Fucai Luo,Haiyan Wang,Changlu Lin,Xingfu Yan

DOI: https://doi.org/10.1109/tifs.2023.3301740

IF: 7.231

2023-08-19

IEEE Transactions on Information Forensics and Security

Abstract:The widespread adoption of cloud computing and the exponential growth of data highlight the need for secure data sharing and querying. Attribute-based keyword search (ABKS) has emerged as an efficient means of searching encrypted data stored in the cloud. However, existing ABKS schemes incur high end-to-end delay and are vulnerable to quantum computer attacks and/or (insider) keyword guessing attacks (KGA). To address these vulnerabilities, this paper introduces a new concept called attribute-based authenticated encryption with keyword search (ABAEKS) and proposes an efficient ABAEKS scheme. Our ABAEKS has low end-to-end delay, and is resistant to both quantum computer attacks and (insider) KGA. In addition, we formalize the security model of ABAEKS system and prove its security in the random oracle model. Finally, we conduct a comprehensive performance evaluation of ABAEKS, and the experimental results show that our ABAEKS is computationally efficient and outperforms current state-of-the-art ABKS schemes.

computer science, theory & methods,engineering, electrical & electronic

Ye Li,Mengen Xiong,Junling Yuan,Qikun Zhang,Hongfei Zhu

DOI: https://doi.org/10.3390/electronics13163236

IF: 2.9

2024-08-16

Electronics

Abstract:In edge–cloud collaboration scenarios, data sharing is a critical technological tool, yet smart devices encounter significant challenges in ensuring data-sharing security. Attribute-based keyword search (ABKS) is employed in these contexts to facilitate fine-grained access control over shared data, allowing only users with the necessary privileges to retrieve keywords. The implementation of secure data sharing is threatened since most of the current ABKS protocols cannot resist keyword guessing attacks (KGAs), which can be launched by an untrusted cloud server and result in the exposure of sensitive personal information. Using attribute-based encryption (ABE) as the foundation, we build a secure data exchange paradigm that resists KGAs in this work. In our paper, we provide a secure data-sharing framework that resists KGAs and uses ABE as the foundation to achieve fine-grained access control to resources in the ciphertext. To avoid malicious guessing of keywords by the cloud server, the edge layer computes two encryption session keys based on group key agreement (GKA) technology, which are used to re-encrypt the data user's secret key of the keyword index and keyword trapdoor. The model is implemented using the JPBC library. According to the security analysis, the model can resist KGAs in the random oracle model. The model's performance examination demonstrates its feasibility and lightweight nature, its large computing advantages, and lower storage consumption.

engineering, electrical & electronic,computer science, information systems,physics, applied

Jianfei Sun,Hu Xiong,Xuyun Nie,Yinghui Zhang,Pengfei Wu

DOI: https://doi.org/10.1109/tdsc.2019.2953744

2021-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Recently in the IEEE Transactions on Dependable and Secure Computing (doi: 10.1109/TDSC.2019.28976752019), Miao et al. proposed a novel construction of Privacy-Preserving Attribute-Based Keyword Search in Shared Multi-owner Setting (ABKS-SM), which can delegate keyword search tasks to cloud server provider (CSP) without revealing any useful information. Although the authors claimed that the offline keyword guessing attacks can be resisted in ABKS-SM scheme, we show that this scheme indeed suffers from four types of offline keyword guessing attacks and hence fails to gain the claimed security property, which is an important goal to be achieved in searchable encryption schemes. Specifically, given the concrete attacks, we demonstrate that the underlying keyword information can be extracted from both encrypted keyword indexes and trapdoors by any malicious user and any adversarial CSP. We hope that the similar security vulnerabilities could be avoided in the future design of related searchable encryption schemes.

computer science, information systems, software engineering, hardware & architecture

