Kui Ma,Yanwei Zhou,Ying Wang,Chunsheng Dong,Zhe Xia,Bo Yang,Mingwu Zhang

DOI: https://doi.org/10.1109/jsyst.2023.3269597

IF: 4.802

2023-01-01

IEEE Systems Journal

Abstract:The Internet of Things (IoT) is helpful in making people's life more convenient and efficient. To ensure that the nodes within IoT can interact securely, a certificateless signature (CLS) can be used to protect message authentication in the IoT. Recently, some concrete constructions of CLS schemes have been proposed in the literature, but through our analyses, we demonstrate that some existing CLS schemes cannot keep their claimed security because of various security flaws. For example, a valid signature can be forged by any Type I adversary by replacing the corresponding user's public key. In this article, we describe the security flaws that need to be addressed and introduce a novel CLS scheme without using bilinear mapping. The existential unforgeability in our proposed scheme can be proved based on the hardness of the elliptic curve discrete logarithm problem in the random oracle model. The comparison with existing CLS schemes shows that our scheme not only enjoys more security features but also is more efficient in computation. Moreover, we introduce an identity authentication protocol as the application of our proposed CLS scheme, which achieves mutual authentication and anonymity in communications.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

Arijit Karati,Chun-I Fan,Ruei-Hau Hsu

DOI: https://doi.org/10.1109/jiot.2019.2939204

IF: 10.6

2019-12-01

IEEE Internet of Things Journal

Abstract:The Internet of Things (IoT) is revolutionizing our modern lives by introducing active connection between smart devices. However, IoT devices are repeatedly exhibiting many security flaws, which will inevitably lead to eavesdropping and impersonation attacks. Thus, providing a proper security in IoT becomes a prime focus for the researchers. In cryptography, certificateless signcryption (CLSC) is one of the recent public key techniques for the security requirements of the authenticity and confidentiality of any message between the parties. In this article, a new generalized CLSC (gCLSC) is introduced to provide the functions of digital signature and encryption to fulfill the authenticity and confidentiality for the resource-constrained IoT devices. Besides, the gCLSC supports the property of public verifiability and security of an ideal signcryption under the strong Diffie–Hellman and bilinear Diffie–Hellman inversion problems without random oracle model. Performance assessment of the gCLSC gives satisfactory results after comparing with other competitive CLSC schemes in terms of its functionality. Therefore, the gCLSC can be adopted in the IoT networks where authenticity, confidentiality, and lightweight are the essential factors.

Yang Ming,Xiaopeng Yu,Xiaoqin Shen

DOI: https://doi.org/10.1109/access.2020.3018488

IF: 3.9

2020-01-01

IEEE Access

Abstract:Healthcare Internet of Things (IoT) is an emerging paradigm, which can provide comprehensive and different types of health services and enable various types of medical sensors to monitor patient's health conditions. In the healthcare IoT, patient is deployed with a variety of medical sensors, which continuously monitors and collects patient's sensitive health data that needs specially protection for preventing privacy leakage. To safely send multiple different health data monitored by multiple different medical sensors to multiple corresponding healthcare professionals in one data report, several multi-message and multi-receiver signcryption schemes have been introduced by employing the traditional public key cryptography, identity-based cryptography or certificateless cryptography. However, these schemes suffer from the certificate management, key escrow and key distribution problem. Besides, due to the resource-constraint property of medical sensors, they are unsuitable for healthcare IoT in terms of both performance and privacy requirements. To solve these issues, this paper introduces an efficient anonymous certificate-based multi-message and multi-receiver signcryption scheme for healthcare IoT, where the certificate-based cryptography and elliptic curve cryptography are combined to simplify the certificate management problem, eliminate the key escrow problem, solve the key distribution problem and ensure the privacy-preserving. Furthermore, the security analysis suggests that the proposed scheme is able to achieve the confidentiality, unforgeability, receiver anonymity, sender anonymity and decryption fairness; the performance evaluation indicates that the proposed scheme brings to the lower computation cost and communication cost in comparison to the existing schemes.

