Huige Wang,Kefei Chen,Baodong Qin,Xuejia Lai,Yunhua Wen

DOI: https://doi.org/10.1007/s11432-015-1037-2

2016-01-01

Science China Information Sciences

Abstract:We present a new primitive of randomized message-locked encryption(MLE) in this paper and define a new security model for it. The new primitive, named message-locked encryption3(hereafter referred as MLE3),is actually a variant of randomized message-locked encryption(Bellare et al. Eurocrypt’13). In order to prevent trivial attacks, our primitive admits a semi-trusted server, which is allowed to hold a secret key of public key encryption(PKE), to verify the correctness of a tag. The new security notion, called privacy chosen-distribution attacks3(PRV-CDA3), requires that a ciphertext generated by encrypting an unpredictable message and another ciphertext(possible invalid) chosen randomly from a ciphertext space are indistinguishable. Compared with the priori proposed security notion, privacy chosen-distribution attacks(PRV-CDA)(Bellare et al. Eurocrypt’13),which requires that two ciphertexts generated by encrypting two unpredictable messages are indistinguishable,the security notion we propose is much stronger. Based on the new primitive, under the blackbox reductions,we put forward a novel construction which achieves both privacy chosen-distribution attacks3(PRV-CDA3) and strong tag consistency(STC) securities in the standard model via universal computational extractors(UCEs)(Bellare et al. Crypto’13). In addition, our scheme also provides the validity-testing for ciphertext.

Huige Wang,Kefei Chen,Yu Long,Junyao Ye,Liangliang Wang

DOI: https://doi.org/10.1007/s12083-016-0488-6

IF: 3.488

2016-01-01

Peer-to-Peer Networking and Applications

Abstract:In this paper, we propose a new construction for randomized message-locked encryption (MLE) with privacy chosen-distribution attacks (PRV-CDA) and strong tag consistency (STC) securities in the standard model via UCEs. The new construction is based on \(\mathsf {UCE}[\mathsf {S}^{sup}\cap \mathsf {S}^{q\text {-}query}]\) secure family of hash functions, adaptively secure non-interactive zero knowledge proof system (NIZK) and indistinguishable chosen-plaintext attacks (IND-CPA) secure symmetric encryption (SE). Compared with existing randomized MLE schemes such as Bellare et al.’s XtESPKE scheme (Eurocrypt 2013), our scheme gives concrete instantiation and detailed security proofs. Although Abadi et al.’s construction for randomized MLE (Crypto 2013) achieves STC and PRV-CDA2, but their construction is designed in the random oracle model and cannot be instantiated, while our scheme can be instantiated in the standard model and achieves both STC and PRV-CDA securities.

Shifeng Sun,Dawu Gu,Man Ho Au,Shuai Han,Yu Yu,Joseph K. Liu

DOI: https://doi.org/10.1007/978-3-030-21568-2_24

2019-01-01

Abstract:We revisit the problem of constructing public key encryption (PKE) secure against both key-leakage and tampering attacks. First, we present an enhanced security against both kinds of attacks, namely strong leakage and tamper-resilient chosen-ciphertext (sLTR-CCA) security, which imposes only minimal restrictions on the adversary's queries and thus captures the capability of the adversary in a more reasonable way. Then, we propose a generic paradigm achieving this security on the basis of a refined hash proof system (HPS) called public-key-malleable HPS. The paradigm can not only tolerate a large amount of bounded key-leakage, but also resist an arbitrary polynomial of restricted tampering attacks, even depending on the challenge phase. Moreover, the paradigm with slight adaptations can also be proven sLTR-CCA secure with respect to subexponentially hard auxiliary-input leakage. In addition, we instantiate our paradigm under certain standard number-theoretic assumptions, and thus, to our best knowledge, obtain the first efficient PKE schemes possessing the strong bounded/auxiliary-input leakage and tamper-resilient chosen-ciphertext security in the standard model.