Haijiang Wang,Xiaolei Dong,Zhenfu Cao,Dongmei Li

DOI: https://doi.org/10.1093/comjnl/bxy031

2018-01-01

The Computer Journal

Abstract:Attribute-based encryption with keyword search (ABKS) is a system that supports keyword search and access control. By inheriting from attribute-based encryption technology, most current ABKS schemes incur large computation costs in encryption phase and keyword search phase. In a typical implementation, the size of ciphertext is proportional to the number of attributes associated with the access policy, so that the keyword search time and the decryption time are proportional to the number of attributes used in the access policy. To deal with the above problem, we present a new ciphertext-policy attribute-based encryption with fast keyword search scheme. Our scheme preserves the fine-grained access control inherited from the ABE system while supporting hidden policy and fast keyword search. In particular, the proposed scheme can efficiently support AND-gate access policy with multiple attribute values. Moreover, our scheme features multi-value-independent which have constant computation costs compared with the existing ABKS schemes. With the "aggregation" technique, the keyword search phase only needs three pairings, which is a great advantage over previous ABKS schemes. We offer rigorous security proof of our scheme, and the performance analysis demonstrates the efficiency of our scheme.

Kai Zhang,Zhe Jiang,Jianting Ning,Xinyi Huang

DOI: https://doi.org/10.1109/tifs.2022.3172627

IF: 7.231

2022-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Secure cloud search service allows resource-constrained clients to effectively search over encrypted cloud storage. Towards enabling owner-enforced search authorization, the notion of attribute-based keyword search (ABKS) has been introduced and widely deployed in practice. To enhance traditional security of ABKS, two state-of-the-art solutions are presented to address keyword guessing attacks or setup inconsistency for secret key. Nevertheless, they have not simultaneously considered the following threats to a data user: (i) inconsistent secret key/cipher-index caused by outside dishonest authority and/or data owner; (ii) algorithm substitution attacks (ASA) launched by inside adversarial eavesdropping. These attacks may unfortunately lead to cloud data breach and user information exposure. To tackle such outside and inside threats, we introduce subversion-resistance and consistency for secure and fine-grained cloud document search services. In particular, we propose a consistent ABKS system with cryptographic reverse firewalls (CRF). Technically, we refer to verifiable functional encryption and employ non-interactive zero-knowledge proofs of discrete logarithm equality to ensure strong input consistency for ABKS. In addition, we build a trusted CRF zone for sanitizing algorithm outputs against ASA attacks. Moreover, we formalize the security model and formally prove security of our system. To clarify practical performance, we implement state-of-the-art solutions and our system in real cloud environment based on Enron dataset. The results show that our system achieves more enhanced security properties without obviously sacrificing performance. In particular, our system achieves comparable time and storage cost for document-index encryption and document search, as compared to state-of-the-art solutions.

Cong Li,Xinyu Feng,Qingni Shen,Zhonghai Wu

DOI: https://doi.org/10.1109/tdsc.2023.3346795

2024-01-01

Abstract:Nearly all of the previous attribute-based proxy re-encryption (ABPRE) schemes cannot support keyword search and keyword updating without the aid of private key generator (PKG) simultaneously. To resolve this problem, recently in IEEE Transactions on Dependable and Secure Computing (doi: 10.1109/TDSC.2020.2963978), Ge et al. proposed a ciphertext-policy ABPRE scheme with keyword search, dubbed CPAB-KSDS, which supports keyword updating without communicating with PKG. It also achieves indistinguishability against chosen-ciphertext attack (IND-CCA) security and indistinguishability against chosen-keyword attack (INDCKA) security in the random oracle model. In this paper, we carefully analyze the security of Ge et al.’s CPAB-KSDS scheme and find that they did not give a correct reduction from IND-CKA security of theirs to the underlying cryptographic assumption. Furthermore, we also give a concrete attack on IND-CKA security of the CPAB-KSDS scheme. Therefore, it fails to achieve IND-CKA security they claimed, which is an essential security requirement for the encryption scheme with keyword search.

Jingwei Lu,Hongbo Li,Jianye Huang,Sha Ma,Man Ho Allen Au,Qiong Huang

DOI: https://doi.org/10.3390/info14030142

2023-01-01

Information

Abstract:Transforming data into ciphertexts and storing them in the cloud database is a secure way to simplify data management. Public key encryption with keyword search (PEKS) is an important cryptographic primitive as it provides the ability to search for the desired files among ciphertexts. As a variant of PEKS, certificateless public key authenticated encryption with keyword search (CLPAEKS) not only simplifies certificate management but also could resist keyword guessing attacks (KGA). In this paper, we analyze the security models of two recent CLPAEKS schemes and find that they ignore the threat that, upon capturing two trapdoors, the adversary could directly compare them and distinguish whether they are generated using the same keyword. To cope with this threat, we propose an improved security model and define the notion of strong trapdoor indistinguishability. We then propose a new CLPAEKS scheme and prove it to be secure under the improved security model based on the intractability of the DBDH problem and the DDH problem in the targeted bilinear group.