Manoj Kumar,Harsh Kumar Verma,Geeta Sikka

DOI: https://doi.org/10.1002/ett.3883

IF: 3.6

2020-03-22

Transactions on Emerging Telecommunications Technologies

Abstract:<p>Cloud‐edge (CE) is revolutionizing our modern world with a greater user experience through the Internet of Things (IoT). However, the edge devices, communication bridge between the cloud and users, are repeatedly exhibiting many security flaws which will inevitably lead to massive cyber attacks. Thus, providing a proper security, specifically, the confidentiality and authenticity of sensitive data become a prime focus for many of the researchers. In cryptography, certificateless signcryption (CLSC) is one of the recent public key techniques that meets the requirements of confidentiality and authenticity of sensitive data between parties with minimal overhead. This paper aims to present a new data sharing protocol where the safety of data is achieved through a new CLSC scheme. The proposed CLSC is designed using the bilinear pairing and modular exponentiation operations. Besides, the CLSC is secure based on the intractability of Diffie‐Hellman inversion (DHI) and bilinear‐DHI assumptions without considering the random oracle model (ROM). Performance assessment of proposed CLSC gives satisfactory results after comparing with other related CLSC schemes. Therefore, proposed CLSC can be installed in the cloud‐based edge‐IoT environment where both the authenticity and confidentiality with minimal computational overhead are the essential factors.</p>

telecommunications

Rafiq Ullah,Amjad Mehmood,Muhammad Altaf Khan,Carsten Maple,Jaime Lloret

DOI: https://doi.org/10.1007/s12083-024-01654-6

IF: 3.488

2024-04-28

Peer-to-Peer Networking and Applications

Abstract:Certificateless Proxy Signature (CLPS) offers a comprehensive authentication mechanism to ensure the optimal solutions from modern forgery attacks in Industrial Internet of Things (IIoTs) environment. CLPS is part of certificateless public key cryptography (CL-PKC) and has the benefits of eradicating many issues like key distribution problem. Although costly computational processing capabilities are consumed by smart devices during authentication process. This article proposed an authentication scheme for CLPS by using the mathematical cryptographic curve concepts of Hyper Elliptic Curve (HEC) to provide a secure and optimized communication approach in IIoTs environment. The arises key distribution problem in CLPS is also fixed. The scrutinized security analysis of proxy signature and delegation signature were performed to tackle different attacks like Machine-in-the-middle Attack (MiTM), Replay Attack, Key Replacement Attack, Impersonation Attack, and Chosen Message Attack. Due to HEC-DLP the forgery attack cannot succeeded. Finally, the proposed work is formally verified through the AVISPA tool. The comprehensive performance evaluation shows that the total computational cost is reduced to 49.48% and the communication overhead size is reduced to 49.57% with a comparative analysis of existing schemes. Thus, the proposed approach eradicates key distribution problems with an equal security level of RSA and ECC.

computer science, information systems,telecommunications

Hu Xiong,Qian Mei,Yanan Zhao

DOI: https://doi.org/10.1109/jsyst.2018.2890126

IF: 4.802

2020-01-01

IEEE Systems Journal

Abstract:With the continuous development of the industrial Internet of Things (IIoT), many organizations opt for storing the data collected by smart devices on a cloud server for saving costs. Considering the untrusted nature of the communication channel, how to ensure the authenticity of data is an urgent matter to be solved. Certificateless signatures that can provide an authentication mechanism for the data seem to be a viable option to this problem. Nevertheless, the certificateless signature scheme proposed so far is either easy to be broken or inefficient. In this paper, a pairing-free and provably secure certificateless parallel key-insulated signature (CL-PKIS) scheme is put forward for securing the communication in the IIoT environment. Unlike previous work in this field, our scheme not only uses elliptic curves to maintain higher efficiency, but also implants key-insulated primitive to reduce the risk of key exposures. Besides, our scheme provides a parallel mechanism to make it more suitable for the IIoT environment, which was not available in previous solutions. Finally, the security of our CL-PKIS scheme is proved under the discrete logarithm assumption in the random oracle model.

Jianhong Zhang,Wenle Bai,Yuehai Wang

DOI: https://doi.org/10.1109/access.2019.2899828

IF: 3.9

2019-01-01

IEEE Access

Abstract:The Internet of Things (IoT) is the internetworking of terminal physical devices depends on application programming interfaces and sensors to be connected to the Internet for collecting and exchanging data. According to the characteristics of IoT, it can provide rich services for the terminal user. However, the centralized cloud computing-based storage architecture in IoT faces many challenges, such as data security, identity privacy, and high latency. To overcome these challenges, this paper introduces an IoT network storage architecture based on mobile edge computing, which not only achieves low-latency message response and computation offloading of the terminal user but also preserves identity-privacy of the terminal user. Afterward, we presented a novel non-interactive pairing-free ID-based proxy re-signature scheme (ID-PRS), which is a kernel technique to construct the aforementioned storage architecture. Compared with most of proxy re-signature schemes constructed based on traditional public-key-infrastructure, the proposed scheme avoids expensive pairing operation and intricate certificate-maintenance. And it is demonstrated to be provably secure under the classic security assumptions: integer factoring problem and the RSA assumption. Finally, in contrast to the other two ID-PRS schemes, the proposed ID-PRS scheme has more advantages in terms of security, functionability, and computation costs. Thus, it is very suitable to be applied to the resource-constrained mobile users.