Baodong Qin,Shengli Liu

DOI: https://doi.org/10.1007/978-3-642-54631-0_2

2014-01-01

Abstract:In AsiaCrypt 2013, Qin and Liu proposed a new approach to CCA-security of Public-Key Encryption (PKE) in the presence of bounded key-leakage, from any universal hash proof system (due to Cramer and Shoup) and any one-time lossy filter (a simplified version of lossy algebraic filters, due to Hofheinz). They presented two instantiations under the DDH and DCR assumptions, which result in leakage rate (defined as the ratio of leakage amount to the secret-key length) of 1/2 - o(1). In this paper, we extend their work to broader assumptions and to flexible leakage rate, more specifically to leakage rate of 1 - o(1).-We introduce the Refined Subgroup Indistinguishability (RSI) assumption, which is a subclass of subgroup indistinguishability assumptions, including many standard number-theoretical assumptions, like the quadratic residuosity assumption, the decisional composite residuosity assumption and the subgroup decision assumption over a group of known order defined by Boneh et al.-We show that universal hash proof (UHP) system and one-time lossy filter (OT-LF) can be simply and efficiently constructed from the RSI assumption. Applying Qin and Liu's paradigm gives simple and efficient PKE schemes under the RSI assumption.-With the RSI assumption over a specific group (free of pairing), public parameters of UHP and OT-LF can be chosen in a flexible way, resulting in a leakage-flexible CCA-secure PKE scheme. More specifically, we get the first CCA-secure PKE with leakage rate of 1 - o(1) without pairing.

Seth Alornyo,Evans Aidoo,Kingsford Kissi Mireku,Benjamin Kwofie,Xiong Hu,Michael Asante

DOI: https://doi.org/10.1109/icsiot47925.2019.00016

2019-01-01

Abstract:A cryptographic primitive suggested by Carnard et al. in 2012 ensures that on input a plaintext, ciphertext with corresponding public key, it is possible to check if a ciphertext is encryption of a target plaintext with a corresponding public key. This tool enables public plaintext query on ciphertext. We introduce ID-based plaintext checkable encryption (ID-PCE) in outsourced healthcare database. ID-PCE uses receiver's ID as the public key to curtail problems associated with key certificate management in public key encryption. We adopts identity-based cryptography and it achieves a weak-IND-ID-CCA (W-IND-IDCCA). Finally, proof the security of our scheme using random oracle model.

Yu Chen,Jiang Zhang,Dongdai Lin,Zhenfeng Zhang

DOI: https://doi.org/10.1007/s10623-014-0014-x

IF: 1.4

2014-01-01

Designs Codes and Cryptography

Abstract:In this paper we investigate the topic of integrated public-key encryption (PKE) and public-key encryption with keyword search (PEKS) schemes (PKE–PEKS as shorthand). We first formalize the strongest security notion to date for PKE–PEKS schemes, named joint CCA-security. We then propose two simple constructions of jointly CCA-secure PKE–PEKS schemes from anonymous (hierarchical) identity-based encryption schemes. Besides, we also define the notion of consistency for PKE–PEKS schemes, as well as revisit its related notions (including consistency of PEKS schemes, robustness and collision-freeness of IBE schemes), which may be of independent interest.

Chuting Tan,Zoe L. jiang,Xuan Wang,S. M. Yiu,Junbin Fang,Jin Li,Yabin Jin,Jiajun Huang

DOI: https://doi.org/10.1145/2897845.2897919

2016-01-01

Abstract:There is an increasing trend for data owners to store their data in a third-party cloud server and buy the service from the cloud server to provide information to other users. To ensure confidentiality, the data is usually encrypted. Therefore, an encrypted data searching scheme with privacy preserving is of paramount importance. Predicate encryption (PE) is one of the attractive solutions due to its attribute-hiding merit. However, as cloud is not always trusted, verifying the searched results is also crucial. Firstly, a generic construction of Publicly Verifiable Predicate Encryption (PVPE) scheme is proposed to provide verification for PE. We reduce the security of PVPE to the security of PE. However, from practical point of view, to decrease the communication overhead and computation overhead, an improved PVPE is proposed with the trade-off of a small probability of error.