Mohammed Raouf Senouci,Ilyas Benkhaddra,Abdelkader Senouci,Fagen Li

DOI: https://doi.org/10.1016/j.sysarc.2021.102271

IF: 5.836

2021-01-01

Journal of Systems Architecture

Abstract:As the wave of data breaches continues crashing down on companies, specially for companies that provide cloud storage services, the data security and privacy have become the main concern of most clients that use this kind of services. Certificateless public key encryption with keyword search (CLPEKS) is a novel cryptographic primitives that if implemented correctly, provides the possibility to search over an encrypted data that has been outsourced to the cloud server, while guaranteeing the privacy of the search-keyword used in the process. Several CLPEKS schemes have been presented in the literature, but many of them are found vulnerable to offline/online keyword guessing attacks either performed by inside attackers, outside attackers or by both. To overcome these security weaknesses, we propose an efficient and secure certificateless searchable encryption scheme that is proven to be resistant against different keyword guessing attacks under both, the hardness of solving the discrete logarithm (DL) and the computational Diffie-Hellman (CDH) problems in the random oracle model. Then, by conducting a comprehensive comparison between our proposed scheme and other related schemes, we found that the proposed scheme has better overall performance in terms of communication and computation complexities, while guaranteeing security against online and offline KGA performed by either outside attackers or inside attacker.

Lixue Sun,Chunxiang Xu

DOI: https://doi.org/10.1109/compcomm.2017.8322780

2017-01-01

Abstract:Attribute-based encryption with keyword search (ABKS) enables data owners to delegate the keyword search ability to other users complying with the specified access control policy. However, most existing ABKS schemes cannot guarantee the privacy of the access structures, which may contain sensitive information. Furthermore, current ABKS schemes are designed for single-keyword searches, which may affect the user's experience in practical application. To solve these problems, we propose a novel primitive named hidden policy ciphertext-policy attribute based encryption with conjunctive keyword search (HP-CPABCK). In addition to supporting conjunctive keyword search, HP-CPABCK makes the data user learn nothing about the access structure if his/her attribute cannot satisfy the access control policy specified by the data owner. Moreover, the data owner designates a server to perform the test operation in HP-CPABCK to resist off-line keyword guessing attacks. We formulate a security model for the proposed HP-CPABCK scheme, and show its security in the standard model. Finally, the performance evaluation demonstrate the applicability of our scheme.

Caihui Lan,Haifeng Li,Caifen Wang,Xiaodong Yang,Hailong Yao

DOI: https://doi.org/10.1016/j.csi.2024.103852

IF: 3.721

2024-03-18

Computer Standards & Interfaces

Abstract:Key-Aggregate Searchable (KASE) can enable a data owner to delegate search rights over a set of data files to multiple users through a single aggregated authorization key in multi-user data sharing environments. Despite the elegance of the KASE concept, designing a KASE scheme that simultaneously prevents authorization from being abused and resists offline keyword guessing attacks is a formidable challenge. To respond the challenge, we propose a secure Key Aggregation Keyword Searchable Encryption against Keyword Guessing Attack and Authorization Abuse (KASE-AKA) scheme. Compared with existing KASE schemes, our KASE-AKA scheme has the following merits: (1) supporting dynamic update of user data search right through a user data search right list maintained by the semi-trust cloud server. (2) preventing the authorization from being abused since the authorization key (aggregate key) associates the user's public key, a subset of access rights, and a common secret value that only the cloud and data owner can collaboratively generate. (3) providing resistance against offline keyword guessing attacks. Correctness proof, security analysis and performance evaluation demonstrate that the proposed KASE-AKA scheme is provably secure, highly efficient and more feasible in practical application scenarios.

computer science, software engineering, hardware & architecture

Yinbin Miao,Robert H. Deng,Kim-Kwang Raymond Choo,Ximeng Liu,Jianting Ning,Hongwei Li

