Towards Enhanced Security for Certificateless Public-Key Authenticated Encryption with Keyword Search

Certificateless Public-key Authenticated Encryption with Keyword Search (CLPAEKS) is derived from the Public-key Authenticated Encryption with Keyword Search (PAEKS) and simultaneously combines the features of the Public Key Cryptography (CLPKC). In a CLPAEKS scheme, the ciphertext is designed to meet the need for both confidentiality and authentication, i.e., on one hand, the ciphertext is the encryption of the keyword; on the other hand, adversaries are incapable of generating a valid ciphertext without the owner’s private key. He et al. formalized security models for CLPAEKS and proposed a CLPAEKS scheme. However, we find their models are incomplete to capture the security requirements for CLPAEKS and re-formalize the security requirements for CLPAEKS in terms of trapdoor privacy and ciphertext indistinguishability. Besides, we point out that their scheme is vulnerable to the Keyword Guessing Attack (KGA) by a malicious receiver, which is not considered in their security model. Then we modify He et al.’s scheme and prove that the new scheme meets the new security requirements