PENCARIAN DATA TERENKRIPSI MENGGUNAKAN SKEMA PUBLIC-KEY ENCRYPTION WITH KEYWORD SEARCH

Bagi sebuah perusahaan data merupakan hal yang sangat penting. Suatu kebijakan atau keputusan perusahaan sering kali didasarkan pada data-data. Banyak proses yang dapat dilakukan untuk memelihara data, salahsatunya adalah menyimpannya pada clouds. Namun, penyimpanan data pada clouds akan membuka celah ancaman keamanan. Salahsatu ancaman paling besar adalah ancaman pihak-pihak yang memiliki akses secara langsung terhadap server dan server itu sendiri, dimana pemilik data tidak menginginkan pihak-pihak tersebut mendapat informasi tentang data yang disimpannya. Untuk meminimalisir ancaman tersebut, peningkatan keamanan pada data dapat dilakukan dengan memanfaatkan kriptografi. Pada penelitian ini, peneliti menerapkan skema Public-Key Encryption with Keyword Search (PEKS) untuk mendukung proses pencarian data terenkripsi. Dimana masing-masing data yang akan disimpan pada clouds memiliki keyword-keyword yang bersesuaian. Kemudian data-data beserta keyword-nya tersebut akan dienkripsi terlebih dahulu sebelum disimpan pada clouds. Pada penelitian ini, algoritma enkripsi yang digunakan adalah algoritma RC4 dan RSA. Dari 5 data percobaan yang berbeda, penelitian ini menghasilkan bahwa penyerang yang mengakses secara langsung baik itu terhadap data file maupun database tidak mendapatkan informasi yang berarti.; For an enterprise data is very important things. A company's policies or decisions are often based on the data. Many of the processes that can be done to preserve the data, one of them is to keep it in the clouds. However, the data storage on the clouds will open the gap a security threat. One of the main greatest threat is the threat of those who have direct access to the server and the server itself, where the data owner does not want attackers can get information about the data. To minimize these threats, enhanced security on the data can be done by using cryptography. In this study, researchers applied the scheme Public-Key Encryption with Keyword Search (PEKS) to support the search encrypted data. Where each data to be stored in the clouds have corresponding keywords. Then the data along with the keyword it will be encrypted before it is stored in the clouds. In this study, the encryption algorithm used is RC4 and RSA. From 5 different datas, this study resulted in that the attackers direct access to both the data files and databases do not get meaningful information

A new trapdoorindistinguishable public key encryption with keyword search

Abstract The public key encryption with keyword search (PEKS) provides a way for users to search data which are encrypted under the users' public key on a storage system. However, the original schemes are based on the unrealistic assumption of a secure channel between the receiver and the server. Baek et al. [1] first proposed a secure channel-free public key encryption with keyword search (SCF-PEKS) to remove the assumption. However, Rhee et al

Public Key Encryption with Keyword Search based on K-Resilient IBE

Abstract. An encrypted email is sent from Bob to Alice. A gateway wants to check whether a certain keyword exists in an email or not for some reason (e.g. routing). Nevertheless Alice does not want the email to be decrypted by anyone except her including the gateway itself. This is a scenario where public key encryption with keyword search (PEKS) is needed. In this paper we construct a new scheme (KR-PEKS) the KResilient Public Key Encryption with Keyword Search. The new scheme is secure under a chosen keyword attack without the random oracle. The ability of constructing a Public Key Encryption with Keyword Search from an Identity Based Encryption was used in the construction of the KR-PEKS. The security of the new scheme was proved by showing that the used IBE has a notion of key privacy. The scheme was then modified in two different ways in order to fulfill each of the following: the first modification was done to enable multiple keyword search and the other was done to remove the need of secure channels

Public Key Encryption with Keyword Search from Lattices in Multiuser Environments

A public key encryption scheme with keyword search capabilities is proposed using lattices for applications in multiuser environments. The proposed scheme enables a cloud server to check if any given encrypted data contains certain keywords specified by multiple users, but the server would not have knowledge of the keywords specified by the users or the contents of the encrypted data, which provides data privacy as well as privacy for user queries in multiuser environments. It can be proven secure under the standard learning with errors assumption in the random oracle model

Public key encryption with keyword search secure against keyword guessing attacks without random oracle