Zhaohui Cheng,Liqun Chen,Li Ling,Richard Comley

DOI: https://doi.org/10.1007/978-3-540-73489-5_6

2007-01-01

Abstract:In 2003, Al-Riyami and Paterson introduced a new public key encryption paradigm called Certificateless Public Key Encryption (CL-PKE), which like Identity-Based Encryption (IBE) is certificatefree, and meanwhile which unlike IBE but similar to certificate-based encryption is key-escrow-free. In this paper, based on a heuristic observation on some existing IBE schemes and PKE schemes, we propose a general approach to build a CL-PKE solution, which makes use of a simple combination of an IBE scheme, a Diffie-Hellman type key establishment algorithm and a secure hash-function. Following this approach we construct two efficient concrete CL-PKE schemes and formally analyse their security in the random oracle model.

Abdalla Hadabi,Zheng Qu,Rashad Elhabob,Sachin Kumar,Saru Kumari,Hu Xiong

DOI: https://doi.org/10.1002/ett.4990

IF: 3.6

2024-01-01

Transactions on Emerging Telecommunications Technologies

Abstract:Many different sectors are beginning to deploy cyber-physical systems (CPS) and industrial Internet of Things (IIoT) devices, including wearables, sensors, and critical infrastructure. In order to ensure that the device's data remains confidential, it must be encrypted prior to transmission. However, obtaining authenticity and integrity in IIoT data is also crucial, and signcryption has been proposed as a solution to this challenge. An additional obstacle is how to search for signcrypted cloud data using plaintext keywords. In this paper, we suggest a plaintext-checkable identity-based signcryption for CPS towards IIoT (IBSC-PCE), which enables plaintext searching of signcrypted cloud-based data. We provide both confidentiality and integrity and also demonstrate the security of our approach under the q-Diffie-Hellman inversion problem (q-DHIP). This problem has been shown to be secure in the random oracle model (ROM), which further reinforces the robustness of our approach. Compared to current state-of-the-art methods, our proposed approach outperforms them. The IBSC-PCE scheme is founded on an identity-based setup, enabling authorized users to query signcrypted data using plaintext keywords. Security is ensured by achieving EUF-CMA security and Unlinkability, and it is more efficient for CPS deployments within IIoT settings compared to existing literature. image

Shi-Feng Sun,Udaya Parampalli,Tsz Hon Yuen,Yu,Dawu Gu

DOI: https://doi.org/10.1145/2897845.2897921

2016-01-01

Abstract:Non-malleability is an important and intensively studied security notion for many cryptographic primitives. In the context of public key encryption, this notion means it is infeasible for an adversary to transform an encryption of some message m into one of a related message m' under the given public key. Although it has provided a strong security property for many applications, it still does not suffice for some scenarios like the system where the users could issue keys on-the-fly. In such settings, the adversary may have the power to transform the given public key and the ciphertext. To withstand such attacks, Fischlin introduced a stronger notion, known as complete non-malleability, which requires that the non-malleability property be preserved even for the adversaries attempting to produce a ciphertext of some related message under the transformed public key. To date, many schemes satisfying this stronger security have been proposed, but they are either inefficient or proved secure in the random oracle model. In this work, we put forward a new encryption scheme in the common reference string model. Based on the standard DBDH assumption, the proposed scheme is proved completely non-malleable secure against adaptive chosen ciphertext attacks in the standard model. In our scheme, the well-formed public keys and ciphertexts could be publicly recognized without drawing support from unwieldy techniques like non-interactive zero knowledge proofs or one-time signatures, thus achieving a better performance.

