Rongmao Chen,Yi Mu,Guomin Yang,Fuchun Guo,Xiaofen Wang

DOI: https://doi.org/10.1007/978-3-319-19962-7_4

2015-01-01

Abstract:Public Key Encryption with Keyword Search (PEKS), introduced by Boneh et al. in Eurocrypt' 04, allows users to search encrypted documents on an untrusted server without revealing any information. This notion is very useful in many applications and has attracted a lot of attention by the cryptographic research community. However, one limitation of all the existing PEKS schemes is that they cannot resist the Keyword Guessing Attack (KGA) launched by a malicious server. In this paper, we propose a new PEKS framework named Dual-Server Public Key Encryption with Keyword Search (DS-PEKS). This new framework can withstand all the attacks, including the KGA from the two untrusted servers, as long as they do not collude. We then present a generic construction of DS-PEKS using a new variant of the Smooth Projective Hash Functions (SPHFs), which is of independent interest.

Peng Jiang,Yi Mu,Fuchun Guo,Qiaoyan Wen

DOI: https://doi.org/10.1007/978-3-319-40367-0_11

2016-01-01

Abstract:Public key encryption with keyword search (PEKS) provides an elegant mechanism for a user to identify the specific encrypted data. PEKS protects data against disclosure while making it searchable. In this paper, we propose a new cryptographic primitive called public key encryption with authorized keyword search (PEAKS). In PEAKS, keywords are encrypted with one public key and users without corresponding secret key need authorization from the authority to search keywords. We present a concrete PEAKS construction which allows the authority to authorize users to search different keyword sets. The proposed scheme features with the constant-size authorized token, independent of the size of keyword set size, which cuts down bandwidth consumption considerably. This property makes our PEAKS quite useful when the authorized token needs to be frequently updated with time for security purpose. The semantical security against chosen keyword attack and trapdoor unforgeability are formally proved.

Guiquan Yang,Sha Ma,Hongbo Li,Husheng Yang,Qiong Huang

DOI: https://doi.org/10.1007/978-981-97-0942-7_15

2024-01-01

Abstract:To efficiently and securely search encrypted files in cloud storage, Boneh et al. proposed the notion of Public Key Encryption with Keyword Search(PEKS) in 2004. However, original PEKS is susceptible to internal keyword guessing attacks(KGA) launched by server due to the limited keyword space. To resist this attack, Huang and Li introduced the notion of Public Key Authenticated Encryption with Keyword Search (PAEKS), which effectively resists KGA from server by additional authentication between the sender and receiver before encryption. Since both the sender and receiver can generate a common authentication key, a curious sender can use the authentication key to launch KGA, resulting in easily guessing keyword from a given trapdoor. To address this issue, we propose an improved security model for PAEKS that captures both offline KGA and online KGA launched by the curious sender. Then, we present a concrete Stronger Security Public Key Authenticated Encryption with Multi-keyword Search (S-PAEMKS) scheme, which not only supports multi-keyword search but also successfully counters KGA from curious senders. Finally, the experimental results show that our scheme achieves remarkable efficiency in the encryption phase and comparable efficiency in the trapdoor and testing phases.

Qiong Huang,Peisen Huang,Hongbo Li,Jianye Huang,Hongyuan Lin

DOI: https://doi.org/10.1016/j.sysarc.2023.102839

IF: 5.836

2023-01-01

Journal of Systems Architecture

Abstract:To realize ciphertext retrieval without decryption in the public key settings, Boneh et al. in 2004 proposed a cryptographic primitive named Public-key Encryption with Keyword Search (PEKS) and proposed the first PEKS scheme. Following Boneh et al.’s work, various PEKS schemes were proposed; however, most schemes are vulnerable to inside keyword guessing attacks (IKGA). Huang and Li proposed a new primitive named Public-key Authenticated Encryption with Keyword Search (PAEKS) in 2017, which resists the IKGA in the setting of only one test server. Their main idea to resist IKGA is to require the data sender to authenticate the ciphertext while encrypting a keyword. However, in the era of big data, as the number of encrypted files increases, huge storage overhead and heavy retrieval costs become problems in PAEKS. In this paper, we proposed a new PAEKS scheme that costs low storage space and supports fast search. We introduced the ciphertext deduplication into PAEKS to reduce storage space and leveraged the inverted index to accelerate the retrieval process. We simulated the proposed scheme and several related schemes with a desktop computer. The experiment results show that our proposed scheme is of lower storage overhead and higher retrieval efficiency compared with related schemes.