The notion of public key encryption with keyword search (PEKS) was put forth by Boneh et al. to enable a server to search from a collection of encrypted emails given a “trapdoor” (i.e., an encrypted keyword) provided by the receiver. The nice property in this scheme allows the server to search for a keyword, given the trapdoor. Hence, the verifier can merely use an untrusted server, which makes this notion very practical. Following Boneh et al.’s work, there have been subsequent works that have been proposed to enhance this notion. Two important notions include the so-called keyword guessing attack and secure channel free, proposed by Byun et al. and Baek et al., respectively. The former realizes the fact that in practice, the space of the keywords used is very limited, while the latter considers the removal of secure channel between the receiver and the server to make PEKS practical. Unfortunately, the existing construction of PEKS secure against keyword guessing attack is only secure under the random oracle model, which does not reflect its security in the real world. Furthermore, there is no complete definition that captures secure channel free PEKS schemes that are secure against chosen keyword attack, chosen ciphertext attack, and against keyword guessing attacks, even though these notions seem to be the most practical application of PEKS primitives. In this paper, we make the following contributions. First, we define the strongest model of PEKS which is secure channel free and secure against chosen keyword attack, chosen ciphertext attack, and keyword guessing attack. In particular, we present two important security notions namely IND-SCF-CKCA and IND-KGA. The former is to capture an inside adversary, while the latter is to capture an outside adversary. Intuitively, it should be clear that IND-SCF-CKCA captures a more stringent attack compared to IND-KGA. Second, we present a secure channel free PEKS scheme secure without random oracle under the well known assumptions, namely DLP, DBDH, SXDH and truncated q-ABDHE assumption. Our contributions fill the gap in the literature and hence, making the notion of PEK

Investigating the Spatial Complexity of Various PKE-PEKS Schematics

With the advent of cloud storage, people upload all sorts of information to third party servers. However, uploading plaintext does not seem like a good idea for users who wish to keep their data private. Current solutions to this problem in literature involves integrating Public Key Encryption and Public key encryption with keyword search techniques. The intent of this paper is to analyze the spatial complexities of various PKE-PEKS schemes at various levels of security and discuss potential avenues for improvement

Revisit the Concept of PEKS: Problems and a Possible Solution

Since Boneh et al. propose the concept, non-interactive\ud Public-key Encryption with Keyword Search (PEKS) has attracted lots of attention from cryptographers. Non-interactive PEKS enables a third party to test whether or not a tag, generated by the message sender, and a trapdoor, generated by the receiver, contain the same keyword without revealing further information. In this paper we investigate a non-interactive PEKS application proposed by Boneh et al. and show our observations, especially that privacy is\ud not protected against a curious server. We propose the notion of interactive PEKS, which, in contrast to non-interactive PEKS, requires the tag to be generated interactively by the message sender and the receiver. For this new primitive, we identify two types of adversaries, namely a curious user and a curious server, and provide\ud security formulations for the desirable properties. We propose a construction for interactive PEKS and prove its security in the proposed security model

Searchable Encryption with randomized ciphertext and randomized keyword search

The notion of public key encryption with keyword search (PEKS) was introduced to efficiently search over encrypted data. In this paper, we propose a PEKS scheme in which both the encrypted keyword and the trapdoor are randomized, so that the cloud server is not able to recognize identical queries. Our scheme is CI-secure in the single-user setting and TI-secure in the multi-user setting with multi-trapdoor

R-PEKS: RBAC Enabled PEKS for Secure Access of Cloud Data

In the recent past, few works have been done by combining attribute-based access control with multi-user PEKS, i.e., public key encryption with keyword search. Such attribute enabled searchable encryption is most suitable for applications where the changing of privileges is done once in a while. However, to date, no efficient and secure scheme is available in the literature that is suitable for these applications where changing privileges are done frequently. In this paper our contributions are twofold. Firstly, we propose a new PEKS scheme for string search, which, unlike the previous constructions, is free from bi-linear mapping and is efficient by 97% compared to PEKS for string search proposed by Ray et.al in TrustCom 2017. Secondly, we introduce role based access control (RBAC) to multi-user PEKS, where an arbitrary group of users can search and access the encrypted files depending upon roles. We termed this integrated scheme as R-PEKS. The efficiency of R-PEKS over the PEKS scheme is up to 90%. We provide formal security proofs for the different components of R-PEKS and validate these schemes using a commercial dataset

Public-Key Encryption with Delegated Search

In public-key setting, Alice encrypts email with public key of Bob, so that only Bob will be able to learn contents of email. Consider scenario when computer of Alice is infected and unbeknown to Alice it also embeds malware into message. Bob's company, Carol, cannot scan his email for malicious content as it is encrypted so burden is on Bob to do scan. This is not efficient. We construct mechanism that enables Bob to provide trapdoors to Carol such that Carol, given encrypted data and malware signature, is able to check whether encrypted data contains malware signature, without decrypting it. We refer to this mechanism as Public-Key Encryption with Delegated Search SPKE.\ud \ud We formalize SPKE and give construction based on ElGamal public-key encryption (PKE). proposed scheme has ciphertexts which are both searchable and decryptable. This property of scheme is crucial since entity can search entire content of message, in contrast to existing searchable public-key encryption schemes where search is done only in metadata part. We prove in standard model that scheme is ciphertext indistinguishable and trapdoor indistinguishable under Symmetric External Diffie-Hellman (sxdh) assumption. We prove also ciphertext one-wayness of scheme under modified Computational Diffie-Hellman (mcdh) assumption. We show that our PKEDS scheme can be used in different applications such as detecting encrypted malwares and forwarding encrypted emails