Xiangyu Pan,Fagen Li

DOI: https://doi.org/10.1016/j.sysarc.2021.102075

IF: 5.836

2021-01-01

Journal of Systems Architecture

Abstract:The notion of Public-key Encryption with Keyword Search (PEKS) was first proposed by Boneh et al. in 2004. However, almost all PEKS schemes cannot resist offline Keyword Guessing Attacks (KGA). To address this issue, Huang and Li introduced the notion of Public-key Authenticated Encryption with Keyword Search (PAEKS) in 2017. Recently, Qin et al. put forward a new security model named Multi-Ciphertext Indistinguishability (MCI), in which an adversary aims to distinguish two tuples of ciphertexts. They found that Huang and Li’s scheme cannot achieve MCI-security, so they proposed a new scheme which is able to achieve MCI-security. Furthermore, Qin et al. referred to another security model named Multi-Trapdoor Indistinguishability (MTI). They stated that the future work direction is to design a scheme which can achieve both MCI-security and MTI-security. In this paper, we present a new PAEKS scheme and prove that it is capable of achieving MCI-security and MTI-security simultaneously with the help of random oracles. Finally, we compare our scheme with other four related schemes using PBC library and provide experimental results. It turns out that our scheme achieves a higher security level with a little more cost.

Jingwei Lu,Hongbo Li,Jianye Huang,Sha Ma,Man Ho Allen Au,Qiong Huang

DOI: https://doi.org/10.3390/info14030142

2023-01-01

Information

Abstract:Transforming data into ciphertexts and storing them in the cloud database is a secure way to simplify data management. Public key encryption with keyword search (PEKS) is an important cryptographic primitive as it provides the ability to search for the desired files among ciphertexts. As a variant of PEKS, certificateless public key authenticated encryption with keyword search (CLPAEKS) not only simplifies certificate management but also could resist keyword guessing attacks (KGA). In this paper, we analyze the security models of two recent CLPAEKS schemes and find that they ignore the threat that, upon capturing two trapdoors, the adversary could directly compare them and distinguish whether they are generated using the same keyword. To cope with this threat, we propose an improved security model and define the notion of strong trapdoor indistinguishability. We then propose a new CLPAEKS scheme and prove it to be secure under the improved security model based on the intractability of the DBDH problem and the DDH problem in the targeted bilinear group.

Ziqing Wang,Jin Li,Xiaoguang Liu,Xinyan Wu,Fagen Li

DOI: https://doi.org/10.1007/s11235-024-01131-8

2024-03-31

Telecommunication Systems

Abstract:A public key encryption with keyword search (PEKS) scheme allows users to share encrypted data through cloud servers. However, an inside adversary may launch inside keyword guessing attack (IKGA) for a given trapdoor and guess the keyword. Public key authenticated encryption with keyword search (PAEKS) is a variant of PEKS scheme that can resist IKGA. Most PAEKS schemes cannot resist quantum attacks. To solve this problem, we propose two lattice-based PAEKS schemes under random oracle and standard model respectively. We also improve the security model of PAEKS and prove the security of our schemes under the improved model. The ciphertext and trapdoor sizes of our first scheme are about half of those of the existing lattice-based PAEKS scheme CM22, and the test phase computation overhead of our scheme is about 50.37% of CM22.

telecommunications

Yaojun Mao,Xingbing Fu,Chen Guo,Guohua Wu

DOI: https://doi.org/10.1002/ett.3531

IF: 3.6

2018-01-01

Transactions on Emerging Telecommunications Technologies

Abstract:Public key encryption With keyword search (PEKS) enables a cloud server (CS) to get the search trapdoor to identify ciphertext containing the target keyword without decrypting the ciphertext or knowing the target keyword. With the advent of mobile cloud computing, PEKS has ushered in an era of new development opportunities and new challenges. In mobile cloud computing environment, the PEKS schemes demand strict bounded timing response and security. However, traditional PEKS schemes rely on heavy bilinear pairing computations, which causes a delay from the CS to the mobile terminal. Moreover, as computing power increases, PEKS is more vulnerable to suffer from an inherent insecurity known as inside keyword guessing attack, which leaks user data query information. To achieve a secure and efficient searchable encryption scheme in the mobile cloud computing environment, we put forward a lattice‐based searchable encryption scheme that supports conjunctive keyword search. Our scheme achieves higher computational efficiency and is resistant against quantum attacks compared with traditional PEKS schemes. To further enhance security and make our scheme secure against keyword guessing attack, we hide the decryption parameters by outsourcing part of the decryption process to a semitrusted third party called unusual keyword server, so that the CS cannot guess the exact keyword by performing consistency verification.