Rongmao Chen,Yi Mu,Guomin Yang,Fuchun Guo,Xiaofen Wang

DOI: https://doi.org/10.1109/tifs.2015.2510822

IF: 7.231

2015-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Searchable encryption is of increasing interest for protecting the data privacy in secure searchable cloud storage. In this paper, we investigate the security of a well-known cryptographic primitive, namely, public key encryption with keyword search (PEKS) which is very useful in many applications of cloud storage. Unfortunately, it has been shown that the traditional PEKS framework suffers from an inherent insecurity called inside keyword guessing attack (KGA) launched by the malicious server. To address this security vulnerability, we propose a new PEKS framework named dual-server PEKS (DS-PEKS). As another main contribution, we define a new variant of the smooth projective hash functions (SPHFs) referred to as linear and homomorphic SPHF (LH-SPHF). We then show a generic construction of secure DS-PEKS from LH-SPHF. To illustrate the feasibility of our new framework, we provide an efficient instantiation of the general framework from a Decision Diffie-Hellman-based LH-SPHF and show that it can achieve the strong security against inside the KGA.

Nyamsuren Vaanchig,Zhi Guang Qin

DOI: https://doi.org/10.3934/mbe.2019193

2019-05-05

Abstract:Public Key Encryption with Keyword Search (PEKS) is a desirable technique to provide searchable functionality over encrypted data in public key settings, which allows a user to delegate a third party server to perform the search operation on encrypted data by means of keyword search trapdoor without learning about the data. However, the existing PEKS schemes cannot be directly applied to practice due to keyword guessing attack or the absence of a mechanism to limit the lifetime of a trapdoor. By addressing these issues at the same time, this paper presents a Public Key Encryption Scheme with Temporary and Fuzzy Keyword Search (PETFKS) by using a fuzzy function and an encryption tree. The proposed PETFKS scheme is proven adaptively secure concerning keyword confidentiality and backward and forward secrecy in the random oracle model under the Bilinear Di e-Hellman assumption. Moreover, it is also proven selectively secure with regard to the resistance of keyword guessing attack. Furthermore, the security and e ciency analyses of the proposed scheme are provided by comparing to the related works. The analyses indicate that the proposed scheme makes a threefold contribution to the practical application of public key encryption with keyword search, namely o ering secure search operation, limiting the lifetime of a trapdoor and enabling secure time-dependent data retrieval.

Lixue Sun,Chunxiang Xu,Mingwu Zhang,Kefei Chen,Hongwei Li

DOI: https://doi.org/10.1007/s11432-017-9124-0

2017-01-01

Science China Information Sciences

Abstract:Public key encryption with keyword search (PEKS) enables one to search encrypted data containing some keyword without decrypting the data in public key setting.Boneh et al.[1] introduced the notion of PEKS,but later Byun et al.[2] showed the scheme in [1] is vulnerable to the outsider/insider kcyword guessing attacks (KGA).Many previous PEKS studies have tackled the problem of keyword privacy against outsider KGA,while how to ensure keyword privacy against insider KGA launched by an untrusted cloud sever receives little attention.Moreover,the majority of PEKS schemes assume that the cloud server is honest-but-curious.In other researches,the server will honestly execute the search protocol and only attempt to infer sensitive information about the users.However,it is not always the case in the real world.The cloud server may be malicious,which may not honestly perform the search operation.