DOI: https://doi.org/10.1109/TDSC.2019.2940573

2021-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Ciphertext-Policy Attribute-Based Keyword Search (CP-ABKS) schemes support both fine-grained access control and keyword-based ciphertext retrieval, which make these schemes attractive for resource-constrained users (i.e., mobile or wearable devices, sensor nodes, etc.) to store, share and search encrypted data in the public cloud. However, ciphertext length and decryption overhead in the existing CP-ABKS schemes grow with the complexity of access policies or the number of data users' attributes. Moreover, such schemes generally do not consider the practical multi-owner setting (e.g., each file needs to be signed by multiple data owners before being uploaded to the cloud server) or prevent malicious cloud servers from returning incorrect search results. To overcome these limitations, in this paper we first design an optimized Verifiable Fine-grained Keyword Search scheme in the static Multi-owner setting (termed as basic VFKSM), which achieves short ciphertext length, fast ciphertext transformation, accelerated search process, and authentic search result verification. Then, we extend the basic VFKSM to support multi-keyword search and multi-owner update (also called as extended VFKSM). Finally, we prove that the basic (or extended) VFKSM resists the Chosen-Keyword Attack (CKA) and external Keyword-Guessing Attack (KGA). We also evaluate the performance of these schemes using various public datasets.

Yaojun Mao,Xingbing Fu,Chen Guo,Guohua Wu

DOI: https://doi.org/10.1002/ett.3531

IF: 3.6

2018-01-01

Transactions on Emerging Telecommunications Technologies

Abstract:Public key encryption With keyword search (PEKS) enables a cloud server (CS) to get the search trapdoor to identify ciphertext containing the target keyword without decrypting the ciphertext or knowing the target keyword. With the advent of mobile cloud computing, PEKS has ushered in an era of new development opportunities and new challenges. In mobile cloud computing environment, the PEKS schemes demand strict bounded timing response and security. However, traditional PEKS schemes rely on heavy bilinear pairing computations, which causes a delay from the CS to the mobile terminal. Moreover, as computing power increases, PEKS is more vulnerable to suffer from an inherent insecurity known as inside keyword guessing attack, which leaks user data query information. To achieve a secure and efficient searchable encryption scheme in the mobile cloud computing environment, we put forward a lattice‐based searchable encryption scheme that supports conjunctive keyword search. Our scheme achieves higher computational efficiency and is resistant against quantum attacks compared with traditional PEKS schemes. To further enhance security and make our scheme secure against keyword guessing attack, we hide the decryption parameters by outsourcing part of the decryption process to a semitrusted third party called unusual keyword server, so that the CS cannot guess the exact keyword by performing consistency verification.

Qiong Huang,Hongbo Li

DOI: https://doi.org/10.1016/j.ins.2017.03.038

IF: 8.1

2017-01-01

Information Sciences

Abstract:How to efficiently search over encrypted data is an important and interesting problem in the cloud era. To solve it, Boneh et al. introduced the notion of public key encryption with keyword search (PEKS), in 2004. However, in almost all the PEKS schemes an inside adversary may recover the keyword from a given trapdoor by exhaustively guessing the keywords offline. How to resist the inside keyword guessing attack in PEKS remains a hard problem. In this paper we propose introduce the notion of Public-key Authenticated Encryption with Keyword Search (PAEKS) to solve the problem, in which the data sender not only encrypts a keyword, but also authenticates it, so that a verifier would be convinced that the encrypted keyword can only be generated by the sender. We propose a concrete and efficient construction of PAEKS, and prove its security based on simple and static assumptions in the random oracle model under the given security models. Experimental results show that our scheme enjoys a comparable efficiency with Boneh et al.’s scheme.

