Document Type : Research Article
Authors
1 Department of Computer and Data Science, Shahid Beheshti University, Tehran, Iran
2 Information Science Research Center, Iranian Research Institute for Information Science and Technology (IranDoc), Tehran, Iran
Abstract
Public key encryption with keyword search (PEKS) is a cryptographic primitive designed for performing secure search operations over encrypted data stored on untrusted cloud servers. However, in some applications of cloud computing, there is a hierarchical access-privilege setup among users so that upper-level users should be able to monitor data used by lower-level ones in the hierarchy. To support such situations, Wang et al. introduced the notion of hierarchical ID-based searchable encryption. However, Wang et al.'s construction suffers from a serious security problem. To provide a PEKS scheme that securely supports hierarchical structures, Li et al. introduced the notion of hierarchical public key encryption with keyword search (HPEKS). However, Li et al.'s HPEKS scheme is established on traditional public key infrastructure (PKI) which suffers from costly certificate management problem. To address these issues, in this paper, we consider designated-server HPEKS in identity-based setting. We introduce the notion of designated-server hierarchical identity-based searchable encryption (dHIBSE) and provide a formal definition of its security model. We then propose a dHIBSE scheme and prove its security under our model. Finally, we provide performance analysis as well as comparisons with related schemes to show the overall superiority of our dHIBSE scheme.
Keywords
[2] Dan Boneh, Giovanni Di Crescenzo, Rafail Ostrovsky, and Giuseppe Persiano. Public key encryption with keyword search. In International conference on the theory and applications of cryptographic techniques, pages 506–522. Springer, 2004.
[3] Xiaofen Wang, Xiaosong Zhang, and Yi Mu.Hierarchical id-based searchable encryption with constant size ciphertext in cloud. In 2015 IEEE International Conference on Smart City/SocialCom/SustainCom (SmartCity), pages 1024–1031. IEEE, 2015.
[4] Hongbo Li, Qiong Huang, and Willy Susilo. A secure cloud data sharing protocol for enterprise supporting hierarchical keyword search. IEEE Transactions on Dependable and Secure Computing, 2020.
[5] Tong Liu, Yinbin Miao, Kim-Kwang Raymond Choo, Hongwei Li, Ximeng Liu, Xiangdong Meng, and Robert H Deng. Time-controlled hierarchical multi-keyword search over encrypted data in cloud-assisted iot. IEEE Internet of Things Journal, 2021.
[6] Joonsang Baek, Reihaneh Safavi-Naini, and Willy Susilo. Public key encryption with keyword search revisited. In International conference on Computational Science and Its Applications, pages 1249–1259. Springer, 2008.
[7] Jin Wook Byun, Hyun Suk Rhee, Hyun-A Park, and Dong Hoon Lee. Off-line keyword guessing attacks on recent keyword search schemes over encrypted data. In Workshop on Secure Data Management, pages 75–83. Springer, 2006.
[8] Hyun Sook Rhee, Jong Hwan Park, Willy Susilo, and Dong Hoon Lee. Trapdoor security in a searchable public-key encryption scheme with a designated tester. Journal of Systems and Software, 83(5):763–771, 2010.
[9] Yang Lu, Gang Wang, Jiguo Li, and Jian Shen. Efficient designated server identity-based encryption with conjunctive keyword search. Annals of Telecommunications, 72(5):359–370, Jun 2017.
[10] Yousheng Zhou, Han Guo, Feng Wang, and Wenjun Luo. Multi-key searchable encryption with designated server. Intelligent Automation & Soft Computing, 22(2):295–301, 2016.
[11] Zeeshan Pervez, Ammar Ahmad Awan, Asad Masood Khattak, Sungyoung Lee, and Eui-Nam Huh. Privacy-aware searching with oblivious term matching for cloud storage. The Journal of Supercomputing, 63:538–560, 2013.
[12] Hyun Sook Rhee, Jong Hwan Park, and Dong Hoon Lee. Generic construction of designated tester public-key encryption with keyword search. Information Sciences, 205(Supplement C):93 – 109, 2012.
[13] Zhen Li, Minghao Zhao, Han Jiang, and Qiuliang Xu. Multi-user searchable encryption with a designated server. Annals of Telecommunications, 72(9):617–629, 2017.
[14] Yang Lu and Jiguo Li. Constructing designated server public key encryption with keyword search schemes withstanding keyword guessing attacks. International Journal of Communication Systems, 32(3):e3862, 2019.
[15] Michel Abdalla, Mihir Bellare, Dario Catalano, Eike Kiltz, Tadayoshi Kohno, Tanja Lange, John Malone-Lee, Gregory Neven, Pascal Paillier, and Haixia Shi. Searchable encryption revisited: Consistency properties, relation to anonymous ibe, and extensions. In Annual international cryptology conference, pages 205–222. Springer, 2005.
[16] Xiuxia Tian and Yong Wang. Id-based encryption with keyword search scheme from bilinear pairings. In 2008 4th International Conference on Wireless Communications, Networking and Mobile Computing, pages 1–4. IEEE, 2008.
[17] Koji Tomida, Masami Mohri, and Yoshiaki Shiraishi. Keyword searchable encryption with access control from a certain identity-based encryption. In Future Information Technology, pages 113–118. Springer, 2014.
[18] Li Xu, Chi-Yao Weng, Lun-Pin Yuan, Mu-En Wu, Raylin Tso, and Hung-Min Sun. A shareable keyword search over encrypted data in cloud computing. The Journal of Supercomputing, 74:1001–1023, 2018.