Qiong Huang,Hongbo Li

DOI: https://doi.org/10.1016/j.ins.2017.03.038

IF: 8.1

2017-01-01

Information Sciences

Abstract:How to efficiently search over encrypted data is an important and interesting problem in the cloud era. To solve it, Boneh et al. introduced the notion of public key encryption with keyword search (PEKS), in 2004. However, in almost all the PEKS schemes an inside adversary may recover the keyword from a given trapdoor by exhaustively guessing the keywords offline. How to resist the inside keyword guessing attack in PEKS remains a hard problem. In this paper we propose introduce the notion of Public-key Authenticated Encryption with Keyword Search (PAEKS) to solve the problem, in which the data sender not only encrypts a keyword, but also authenticates it, so that a verifier would be convinced that the encrypted keyword can only be generated by the sender. We propose a concrete and efficient construction of PAEKS, and prove its security based on simple and static assumptions in the random oracle model under the given security models. Experimental results show that our scheme enjoys a comparable efficiency with Boneh et al.’s scheme.

Kaibin Huang,Raylin Tso

DOI: https://doi.org/10.1109/ivsw.2017.8031542

2017-07-01

Abstract:In public key encryption with keyword search (PEKS) framework, see Figure 1(a), the cloud server stores index $l_{w}$ and verifies the equivalence whether w=w' or not on receiving a keyword search request through a trapdoor $T_{w'}$. Aside from the traditional secrecy concerns over index, a new threat called inner keyword guessing attack which addressed the secrecy of trapdoors against off-line brute force attacks, was indicated by Chen et al. First, the index $I_{w}$ is publicly computable; second, the domain of keywords is not big enough to resist brute force attacks; and third, the cloud server can verify the equivalence between keywords of index and trapdoors by itself. As a curious server, on input a trapdoor $T_{w^{'}}$, the server can keep computing index with different keywords $w$ and tests the equivalence by itself until finding the keyword $w^{\prime}$ hidden in the trapdoors. That is, the secrecy of trapdoors can be easily broken. Furthermore, the ‘hacked trapdoor’ can be utilized to test all the index in the database, which indirectly impacts the secrecy of index. Chen et al. propose a dual-server PEKS (DS-PEKS) syntax to deal with this issue. There are a front server and a back server in their architecture (see Figure 1(b)) and the keyword search test is done by the co-operation of two servers. Assume that these two servers do not collude, the DS-PEKS scheme will be secure against offline inner keyword guessing attacks (although that the on-line inner keyword guessing attacks still work). However, several flaws occur in Chen et al.'s works so that the secrecy of index and trapdoors are not well-protected even against outside adversaries. In this work, we propose a new DS-PEKS construction based on the Cramer Shoup encryption, whose index and trapdoors are provably indistinguishable against chosen keyword attacks based on the IND-CCA2 security of the Cramer Shoup encryption without random oracle model.

Peng Xu,Hai Jin,Qianhong Wu,Wei Wang

DOI: https://doi.org/10.1109/TC.2012.215

IF: 3.183

2013-01-01

IEEE Transactions on Computers

Abstract:Public-key encryption with keyword search (PEKS) is a versatile tool. It allows a third party knowing the search trapdoor of a keyword to search encrypted documents containing that keyword without decrypting the documents or knowing the keyword. However, it is shown that the keyword will be compromised by a malicious third party under a keyword guess attack (KGA) if the keyword space is in a polynomial size. We address this problem with a keyword privacy enhanced variant of PEKS referred to as public-key encryption with fuzzy keyword search (PEFKS). In PEFKS, each keyword corresponds to an exact keyword search trapdoor and a fuzzy keyword search trapdoor. Two or more keywords share the same fuzzy keyword trapdoor. To search encrypted documents containing a specific keyword, only the fuzzy keyword search trapdoor is provided to the third party, i.e., the searcher. Thus, in PEFKS, a malicious searcher can no longer learn the exact keyword to be searched even if the keyword space is small. We propose a universal transformation which converts any anonymous identity-based encryption (IBE) scheme into a secure PEFKS scheme. Following the generic construction, we instantiate the first PEFKS scheme proven to be secure under KGA in the case that the keyword space is in a polynomial size.