Keita EMURA,Kaisei KAJITA,Go OHTAKE

DOI: https://doi.org/10.1587/transfun.2023dmp0003

2024-01-01

Abstract:As a multi-receiver variant of public key encryption with keyword search (PEKS), broadcast encryption with keyword search (BEKS) has been proposed (Attrapadung et al. at ASIACRYPT 2006/Chatterjee-Mukherjee at INDOCRYPT 2018). Unlike broadcast encryption, no receiver anonymity is considered because the test algorithm takes a set of receivers as input and thus a set of receivers needs to be contained in a ciphertext. In this paper, we propose a generic construction of BEKS from anonymous andweakly robust 3-level hierarchical identity-based encryption (HIBE). The proposed generic construction provides outsider anonymity, where an adversary is allowed to obtain secret keys of outsiders who do not belong to the challenge sets, and provides sublinear-size ciphertext in terms of the number of receivers. Moreover, the proposed construction considers security against chosen-ciphertext attack (CCA) where an adversary is allowed to access a test oracle in the searchable encryption context. The proposed generic construction can be seen as an extension to the Fazio-Perera generic construction of anonymous broadcast encryption (PKC 2012) from anonymous and weakly robust identity-based encryption (IBE) and the Boneh et al. generic construction of PEKS (EUROCRYPT 2004) from anonymous IBE.We run the Fazio-Perera construction employs on the first-level identity and run the Boneh et al. generic construction on the second-level identity, i.e., a keyword is regarded as a second-level identity. The third-level identity is used for providing CCA security by employing one-time signatures. We also introduce weak robustness in the HIBE setting, and demonstrate that the Abdalla et al. generic transformation (TCC 2010/JoC 2018) for providing weak robustness to IBE works for HIBE with an appropriate parameter setting. We also explicitly introduce attractive concrete instantiations of the proposed generic construction from pairings and lattices, respectively.

computer science, information systems,engineering, electrical & electronic, hardware & architecture

Yao Lu,Rui Zhang,Dongdai Lin

DOI: https://doi.org/10.1007/978-3-642-36334-4_5

2013-01-01

Abstract:In CT-RSA 2010, Yang et al. suggested a new category of probabilistic public-key encryption (PKE) schemes, called public-key encryption with equality test (PKET), which supports searching on ciphertexts without decrypting them. Typical applications include management of encrypted data in an outsourced database. They presented a construction in bilinear groups, and proved that it is one-way against chosen ciphertext attack (OW-CCA) in the random oracle model. We argue that OW-CCA security may be too weak for database applications, because partial information leakage from the ciphertext is not considered in the model. In this paper, we revisit the security models for PKET, and introduce a number of new security definitions. To remark, the weakest of our definitions is still stronger than OW-CCA. We then investigate relations among these security definitions. Finally, to illustrate the usefulness of our definitions, we analyze the security of a PKET scheme [24], showing the scheme actually provides much stronger security than that was proven previously.

Qiong Huang,Hongbo Li

DOI: https://doi.org/10.1016/j.ins.2017.03.038

IF: 8.1

2017-01-01

Information Sciences

Abstract:How to efficiently search over encrypted data is an important and interesting problem in the cloud era. To solve it, Boneh et al. introduced the notion of public key encryption with keyword search (PEKS), in 2004. However, in almost all the PEKS schemes an inside adversary may recover the keyword from a given trapdoor by exhaustively guessing the keywords offline. How to resist the inside keyword guessing attack in PEKS remains a hard problem. In this paper we propose introduce the notion of Public-key Authenticated Encryption with Keyword Search (PAEKS) to solve the problem, in which the data sender not only encrypts a keyword, but also authenticates it, so that a verifier would be convinced that the encrypted keyword can only be generated by the sender. We propose a concrete and efficient construction of PAEKS, and prove its security based on simple and static assumptions in the random oracle model under the given security models. Experimental results show that our scheme enjoys a comparable efficiency with Boneh et al.’s scheme.