[19] Koji Tomida, Hiroshi Doi, Masami Mohri, and Yoshiaki Shiraishi. Ciphertext divided anonymous hibe and its transformation to identity-based encryption with keyword search. Journal of information processing, 23(5):562–569, 2015.
[20] Tsu-Yang Wu, Tung-Tso Tsai, and Yuh-Min Tseng. Efficient searchable id-based encryption with a designated server. annals of telecommunications - annales des t´el´ecommunications, 69(7):391–402, 2014.
[21] Xiao-Fen Wang, Yi Mu, Rongmao Chen, and Xiao-Song Zhang. Secure channel free id-based searchable encryption for peer-to-peer group. Journal of Computer Science and Technology, 31(5):1012–1027, 2016.
[22] Mahnaz Noroozi and Ziba Eslami. Public key authenticated encryption with keyword search: revisited. IET Information Security, 13(4):336–342, 2018.
[23] Dong Zhang, Qing Fan, Hongyi Qiao, and Min Luo. A public-key encryption with multi-keyword search scheme for cloud-based smart grids. In 2021 IEEE Conference on Dependable and Secure Computing (DSC), pages 1–6. IEEE, 2021.
[24] Tolun Tosun and Erkay Sava¸s. Fsds: A practical and fully secure document similarity search over encrypted data with lightweight client. Journal of Information Security and Applications, 59:102830, 2021.
[25] Mimi Ma, Debiao He, Shuqin Fan, and Dengguo Feng. Certificateless searchable public key encryption scheme secure against keyword guessing attacks for smart healthcare. Journal of Information Security and Applications, 50:102429, 2020.
[26] Nasrollah Pakniat, Danial Shiraly, and Ziba Eslami. Certificateless authenticated encryption with keyword search: Enhanced security model and a concrete construction for industrial iot. Journal of Information Security and Applications, 53:102525, 2020.
[27] Sanjeet Kumar Nayak and Somanath Tripathy. Seps: Efficient public-key based secure search over outsourced data. Journal of Information Security and Applications, 61:102932, 2021.
[28] Yu Zhang, Yin Li, and Yifan Wang. Secure and efficient searchable public key encryption for resource constrained environment based on pairings under prime order group. Security and Communication Networks, 2019, 2019.
[29] Ahmad Akmal Aminuddin Mohd Kamal and Keiichi Iwamura. Searchable encryption using secret sharing scheme that realizes direct search of encrypted documents and disjunctive search of multiple keywords. Journal of Information Security and Applications, 59:102824, 2021.
[30] Ming-Fong Tsai and Yi-Hong Wu. User intent prediction search engine system based on query analysis and image recognition technologies. The Journal of Supercomputing, pages 1–33, 2022.
[31] Danial Shiraly, Nasrollah Pakniat, Mahnaz Noroozi, and Ziba Eslami. Pairing-free certificateless authenticated encryption with keyword search. Journal of Systems Architecture, page 102390, 2022.
[32] Yang Lu and Jiguo Li. Efficient searchable public key encryption against keyword guessing attacks for cloud-based emr systems. Cluster Computing, 22(1):285–299, 2019.
[33] Joonsang Baek, Reihaneh Safavi-Naini, and Willy Susilo. On the integration of public key data encryption and public key encryption with keyword search. In International Conference on Information Security, pages 217–232. Springer, 2006.
[34] Yong Ho Hwang and Pil Joong Lee. Public key encryption with conjunctive keyword search and its extension to a multi-user system. In International conference on pairing-based cryptography, pages 2–22. Springer, 2007.
[35] Mimi Ma, Shuqin Fan, and Dengguo Feng. Multi-user certificateless public key encryption with conjunctive keyword search for cloud-based telemedicine. Journal of Information Security and Applications, 55:102652, 2020.
[36] Xueqiao Liu, Kai He, Guomin Yang, Willy Susilo, Joseph Tonien, and Qiong Huang. Broadcast authenticated encryption with keyword search. In Australasian Conference on Information Security and Privacy, pages 193–213. Springer, 2021.
[37] Ximeng Liu, Robert H Deng, Kim-Kwang Raymond Choo, and Jian Weng. An efficient privacypreserving outsourced calculation toolkit with multiple keys. IEEE Transactions on Information Forensics and Security, 11(11):2401–2414, 2016.
[38] Ziba Eslami and Nasrollah Pakniat. Certificateless aggregate signcryption: Security model and a concrete construction secure in the random oracle model. Journal of King Saud University -Computer and Information Sciences, 26(3):276 –286, 2014.
[39] Benoˆıt Libert and Jean-Jacques Quisquater. Identity based undeniable signatures. In Cryptographers’ track at the RSA conference, pages 112–125. Springer, 2004.
[40] Yong Yu, Chunxiang Xu, Xiaosong Zhang, and Yongjian Liao. Designated verifier proxy signature scheme without random oracles. Computers & Mathematics with Applications, 57(8):1352–1364, 2009.
[41] Yang Lu and Jiguo Li. Efficient searchable public key encryption against keyword guessing attacks for cloud-based emr systems. Cluster Computing, 22(1):285–299, 2019.
[42] B Lynn. Pbc library: the pairing-based cryptography library. http://crypto.stanford.edu/pbc/(2013). Accessed 1 April 2014, 2013.
)