Yaojun Mao,Xingbing Fu,Chen Guo,Guohua Wu

DOI: https://doi.org/10.1002/ett.3531

IF: 3.6

2018-01-01

Transactions on Emerging Telecommunications Technologies

Abstract:Public key encryption With keyword search (PEKS) enables a cloud server (CS) to get the search trapdoor to identify ciphertext containing the target keyword without decrypting the ciphertext or knowing the target keyword. With the advent of mobile cloud computing, PEKS has ushered in an era of new development opportunities and new challenges. In mobile cloud computing environment, the PEKS schemes demand strict bounded timing response and security. However, traditional PEKS schemes rely on heavy bilinear pairing computations, which causes a delay from the CS to the mobile terminal. Moreover, as computing power increases, PEKS is more vulnerable to suffer from an inherent insecurity known as inside keyword guessing attack, which leaks user data query information. To achieve a secure and efficient searchable encryption scheme in the mobile cloud computing environment, we put forward a lattice‐based searchable encryption scheme that supports conjunctive keyword search. Our scheme achieves higher computational efficiency and is resistant against quantum attacks compared with traditional PEKS schemes. To further enhance security and make our scheme secure against keyword guessing attack, we hide the decryption parameters by outsourcing part of the decryption process to a semitrusted third party called unusual keyword server, so that the CS cannot guess the exact keyword by performing consistency verification.

Changsong Jiang,Chunxiang Xu,Zhao Zhang,Kefei Chen

DOI: https://doi.org/10.1109/TCC.2023.3266459

IF: 5.697

2023-01-01

IEEE Transactions on Cloud Computing

Abstract:Public key encryption with keyword search (PEKS) provides secure searchable data encryption in cloud storage. Users can outsource encrypted data and keywords to a cloud server, and search target one without disclosing sensitive information. To achieve resistance against off-line keyword guessing attacks, existing practical PEKS schemes employ independent key server(s) to assist users in producing keywords to be encrypted (called server-derived keywords) in an online manner. In this article, we analyze server-aided PEKS schemes and reveal a potential threat: vulnerability against subversion attacks, where algorithms in server-aided PEKS might be maliciously implemented to undermine security. In a subverted encryption implementation, a subliminal channel is established to control randomness generation such that biased ciphertexts covertly leak plaintext information. We further present a specific subversion attack against generation of server-derived keywords to violate keywords’ confidentiality. To address these issues, we propose SR-PEKS, a subversion-resistant PEKS scheme based on cryptographic reverse firewalls (CRF). In SR-PEKS, CRF sanitizes messages transmitted in server-derived keyword generation to resist the presented subversion attack. CRF also participates in a collaborative randomness generation protocol to yield unbiased randomness for encryption, thereby eliminating the subliminal channel. Provable security and high efficiency of SR-PEKS are demonstrated by comprehensive analyses and performance evaluations.

Yuan Zhang,Chunxiang Xu,Jianbing Ni,Hongwei Li,Xuemin Sherman Shen

DOI: https://doi.org/10.1109/tcc.2019.2923222

IF: 5.697

2021-10-01

IEEE Transactions on Cloud Computing

Abstract:Cloud storage enables users to outsource data to storage servers and retrieve target data efficiently. Some of the outsourced data are very sensitive and should be prevented for any leakage. Generally, if users conventionally encrypt the data, searching is impeded. Public-key encryption with keyword search (PEKS) resolves this tension. Whereas, it is vulnerable to keyword guessing attacks (KGA), since keywords are low-entropy. In this paper, we present a secure PEKS scheme called SEPSE against KGA, where users encrypt keywords with the aid of dedicated key servers via a threshold and oblivious way. SEPSE supports key renewal to periodically replace an existing key with a new one on each key server to thwart the key compromise. Furthermore, SEPSE can efficiently resist online KGA, where each keyword request made by a user is integrated into a transaction on a public blockchain (e.g., Ethereum), which allows key servers to learn the number of keyword requests made by the user without requiring a synchronization between them for per-user rate limiting. Security analysis and performance evaluation demonstrate that SEPSE provides a stronger security guarantee compared with existing schemes, at the expense of acceptable computational costs.