Hanguang Luo,Tao Zou,Chunming Wu,Dan Li,Shunbin Li,Chu

DOI: https://doi.org/10.32604/cmc.2022.027118

2022-01-01

Abstract:In the emerging Industrial Internet of Things (IIoT), authentication problems have become an urgent issue for massive resource-constrained devices because traditional costly security mechanisms are not suitable for them. The security protocol designed for resource-constrained systems should not only be secure but also efficient in terms of usage of energy, storage, and processing. Although recently many lightweight schemes have been proposed, to the best of our knowledge, they are unable to address the problem of privacy preservation with the resistance of Denial of Service (DoS) attacks in a practical way. In this paper, we propose a lightweight authentication protocol based on the Physically Unclonable Function (PUF) to overcome the limitations of existing schemes. The protocol provides an ingenious authentication and synchronization mechanism to solve the contradictions amount forward secrecy, DoS attacks, and resource-constrained. The performance analysis and comparison show that the proposed scheme can better improve the authentication security and efficiency for resource-constrained systems in IIoT.

Dongmei Chen,Yining Liu,Fei Zhou,Lihui Li,Yangfan Liang

DOI: https://doi.org/10.1016/j.sysarc.2024.103268

IF: 5.836

2024-08-30

Journal of Systems Architecture

Abstract:The widespread application of wireless sensor technology in the Internet of Things (IoT) industry significantly enhances productivity. However, the large scale deployment of IoT and the inherent vulnerabilities of wireless communication methods to attacks present significant new challenges. Consequently, there is a need to address the efficiency and security of information transfer in IoT. To effectively solve these issues, this paper presents a secure and efficient pairing-free certificateless aggregated signcryption (CL-ASC) scheme for IoT based on the elliptic curve cryptosystem. Our scheme avoids the complex certificate management issues associated with Public Key Cryptography (PKC) and the key escrow problem found in identity-based cryptography, while maintaining the storage and communication efficiency benefits of aggregated signcryption. The use of secure signcryption and aggregation techniques effectively resists a variety of potential attacks. Both formal and informal security analyses demonstrate that our scheme meets the expected security requirements. Specifically, our scheme shows significant improvements in computational and communication overheads. Compared to other state-of-the-art protocols, our scheme achieves signcryption computation cost of 0.691 ms, unsigncryption computation cost of 3.917 ms for 5 messages, and a total cost of 4.608 ms for 5 messages. Additionally, it provides a signcryption communication overhead of 128 bytes and aggregated communication overhead of 580 bytes for 5 messages.

computer science, software engineering, hardware & architecture

Emmanuel Ahene,Junfeng Dai,Hao Feng,Fagen Li

DOI: https://doi.org/10.1007/s11235-018-0530-5

2018-01-01

Abstract:Cloud computing has proven to be applicable in smart grid systems with the help of the cloud-based Internet of things (IoT) technology. In this concept, IoT is deployed as a front-end enabling the acquisition of smart grid-related data and its outsourcing to the cloud for data storage purposes. It is obvious that data storage is a pertinent service in cloud computing. However, its wide adoption is hindered by the concern of having a secure access to data without a breach on confidentiality and authentication. To address this problem, we propose a novel data access control scheme that simultaneously accomplishes confidentiality and authentication for cloud-based smart grid systems. Our scheme can enable the storing of encrypted smart grid-related data in the cloud. When a user prefers to access the data, the data owner issues a delegation command to the cloud for data re-encryption. The cloud is unable to acquire any plaintext information on the data. Only authorized users are capable of decrypting the data. Moreover, the integrity and authentication of data can only be verified by the authorized user. We obtain the data access control scheme by proposing a pairing free certificateless signcryption with proxy re-encryption (CLS-PRE) scheme. We prove that our CLS-PRE scheme has indistinguishability against adaptive chosen ciphertext attack under the gap Diffie–Hellman problem and existential unforgeability against adaptive chosen message attack under elliptic curve discrete logarithm problem in the random oracle model.

