Server-Aided Public Key Encryption With Keyword Search

Chen, Rongmao; Mu, Yi; Yang, Guomin; Guo, Fuchun; Huang, Xinyi; Wang, Xiaofen; Wang, Yongjun

doi:10.1109/tifs.2016.2599293

Cited by 151 publications

(49 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Recently, a practical PEKS scheme with resistance against off-line KGA was proposed [15]. The keyword to be encrypted is derived from a key server that is separate from the storage server.…”

Section: Introductionmentioning

confidence: 99%

“…Thus, for long-lived data, the protection provided by secret sharing could be insufficient [20]. Furthermore, the server-aided PEKS [15] is also confronted with online KGA, where the adversarial cloud server is able to impersonate a sender to access the key server such that it obtains enough server-derived keywords to perform off-line KGA.…”

Section: Introductionmentioning

confidence: 99%

“…SEPSE supports key renewal on key servers so as to fight against the key compromise. Compared with existing schemes [15], [21], SEPSE provides a stronger security guarantee.…”

mentioning

confidence: 99%

See 2 more Smart Citations

Blockchain-Assisted Public-Key Encryption with Keyword Search Against Keyword Guessing Attacks for Cloud Storage

Zou

et al. 2021

IEEE Trans. Cloud Comput.

121

View full text Add to dashboard Cite

Cloud storage enables users to outsource data to storage servers and retrieve target data efficiently. Some of the outsourced data are very sensitive and should be prevented for any leakage. Generally, if users conventionally encrypt the data, searching is impeded. Public-key encryption with keyword search (PEKS) resolves this tension. Whereas, it is vulnerable to keyword guessing attacks (KGA), since keywords are low-entropy. In this paper, we present a secure PEKS scheme called SEPSE against KGA, where users encrypt keywords with the aid of dedicated key servers via a threshold and oblivious way. SEPSE supports key renewal to periodically replace an existing key with a new one on each key server to thwart the key compromise. Furthermore, SEPSE can efficiently resist online KGA, where each keyword request made by a user is integrated into a transaction on a public blockchain (e.g., Ethereum), which allows key servers to learn the number of keyword requests made by the user without requiring a synchronization between them for per-user rate limiting. Security analysis and performance evaluation demonstrate that SEPSE provides a stronger security guarantee compared with existing schemes, at the expense of acceptable computational costs.

show abstract

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Blockchain-Assisted Public-Key Encryption with Keyword Search Against Keyword Guessing Attacks for Cloud Storage

Zou

et al. 2021

IEEE Trans. Cloud Comput.

121

View full text Add to dashboard Cite

show abstract

“…By splitting the test algorithm into two parts and having two separate servers execute separately, their solution can prevent inside KGA from malicious servers. In 2016, Chen et al proposed a server‐aided PEKS and gave a general transformation from PEKS to server‐aided PEKS by requiring a blind signature. In their scheme, each PEKS ciphertext and trapdoor requires two extra

{double-struckZ}_{p}^{n}

elements for transmission between the server and the user compared with the traditional PEKS …”

Section: Introductionmentioning

confidence: 99%

Public key encryption with conjunctive keyword search secure against keyword guessing attack from lattices

Mao

Guo

et al. 2018

Trans Emerging Tel Tech

View full text Add to dashboard Cite

Public key encryption With keyword search (PEKS) enables a cloud server (CS) to get the search trapdoor to identify ciphertext containing the target keyword without decrypting the ciphertext or knowing the target keyword. With the advent of mobile cloud computing, PEKS has ushered in an era of new development opportunities and new challenges. In mobile cloud computing environment, the PEKS schemes demand strict bounded timing response and security. However, traditional PEKS schemes rely on heavy bilinear pairing computations, which causes a delay from the CS to the mobile terminal. Moreover, as computing power increases, PEKS is more vulnerable to suffer from an inherent insecurity known as inside keyword guessing attack, which leaks user data query information. To achieve a secure and efficient searchable encryption scheme in the mobile cloud computing environment, we put forward a lattice‐based searchable encryption scheme that supports conjunctive keyword search. Our scheme achieves higher computational efficiency and is resistant against quantum attacks compared with traditional PEKS schemes. To further enhance security and make our scheme secure against keyword guessing attack, we hide the decryption parameters by outsourcing part of the decryption process to a semitrusted third party called unusual keyword server, so that the CS cannot guess the exact keyword by performing consistency verification.

show abstract

“…Since it is posed, PEKS has drawn high attention in the academic circle. A lot of PEKS schemes and variants were proposed. Some works investigated how to securely integrate standard public key encryption (PKE) with PEKS to form a full PKE + PEKS cryptosystem.…”

Section: Introductionmentioning

confidence: 99%

Constructing designated server public key encryption with keyword search schemes withstanding keyword guessing attacks

2018

Int J Communication

View full text Add to dashboard Cite

Designated server public key encryption with keyword search (dPEKS) removes the secure channel requirement in public key encryption with keyword search (PEKS). With the dPEKS mechanism, a user is able to delegate the search tasks on the ciphertexts sent to him/her to a designated storage server without leaking the corresponding plaintexts. However, the current dPEKS framework inherently suffers from the security vulnerability caused by the keyword guessing (KG) attack. How to build the dPEKS schemes withstanding the KG attacks is still an unsolved problem up to now. In this work, we introduce an enhanced dPEKS (edPEKS) framework to remedy the security vulnerability in the current dPEKS framework. The edPEKS framework provides resistance to the KG attack by either the outside attacker or the malicious designated server. We provide a semi-generic edPEKS construction that exploits the existing dPEKS schemes. Our security proofs demonstrate that the derived edPEKS scheme achieves the keyword ciphertext indistinguishability, the keyword ciphertext unforgeability, and the keyword trapdoor indistinguishability if the underlying dPEKS scheme satisfies the keyword ciphertext indistinguishability and the hash Diffie-Hellman problem is intractable. In addition, a concrete edPEKS scheme is presented to show the instantiation of the proposed semi-generic construction.KEYWORDS designated server, keyword guessing attack, malicious designated server, outside attacker, public key encryption with keyword search

show abstract

Server-Aided Public Key Encryption With Keyword Search

Cited by 151 publications

References 17 publications

Blockchain-Assisted Public-Key Encryption with Keyword Search Against Keyword Guessing Attacks for Cloud Storage

Blockchain-Assisted Public-Key Encryption with Keyword Search Against Keyword Guessing Attacks for Cloud Storage

Public key encryption with conjunctive keyword search secure against keyword guessing attack from lattices

Constructing designated server public key encryption with keyword search schemes withstanding keyword guessing attacks

Contact Info

Product

Resources

About