computer science, information systems, theory & methods

Venkata Bhikshapathi Chenam,Suneeth Yadav Tummala,Syed Taqi Ali

DOI: https://doi.org/10.1007/s12083-023-01618-2

IF: 3.488

2024-02-09

Peer-to-Peer Networking and Applications

Abstract:Public Key Encryption with Keyword Search (PEKS) is a promising cryptographic primitive that allows searching over encrypted data in secure data outsourcing services. Initially, several PEKS schemes were developed for conjunctive keyword search, but they relied on certain assumptions regarding keyword fields. To address this limitation, an Efficient Public-Key Encryption with Field-free Conjunctive Keyword Search (PEFCK) scheme was introduced in 2015. PEFCK enables conjunctive keyword search without any specific ordering of the keywords. However, PEFCK is vulnerable to keyword guessing attacks (KGA), which compromise its security. To overcome the KGA vulnerability, we propose a new scheme called Public Key Authenticated Encryption with Field-free Subset Conjunctive and Disjunctive Keyword Search (PAEFSCDKS), which leverages the mathematical concept of Lagrange Polynomials. This scheme incorporates three key features: 1) Sender Authentication: The sender encrypts the keywords using both the receiver's public key and its private key, ensuring sender authenticity and integrity. 2) Secure Channel-free: Unlike traditional approaches, our scheme does not require a secure channel to transfer data from the receiver to the cloud server. This eliminates the need for additional secure communication overhead. 3) Subset Conjunctive and Disjunctive Keyword Search: The receiver can perform queries that involve both subset conjunctive and disjunctive keywords, enabling more flexible and powerful searches. Furthermore, we demonstrate that our proposed scheme achieves provable security under index indistinguishability and trapdoor indistinguishability against both internal and external adversaries. Finally, through performance analysis, we show that our proposed scheme outperforms similar PEKS schemes in terms of both theoretical and experimental evaluations.

computer science, information systems,telecommunications

Jingwei Lu,Hongbo Li,Jianye Huang,Sha Ma,Man Ho Allen Au,Qiong Huang

DOI: https://doi.org/10.3390/info14030142

2023-01-01

Information

Abstract:Transforming data into ciphertexts and storing them in the cloud database is a secure way to simplify data management. Public key encryption with keyword search (PEKS) is an important cryptographic primitive as it provides the ability to search for the desired files among ciphertexts. As a variant of PEKS, certificateless public key authenticated encryption with keyword search (CLPAEKS) not only simplifies certificate management but also could resist keyword guessing attacks (KGA). In this paper, we analyze the security models of two recent CLPAEKS schemes and find that they ignore the threat that, upon capturing two trapdoors, the adversary could directly compare them and distinguish whether they are generated using the same keyword. To cope with this threat, we propose an improved security model and define the notion of strong trapdoor indistinguishability. We then propose a new CLPAEKS scheme and prove it to be secure under the improved security model based on the intractability of the DBDH problem and the DDH problem in the targeted bilinear group.

Yuanjie Zhao,Xiaofeng Chen,Hua Ma,Qiang Tang,Hui Zhu

DOI: https://doi.org/10.22667/jowua.2012.03.31.072

2012-01-01

Abstract:The public key encryption with keyword search (PEKS) provides a way for users to search data which are encrypted under the users’ public key on a storage system. However, the original schemes are based on the unrealistic assumption of a secure channel between the receiver and the server. Baek et al. [1] first proposed a secure channel-free public key encryption with keyword search (SCF-PEKS) to remove the assumption. However, Rhee et al. [2] point out that the SCF-PEKS scheme suffers from the keyword-guessing attack and proposed a scheme which satisfies the property of trapdoor indistinguishability without using an additional secure channel. In this paper, we construct a new efficient trapdoor-indistinguishable public key encryption with keyword search. Moreover, we prove that the proposed scheme can achieve the desired security properties.

