this shortage. However, much more research is required to enable whole data searching while proper level of security would be achieved for these systems. In this paper, a technique to perform searching by the third party is introduced. When a number of nodes are interacting and some of them may upload malicious documents, this technique can be useful. Furthermore, document categorization is another application of the referred scheme
Security Analysis of Public Key Searchable Encryption Schemes against Injection Attacks
Cloud computing and cloud storage are among the most efficient technologies for storing and processing metadata. But there are many privacy concerns within this domain. Most of the challenges are coming from trusted or semi trusted cloud servers where some computations must be applied to high confidential data. Data encryption can solve some confidentiality issues on the cloud but it is not easy to provide privacy preserving data processing services such as searching a query over encrypted data. On the other hand implementing searchable encryption algorithms in cloud infrastructure helps providing data confidentiality and privacy preserving data processing and can provide searching capability as well, which is the most important step of selecting a document. First in this article, some injection attacks against searchable public key encryption schemes are described. To be more specific message injection attack and index injection attack are applied against PEKS and PERKS schemes. Afterwards, two new schemes are proposed that are secure against them and are based of dPEKS and SAE-I. Finally, efficiency and security of proposed schemes are analyzed, and some implementation issues were discussed
An Efficient Public-Key Searchable Encryption Scheme Secure against Inside Keyword Guessing Attacks
How to efficiently search over encrypted data is an important and interesting problem in the cloud era. To solve it, Boneh et al. introduced the notion of public key encryption with keyword search
(PEKS), in 2004. However, in almost all the PEKS schemes an inside adversary may recover the keyword from a given trapdoor by exhaustively guessing the keywords offline. How to resist the inside keyword guessing attack in PEKS remains a hard problem. In this paper we propose introduce the notion of Public-key Authenticated Encryption with Keyword Search (PAEKS) to solve the problem, in which the data sender not only encrypts a keyword, but also authenticates it, so that a verifier would be convinced that the encrypted keyword can only be generated by the sender. We propose a concrete and efficient construction of PAEKS, and prove its security based on simple and static assumptions in the random oracle model under the given security models. Experimental results show that our scheme enjoys a comparable efficiency with Boneh et al.\u27s scheme
Recommended from our members
A secure and efficient data sharing and searching scheme in wireless sensor networks
Wireless sensor networks (WSN) generally utilize cloud computing to store and process sensing data in real time, namely, cloud-assisted WSN. However, the cloud-assisted WSN faces new security challenges, particularly outsourced data confidentiality. Data Encryption is a fundamental approach but it limits target data retrieval in massive encrypted data. Public key encryption with keyword search (PEKS) enables a data receiver to retrieve encrypted data containing some specific problem, namely, the keyword guessing attack (KGA). KGA includes off-line KGA and on-line KGA. To date, the existing literature on PEKS cannot simultaneously resist both off-line KGA and on-line KGA performed by an external adversary and an internal adversary. In this work, we propose a secure and efficient data sharing and searching scheme to address the aforementioned problem such that our scheme is secure against both off-line KGA and on-line KGA performed by external and internal adversaries. We would like to stress that our scheme simultaneously achieves document encryption/decryption and keyword search functions. We also prove our scheme achieves keyword security and document security. Furthermore, our scheme is more efficient than previous schemes by eliminating the pairing computation
Generic Construction of Dual-Server Public Key Authenticated Encryption with Keyword Search
Chen et al. (IEEE Transactions on Cloud Computing 2022) introduced dual-server public key authenticated encryption with keyword search (DS-PAEKS), and proposed a DS-PAEKS scheme under the decisional Diffie-Hellman assumption. In this paper, we propose a generic construction of DS-PAEKS from PAEKS, public key encryption, and signatures. By providing a concrete attack, we show that the DS-PAEKS scheme of Chen et al. is vulnerable. That is, the proposed generic construction yields the first DS-PAEKS schemes. Our attack with a slight modification works against the Chen et al. dual-server public key encryption with keyword search (DS-PEKS) scheme (IEEE Transactions on Information Forensics and Security 2016). Moreover, we demonstrate that the Tso et al. generic construction of DS-PEKS from public key encryption (IEEE Access 2020) is also vulnerable. We also analyze other pairing-free PAEKS schemes (Du et al., Wireless Communications and Mobile Computing 2022 and Lu and Li, IEEE Transactions on Mobile Computing 2022). Though we did not find any attack against these schemes, we show that at least their security proofs are wrong
Recommended from our members
Verifiable key-aggregate searchable encryption with a designated server in multi-owner setting
Key-aggregate searchable encryption (KASE) schemes support selective data sharing and keyword-based ciphertext searching by using the constant-size shared key and trapdoor, making these schemes attractive for resource-constrained users to store, share, and search encrypted data in public clouds. However, most previously proposed KASE schemes suffer from our proposed "off-line keyword guessing attack (KGA)" and some other weaknesses. Consequently, they fail to gain the keyword ciphertext indistinguishability and trapdoor indistinguishability, which are vital security goals of searchable encryption. Inspired by the relationship of public key encryption with keyword search (PEKS) and KASE, we design a new KASE scheme called key-aggregate searchable encryption with a designated server (dKASE). The dKASE scheme achieves our proposed keyword ciphertext indistinguishability against chosen keyword attack (KC-IND-CKA) and keyword trapdoor indistinguishability against keyword guessing attack (KT-IND-KGA) security models, where the latter model captures off-line KGA. Then, we extend the dKASE scheme to verifiable dKASE in multi-owner setting (dVKASEM) scheme. With dVKASEM, when multiple data owners authorize a user to access data, the user merely needs to store his single key and generate a single trapdoor to query these owners’ data. Besides, the adoption of the aggregate signature significantly reduces the overhead of verifying whether data has been tampered with. Performance analysis illustrates that our schemes are efficient
Generic Construction of Public-key Authenticated Encryption with Keyword Search Revisited: Stronger Security and Efficient Construction
Public-key encryption with keyword search (PEKS) does not provide trapdoor privacy, i.e., keyword information is leaked through trapdoors. To prevent this information leakage, public key authenticated encryption with keyword search (PAEKS) has been proposed, where a sender\u27s secret key is required for encryption, and a trapdoor is associated with not only a keyword but also the sender. Liu et al. (ASIACCS 2022) proposed a generic construction of PAEKS based on word-independent smooth projective hash functions (SPHFs) and PEKS. In this paper, we propose a new generic construction of PAEKS. The basic construction methodology is the same as that of the Liu et al. construction, where each keyword is converted into an extended keyword using SPHFs, and PEKS is used for extended keywords. Nevertheless, our construction is more efficient than Liu et al.\u27s in the sense that we only use one SPHF, but Liu et al. used two SPHFs. In addition, for consistency we considered a security model that is stronger than Liu et al.\u27s. Briefly, Liu et al. considered only keywords even though a trapdoor is associated with not only a keyword but also a sender. Thus, a trapdoor associated with a sender should not work against ciphertexts generated by the secret key of another sender, even if the same keyword is associated. Our consistency definition considers a multi-sender setting and captures this case. In addition, for indistinguishability against chosen keyword attack (IND-CKA) and indistinguishability against inside keyword guessing attack (IND-IKGA), we use a stronger security model defined by Qin et al. (ProvSec 2021), where an adversary is allowed to query challenge keywords to the encryption and trapdoor oracles. We also highlight several issues associated with the Liu et al. construction in terms of hash functions, e.g., their construction does not satisfy the consistency that they claimed to hold
CPA\u27s guide to the Internet
https://egrove.olemiss.edu/aicpa_guides/1967/thumbnail.jp
- …