Haorui Du,Jianhua Chen,Ming Chen,Cong Peng,Debiao He

DOI: https://doi.org/10.1155/2022/2336685

2022-10-21

Wireless Communications and Mobile Computing

Abstract:Outsourcing data to cloud services is a good solution for users with limited computing resources. Privacy and confidentiality of data is jeopardized when data is transferred and shared in the cloud. The development of searchable cryptography offers the possibility to solve these problems. Symmetric searchable encryption (SSE) is popular among researchers because it is efficient and secure. SSE often requires the data sender and data receiver to use the same key to generate key ciphertext and trapdoor, which will obviously cause the problem of key management. Searchable encryption based on public key can simplify the key management problem. A public key encryption scheme with keyword search (PEKS) allows multiple senders to encrypt keywords under the receiver's public key. It is vulnerable to keyword guessing attacks (KGA) due to the small size of the keywords. The proposal of public key authenticated encryption with keyword search (PAEKS) is mainly to resist inside keyword guessing attacks. The previous security models do not involve the indistinguishability of the same keywords ( w 0 × × = w 1 ), which brings the user's search pattern easy to leak. The essential reason is that the trapdoor generation algorithm is deterministic. At the same time, most of the existing schemes use bilinear pair design, which greatly reduces the efficiency of the scheme. To address these problems, the paper introduces an improved PAEKS model. We design a lightweight public key authentication encryption scheme based on the Diffie-Hellman protocol. Then, we prove the ciphertext indistinguishability security and trapdoor indistinguishability security of the scheme in the improved security model. Finally, the paper demonstrates its comparable security and computational efficiency by comparing it with previous PAEKS schemes. Meanwhile, we conduct an experimental evaluation based on the cryptographic library. Experimental results show that the computational overhead of our scheme compared with the ciphertext generation algorithm, trapdoor generation algorithm and test algorithm of other schemes Our scheme reduces 274, 158 and 60 times, respectively.

computer science, information systems,telecommunications,engineering, electrical & electronic

Hao-Miao Yang,Er-Wen Jin,Chang-Zhong Liu,Hong-gang Wu

DOI: https://doi.org/10.1109/imccc.2011.228

2011-01-01

Abstract:The model of public key encryption with keyword search (PEKS) proposed by Boneh et al. enables one to search encrypted keywords without revealing any information on the data. Baek et al. proposed an enhanced model called secure channel-free PEKS (SCF-PEKS) to removes the costly secure channel. However, most of the presented SCF-PEKS schemes were proved secure in the random oracle model. In 2009, Fang et al. presented a SCF-PEKS scheme without random oracles. But the scheme requires a strong and complicated assumption. In this paper, we propose a SCF-PEKS scheme that is under simple assumption in the standard model.

Yijuan Shi,Jianhua Li

2005-01-01

Abstract:Certificateless public key cryptography was introduced to overcome the key escrow limitation of the identity-based cryptography. It combines the advantages of the identity-based cryptography and the traditional PKI. Recently, Dae Hyun Yum1 and Pil Joong Lee have pro- posed a generic series construction model of certificateless public key en- cryption (CL-PKE) which is built from generic primitives: identity-based encryption and public key encryption. However, this model pays much attention on the generic construction and neglects the nice properties of the bilinear pairings. In this paper, we propose an efficient CL-PKE scheme which is based on the nice algebraic properties of Weil pairing. The scheme works in a kind of parallel model and it is more efficient on computation or published public key information than the existing schemes.