Peng Jiang,Yi Mu,Fuchun Guo,Qiaoyan Wen

DOI: https://doi.org/10.1016/j.cose.2016.11.015

IF: 5.105

2016-01-01

Computers & Security

Abstract:Public key encryption with keyword search (PEKS) provides the functionality of encrypted data retrieval with keyword privacy in database systems. PEKS allows a user to specify a keyword and search the encrypted data associated with this keyword that is uploaded by others. In this paper, we investigate the retrieval privilege management in the manager-centric model, where each user has a different search right over the unique keyword set. Unfortunately, employing the prior PEKS and other related cryptographic techniques might suffer from the problems of key abuse and bandwidth consumption. To address these issues, we introduce a new cryptographic primitive called public key encryption with authorized keyword search (PEAKS). In PEAKS, the search right is assigned by the authority over a distinct keyword set and the user with an authorized search right can only search data associated with these keywords. We propose two constructions with formal security proof, namely the basic PEAKS scheme and the secure channel-free PEAKS (SCF-PEAKS) scheme. Both schemes feature with the constant-size authorized token, while the SCF-PEAKS scheme is also resistant against the outsider keyword guessing attacks. The performance evaluation shows that the proposed schemes consume less bandwidth for frequent token update.

Raylin Tso,Kaibin Huang,Yu-Chi Chen,Sk Md Mizanur Rahman,Tsu-Yang Wu

DOI: https://doi.org/10.1109/access.2020.3017745

IF: 3.9

2020-01-01

IEEE Access

Abstract:Chen et al. indicated the inner keyword guessing attack coming from the low entropy of keywords, which eliminates the semantic security of most keyword search schemes. Then, they accordingly propose the first dual-server PEKS scheme (abbreviated as DS-PEKS) and its related security models to prevent such attacks. In the DS-PEKS architecture, two non-collusive servers must corporate to execute the keyword search procedure. No individual server has the capability of determining the equivalence between keywords alone, and thus the inner keyword guessing attacks can be avoided. In this article, we found that the security models are lack of soundness and strength, so our first result is to define new stronger and sounder security models which implies all security aspects of original models. Secondly, we also propose a generic construction of DS-PEKS schemes based on IND-CCA2 secure PKE schemes. Finally, we analyze the newly proposed DS-PEKS scheme, and proof its security with the stronger models based on the IND-CCA2 security in the standard model.

computer science, information systems,telecommunications,engineering, electrical & electronic

Peng Jiang,Yi Mu,Fuchun Guo,Qiao-Yan Wen

DOI: https://doi.org/10.1007/s11390-017-1745-8

IF: 1.871

2017-01-01

Journal of Computer Science and Technology

Abstract:The notion of searchable encrypted keywords introduced an elegant approach to retrieve encrypted data without the need of decryption. Since the introduction of this notion, there are two main searchable encrypted keywords techniques, symmetric searchable encryption (SSE) and public key encryption with keyword search (PEKS). Due to the complicated key management problem in SSE, a number of concrete PEKS constructions have been proposed to overcome it. However, the security of these PEKS schemes was only weakly defined in presence of outsider attacks; therefore they suffer from keyword guessing attacks from the database server as an insider. How to resist insider attacks remains a challenging problem. We propose the first searchable encrypted keywords against insider attacks (SEK-IA) framework to address this problem. The security model of SEK-IA under public key environment is rebuilt. We give a concrete SEK-IA construction featured with a constant-size trapdoor and the proposed scheme is formally proved to be secure against insider attacks. The performance evaluations show that the communication cost between the receiver and the server in our SEK-IA scheme remains constant, independent of the sender identity set size, and the receiver needs the minimized computational cost to generate a trapdoor to search the data from multiple senders.

NI Jianbing,YU Yong,Qi XIA,Lei NIU

2012-01-01

Journal of Information and Computational Science

Abstract:Public key encryption with keyword search (PEKS) is a novel cryptographic primitive enabling one to search encrypted data while keeping the security of the original data. Recently, Hu et al. found that the PEKS with a designated tester (dPEKS) due to Rhee et al. suffers from keyword guessing attack and proposed two enhanced schemes. These schemes were claimed as being provably secure against chosen keyword attack and off-line keyword guessing (KG) attack. However, in this paper, we demonstrate that Hu’s dPEKS is still insecure by demonstrating keyword guessing attack where a malicious server can guess the keyword with the trapdoor. We also discuss the impossibility to construct secure dPEKS schemes against a malicious server’s KG attack, when the candidate keywords are from some polynomial size of dictionary.