Hu Xiong,Yan Wu,Chunhua Su,Kuo-hui Yeh

DOI: https://doi.org/10.1016/j.jisa.2020.102507

IF: 4.96

2020-08-01

Journal of Information Security and Applications

Abstract:<p>With the continuously developing wireless communication technique, the Internet of Things (IoT) has been deployed in various domains. In the IoT, numerous smart devices exchange information transparently and seamlessly via the open channel to provide intelligent and convenient services for the citizens. Due to the vulnerable nature of the communication channel, ensuring data authenticity of the transmitted information is a challenging issue. Certificateless signature (CLS) is regarded as an appropriate cryptographical primitive to protect data authenticity in the IoT. However, the existing CLS schemes are infeasible for the practical IoT systems, since individual verification causes network congestion and service delay in the face of massive service requests. To improve the verification efficiency, plenty of CLS schemes with batch verification have been investigated to verify multiple signatures quickly at once. Despite the improvement of verification efficiency, these schemes have poor efficiency or security issue. Furthermore, the batch verification failure cannot be settled in these schemes, which reduces the advantage of batch verification significantly. Motivated by the above problems, this paper presents a secure and efficient CLS scheme with batch verification and invalid signature identification. The proposed scheme is provably secure under the random oracle model. The comprehensive comparison analysis demonstrates that the presented scheme is superior to the related works in security and performance.</p>

computer science, information systems

Ms. K. Sudharani,Dr. N. K. Sakthivel

DOI: https://doi.org/10.14419/ijet.v10i1.21480

2021-02-19

International Journal of Engineering and Technology

Abstract:Certificateless Public Key Cryptography (CL-PKC) scheme is a new standard that combines Identity (ID)-based cryptography and tradi- tional PKC. It yields better security than the ID-based cryptography scheme without requiring digital certificates. In the CL-PKC scheme, as the Key Generation Center (KGC) generates a public key using a partial secret key, the need for authenticating the public key by a trusted third party is avoided. Due to the lack of authentication, the public key associated with the private key of a user may be replaced by anyone. Therefore, the ciphertext cannot be decrypted accurately. To mitigate this issue, an Enhanced Certificateless Proxy Signature (E-CLPS) is proposed to offer high security guarantee and requires minimum computational cost. In this work, the Hackman tool is used for detecting the dictionary attacks in the cloud. From the experimental analysis, it is observed that the proposed E-CLPS scheme yields better Attack Detection Rate, True Positive Rate, True Negative Rate and Minimum False Positives and False Negatives than the existing schemes.

Insaf Ullah,Noor Ul Amin,Mandi Zareei,Asim Zeb,Hizbullah Khattak,Ajab Khan,Shidrokh Goudarzi

DOI: https://doi.org/10.3390/sym11111386

2019-01-01

Abstract:Industrial Internet of Things (IIoT) is a new type of Internet of Things (IoT), which enables sensors to merge with several smart devices to monitor machine status, environment, and collect data from industrial devices. On the other hand, cloud computing provides a good platform for storing crowdsourced data of IIoT. Due to the semi-trusted nature of cloud computing and communication through open channels, the IIoT environment needs security services such as confidentiality and authenticity. One such solution is provided by the identity-based signcryption. Unfortunately, the identity-based signcryption approach suffers from the key escrow problem. Certificateless signcryption is the alternative of identity-based signcryption that can resolve the key escrow problem. Here, we propose a lightweight certificateless signcryption approach for crowdsourced IIoT applications with the intention of enhancing security and decreasing the computational cost and communication overhead. The security and efficiency of the proposed approach are based on the hyper elliptic curve cryptosystem. The hyper elliptic curve is the advance version of the elliptic curve having small parameters and key size of 80 bits as compared to the elliptic curve which has 160-bits key size. Further, we validate the security requirements of our approach through automated validation of Internet security protocols and applications (AVISPA) tool with the help of high level protocol specification language (HLPSL). Moreover, our lightweight and secured scheme will attract low resource devices and will become a perk in the environment of IIoT.

