Efficient Group ID-Based Encryption With Equality Test Against Insider Attack

Ling, Yunhao; Ma, Sha; Huang, Qiong; Li, Ximing; Zhong, Yijian; Ling, Yunzhi

doi:10.1093/comjnl/bxaa120

Cited by 14 publications

(5 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Alornyo et al [25] constructed an IBEET from witness-based encryption technology to resist insider attacks, which offered weak indistinguishability under chosen ciphertext attacks in the random oracle model. Ling et al [26] introduced group IBEET, where only the group administrator was able to issue authorization tokens to the tester. Compared with our DS-IBE-AET construction in the dual-server model, these schemes engage only a single cloud server, which cannot resist offline keyword guessing attacks.…”

Section: Related Workmentioning

confidence: 99%

Dual-Server Identity-Based Encryption with Authorized Equality Test for IoT Data in Clouds

Zhao

Ding

2022

Security and Communication Networks

View full text Add to dashboard Cite

The massive amounts of data collected by Internet of things (IoT) devices can be stored in clouds to solve the problem of the low storage capacity of IoT terminals. However, the privacy and security of outsourced IoT data may be compromised on the cloud side. Traditional cryptographic technologies can protect data privacy but require the user to retrieve the data for decryption and further processing, which would bring vast amounts of bandwidth and computation burden to users. This paper proposes a dual-server identity-based encryption scheme supporting authorized ciphertext equality test (DS-IBE-AET), where two noncolluding servers with authorizations from users can collaboratively carry out an equality test on outsourced IoT ciphertexts without decrypting the data. DS-IBE-AET can resist offline keyword guessing attacks confronted by existing encryption schemes with equality test in the single server model. Security analysis demonstrates that the proposed DS-IBE-AET scheme offers unforgeability for private keys of users and servers and confidentiality protection for outsourced IoT data and authentication tokens. The performance analysis indicates the practicality of our DS-IBE-AET construction for securing outsourced IoT data in clouds.

show abstract

Section: Related Workmentioning

confidence: 99%

Dual-Server Identity-Based Encryption with Authorized Equality Test for IoT Data in Clouds

Zhao

Ding

2022

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…To enable equality test on outsourced ciphertexts, many public key encryption schemes [6][7][8] and identity-based encryption schemes [9][10][11][12] have been proposed in the single server model. After the cloud server received the authorization from the user, it is able to perform the equality test on outsourced ciphertexts or some related operations such as encrypted data classification [13,14] based on the equality test, without decryption.…”

Section: Introductionmentioning

confidence: 99%

Public Key Encryption with Authorized Equality Test on Outsourced Ciphertexts for Cloud-Assisted IoT in Dual Server Model

Zhao

Ding

Tang

et al. 2022

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

In cloud computing, the outsourced data face many privacy and security threats. To allow the cloud server to perform comparison, search, and classification on outsourced ciphertexts while simultaneously providing privacy guarantee, the encryption method that supports the ciphertext equality test is considered as a promising way. Users are able to authorize the cloud server to conduct the ciphertext equality test, so that two ciphertexts can be determined whether they encrypt the same message without being decrypted. In this process, users do not need to retrieve, decrypt, and then perform comparison on data; thus, the computing and communication efficiency can be greatly improved, and the privacy of user data can be guaranteed at the cloud server side. However, existing encryption schemes supporting authorized ciphertext equality test in the single server model cannot resist the keyword guessing attacks, and the solutions in the dual server model do not provide simultaneous authorization on two servers. To address these issues, this paper proposes a public key encryption scheme supporting authorized equality test on ciphertexts in the dual server model (PKE-AUT), where the primary server and secondary server must get the authorization from users before performing a sequential equality test on ciphertexts. Security and performance analysis demonstrate that the proposed PKE-AUT scheme not only guarantees the privacy of user data and authorization but also is practical in cloud-assisted IoT-related applications.

show abstract

“…In common PKEET scheme, proxy has to request authorization from a user for executing equality test on ciphertexts encrypted by the user's public key. is authorization mode is referred to in [8] as "user granularity authorization. "…”

Section: Introductionmentioning

confidence: 99%

“…To cope with different application scenarios, the concept "group granularity authorization" has been put forward [8,9]. Under this authorization mode, a normal user can generate group ciphertexts with the permission of group administrator.…”

Section: Introductionmentioning

confidence: 99%

“…Meanwhile, token issued by group administrator can be and only be used to conduct equality test on all group ciphertexts within the same group, thus helping to reduce the computational, storage, and communication overheads caused by token issuance. However, current PKEET definitions are not suitable for group granularity authorization in terms of efficiency [8]. Group public key encryption with equality test (G-PKEET) scheme is firstly proposed by Ling et al [7], which is the first PKEET scheme supporting group granularity authorization.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Group Public Key Encryption with Equality Test under Standard Model

Deng

Qian

2022

Security and Communication Networks

View full text Add to dashboard Cite

Group public key encryption with equality test (G-PKEET) scheme supports group granularity authorization on the equality test. An authorized proxy is able to check whether two ciphertexts belonging to the same group are encrypted from identical plaintext without decrypting them. However, in indistinguishability-based security notion, current existing PKEET and G-PKEET schemes do not allow adversary to invoke equality test as a service. In contrast, under practical circumstance, an adversary is probably able to exploit the equality test service offered by proxy to decipher a ciphertext, leading to unexpected and unwanted privacy leakage. In this paper, we propose a security definition that includes the abovementioned adversary ability. Through extending the functionality of current G-PKEET scheme, we design a concrete scheme that satisfies our new security definition. Furthermore, our G-PKEET scheme is the first G-PKEET scheme whose security properties can be proved under the standard model.

show abstract

Efficient Group ID-Based Encryption With Equality Test Against Insider Attack

Cited by 14 publications

References 22 publications

Dual-Server Identity-Based Encryption with Authorized Equality Test for IoT Data in Clouds

Dual-Server Identity-Based Encryption with Authorized Equality Test for IoT Data in Clouds

Public Key Encryption with Authorized Equality Test on Outsourced Ciphertexts for Cloud-Assisted IoT in Dual Server Model

Group Public Key Encryption with Equality Test under Standard Model

Contact Info

Product

Resources

About