Ikram Ali,Yong Chen,Chengwei Pan,Songge Chen

DOI: https://doi.org/10.1109/tiv.2024.3455352

IF: 8.2

2024-01-01

IEEE Transactions on Intelligent Vehicles

Abstract:The Internet of Vehicles (IoV) relies on wireless technology for the transmission of messages, which exposes it to potential attacks. To address this, researchers have developed various methods to ensure secure message transmission between vehicles and infrastructure. However, these methods often require substantial computational power and communication resources, making them unsuitable for time-sensitive communications. To tackle this issue, we present an efficient certificateless cryptosystem (CLC) and a public key infrastructure (PKI)-based heterogeneous signcryption (HSC) scheme tailored for fog computing-enabled IoV, denoted as CPHSC-IoV. This scheme facilitates communication from a vehicle within the CLC setting to a roadside unit (RSU) equipped with fog computing devices within the PKI setting. It aims to secure the message by guaranteeing confidentiality, authentication, integrity, and non-repudiation all at once in a single logical process. When multiple messages are transmitted, the RSU initially aggregates these messages and then processes them together using the batch verification method, further improving performance. Our scheme is existentially unforgeable against adaptive chosen message attacks and indistinguishable against adaptive chosen ciphertext attacks in the random oracle model. Furthermore, it outperforms the recent relevant schemes in terms of computational overhead, communication/storage cost, and average transmission delay.

Jianghua Liu,Jian Yang,Wei Wu,Xinyi Huang,Yang Xiang

DOI: https://doi.org/10.1109/tc.2022.3207138

IF: 3.183

2023-04-08

IEEE Transactions on Computers

Abstract:Recent advancements in the Internet of Things (IoT) and cloud computing technologies have accelerated the development of various practical applications, including healthcare systems. Adequately revealing the collected healthcare data in a cloud-assisted healthcare IoT system brings a huge potential for improving the safety, quality, and efficiency of healthcare services. However, often the data collected in a healthcare IoT system is vital and sensitive. The dissemination of such data is also vulnerable to malicious attacks such as tampering, eavesdropping, and forgery. Thus, disseminated data's integrity, authenticity, and privacy are elementary security demands to end-users and owners. Also, the resource-constrained nature of healthcare IoT devices invalidates the existing solutions. To address the above challenges, we propose a lightweight and secure redactable signature scheme with coarse-grained additional redaction control (CRS) for secure dissemination of healthcare data in a cloud-assisted healthcare IoT system. The security analysis indicates our CRS is secure against signature forgery, additional redaction attacks, and redacted version linkability. Compared to other existing solutions, our scheme can achieve some level of security but less computational complexity and communication overhead.

engineering, electrical & electronic,computer science, hardware & architecture

Pradeep Radhakrishnan,Praveen Kumar Sugumar,Preethi Ponnan,Gopirajan Punniyakotti Varadharajan

DOI: https://doi.org/10.1007/s12083-024-01717-8

IF: 3.488

2024-05-24

Peer-to-Peer Networking and Applications

Abstract:Wireless Sensor Networks has been characterized by a disseminated, structured, and independent collection of sensor nodes deployed for broad variants of applications ranging from military, environment-friendly, disaster management, wild-life smart-grid, emergency care, medical treatment and agriculture. However, data has been transmitted in a wide-open wireless infrastructure which can be highly poised with security and privacy attacks. Hence data sent through wireless sensor networks are to be protected. Typically, the sensor utilized is highly resource-constrained in nature, there is a need to achieve a better trade-off between the energy, efficacy, data transmission and scalability. Therefore, in order to cater to these requirements, a full privacy preserving distributed certificate-less signature authentication scheme for secure and efficient data transmission in wireless sensor networks has been proposed. The proposed technique utilizes elliptic curve cryptography, a pairing-free cryptography that offers high security even with smaller key sizes. In order to eliminate the problem of central dependency of the trusted authority or the key generation center, the proposed model utilizes a distributed way of key distribution and management thereby reducing the computational and communication burden associated with it. The proposed methodology has been proved to be efficient by means of security analysis using ROM model. Experimentation has been carried out by using the Networks Simulator tool (NS2) and the performance evaluation shows that the proposed authentication scheme has provided a better trade-off between the objectives like energy efficiency, routing, and scalability.

computer science, information systems,telecommunications

Huifang Yu,Runtao Ren

DOI: https://doi.org/10.1109/jsyst.2021.3096531

IF: 4.802

2021-01-01

IEEE Systems Journal

Abstract:Driven by new situation of "Internet +," Internet has achieved the integrated development with all walks of life. Among them, the fifth generation is a key technology to promote the deep integration of Internet-of-Things equipment, cloud computing, blockchain and other trades. Hence, it is necessary for IoTs to consider the cost and efficiency of authentication and confidentiality of the communication. For effectively solving the above problems, we devise certificateless elliptic curve aggregate signcryption (CL-ECASC) scheme for IoTs that can improve the authentication efficiency, realize data confidentiality, and avoid the problems of complex certificate management and key escrow. Under the hardness of discrete logarithm and computational DiffieHellman problems on elliptic curve, CL-ECASC is proved to has the IND-CCA2 security (indistinguishability under the adaptive chosen-ciphertext attacks) and UF-CMA security (existentially unforgeable under the adaptive chosen-message attacks). CL-ECASC has relatively faster computation efficiency and lower communication cost, and so it is suitable for secure transmission of the information in the previously mentioned environments.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

Lu Zhou,Xiong Li,Kuo-Hui Yeh,Chunhua Su,Wayne Chiu

DOI: https://doi.org/10.1016/j.future.2018.08.038

IF: 7.307

2018-01-01

Future Generation Computer Systems

Abstract:Recently, authentication technologies integrated with the Internet of Things (IoT) and cloud computing have been promptly investigated for secure data retrieval and robust access control on large-scale IoT networks. However, it does not have a best practice for simultaneously deploying IoT and cloud computing with robust security. In this study, we present a novel authentication scheme for IoT-based architectures combined with cloud servers. To pursue the best efficiency, lightweight crypto-modules, such as one-way hash function and exclusive-or operation, are adopted in our authentication scheme. It not only removes the computation burden but also makes our proposed scheme suitable for resource-limited objects, such as sensors or IoT devices. Through the formal verification delivered by Proverif, the security robustness of the proposed authentication scheme is guaranteed. Furthermore, the performance evaluation presents the practicability of our proposed scheme in which a user-acceptable computation cost is achieved.

Yingzhe Hou,Xin Huang,Yanan Chen,Sachin Kumar,Hu Xiong

DOI: https://doi.org/10.1002/ett.4190

IF: 3.6

2020-12-10

Transactions on Emerging Telecommunications Technologies

Abstract:<p>The prosperity of Internet of Things (IoT) has brought numerous advantages to individuals and organizations. Since the transmission channel is usually considered as untrusted, the notion of signcryption seems to be the desired method to ease the defect. Nevertheless, this primitive inevitably faces the new obstacle that how to search the required data without decrypting it. Therefore, inheriting the excellence of signcryption and equality test, we present a heterogeneous signcryption protocol supporting the equality test from public key infrastructure (PKI) to certificateless cryptosystem (CLC) toward IoT environment (PK‐CLET). In this way, the introduced construction not only preserves the integrity, confidentiality and unforgeability of data, but also allows the cloud server to perform the equality test on different ciphertexts. Moreover, the security of PK‐CLET as well as the performance evaluation are both shown that it is more suitable for IoT.</p>

telecommunications

Rashad Elhabob,Yanan Zhao,Iva Sella,Hu Xiong

DOI: https://doi.org/10.1007/s12652-019-01365-4

2019-01-01

Abstract:Current time organizations have moved from the conventional industries to smart industries by embracing the approach of Industrial Internet of Things (IIoT), which has provided an avenue for the integration of smart devices and communication technologies. IIoT offers reduction of costs on services and technologies since it counts on the flexibility, availability and real-time data processing capabilities of the cloud server. And even with the untrusted nature of the cloud, the privacy and confidentiality of the data outsourced to the cloud has been able to be guaranteed. This has been achieved through encryption techniques apply to the data before outsourcing. This has made it feasible to have the data in the cloud secured. However, the limitation of data recovery due to it having the innate “all-or-nothing” decryption characteristic, results in a challenge in the search functionality for the encrypted data. In order to deal with this challenge, this paper nominates a Certificateless Public Key Cryptography with Authorized Equivalent Test (CL-PKC-AET). Whereby, a cloud server is given authority to actuate if two encryptions consist of the equivalent messages. Furthermore, the extra providence of a fine-grained testing capability to the cloud server makes the CL-PKC-AET scheme adaptable. We define our scheme basing on bilinear pairing and further advocate within the random oracle model its security, based on the Bilinear Diffie-Hellman assumption. Basing on comparison with existing work, our scheme proves to be more effective.