Axin Wu,Fagen Li,Xiangjun Xin,Yinghui Zhang,Jianhao Zhu

DOI: https://doi.org/10.1016/j.sysarc.2024.103104

IF: 5.836

2024-03-08

Journal of Systems Architecture

Abstract:Cloud storage offers data users relief from cumbersome management tasks and enhances overall efficiency. However, while it brings convenience, there is also the risk of privacy breaches. To address this, public-key encryption with keyword search (PEKE) presents a solution that balances efficiency, convenience, and security in the context of cloud storage. Nevertheless, PEKS is vulnerable to inside keyword guessing attacks and algorithm substitution attacks, posing a serious threat to its deployment. Cryptographic reverse firewall technique randomizes incoming messages to effectively defend against both types of attacks mentioned earlier through a gateway. However, this approach requires the gateway to store a random number for each keyword, increasing storage costs and potentially exposing keyword information. In response, we propose an improved scheme that inherits the remarkable properties of the method based on cryptographic reverse firewall. Additionally, the proposed scheme eliminates the need for gateways to store random numbers, reducing the management and storage burdens and supports multiple keywords for one document, a feature more aligned with real-world applications. Furthermore, we prove the security of the scheme, which achieves the same security goals as the existing scheme. Finally, we analyze the scheme s efficiency through theoretical analysis and performance evaluation, which demonstrates its efficiency.

computer science, software engineering, hardware & architecture

Run Xie,Chunxiang Xui,Fagen Li,Changlian He

DOI: https://doi.org/10.1109/compcomm.2016.7924693

2016-01-01

Abstract:With the improvement of awareness of data privacy, the user's sensitive data is usually encrypted before uploading them to the cloud. The searchable public-key encryption with keyword search provides an efficient mechanism to achieve the encrypted data retrieval without the complicated key management of symmetric encryption. Therefore, it is a critical technique on promoting secure and efficient cloud storage. Unfortunately, only one existing construction of ciphertext retrieval scheme is secure against inside keyword guessing attacks (KGA). In this paper, we build a framework to resist insider attacks. Additionally, we propose an efficient ciphertext retrieval with keyword search scheme with a designated tester (dCRKS), which is secure against inside keyword guessing attacks (KGA). Our security proof and performance analysis demonstrate that our scheme is practical for retrieval data stored in the cloud server.

Guiquan Yang,Sha Ma,Hongbo Li,Husheng Yang,Qiong Huang

DOI: https://doi.org/10.1007/978-981-97-0942-7_15

2024-01-01

Abstract:To efficiently and securely search encrypted files in cloud storage, Boneh et al. proposed the notion of Public Key Encryption with Keyword Search(PEKS) in 2004. However, original PEKS is susceptible to internal keyword guessing attacks(KGA) launched by server due to the limited keyword space. To resist this attack, Huang and Li introduced the notion of Public Key Authenticated Encryption with Keyword Search (PAEKS), which effectively resists KGA from server by additional authentication between the sender and receiver before encryption. Since both the sender and receiver can generate a common authentication key, a curious sender can use the authentication key to launch KGA, resulting in easily guessing keyword from a given trapdoor. To address this issue, we propose an improved security model for PAEKS that captures both offline KGA and online KGA launched by the curious sender. Then, we present a concrete Stronger Security Public Key Authenticated Encryption with Multi-keyword Search (S-PAEMKS) scheme, which not only supports multi-keyword search but also successfully counters KGA from curious senders. Finally, the experimental results show that our scheme achieves remarkable efficiency in the encryption phase and comparable efficiency in the trapdoor and testing phases.

Yuan Zhang,Chunxiang Xu,Jianbing Ni,Hongwei Li,Xuemin Sherman Shen

DOI: https://doi.org/10.1109/tcc.2019.2923222

IF: 5.697

2021-10-01

IEEE Transactions on Cloud Computing

Abstract:Cloud storage enables users to outsource data to storage servers and retrieve target data efficiently. Some of the outsourced data are very sensitive and should be prevented for any leakage. Generally, if users conventionally encrypt the data, searching is impeded. Public-key encryption with keyword search (PEKS) resolves this tension. Whereas, it is vulnerable to keyword guessing attacks (KGA), since keywords are low-entropy. In this paper, we present a secure PEKS scheme called SEPSE against KGA, where users encrypt keywords with the aid of dedicated key servers via a threshold and oblivious way. SEPSE supports key renewal to periodically replace an existing key with a new one on each key server to thwart the key compromise. Furthermore, SEPSE can efficiently resist online KGA, where each keyword request made by a user is integrated into a transaction on a public blockchain (e.g., Ethereum), which allows key servers to learn the number of keyword requests made by the user without requiring a synchronization between them for per-user rate limiting. Security analysis and performance evaluation demonstrate that SEPSE provides a stronger security guarantee compared with existing schemes, at the expense of acceptable computational costs.

computer science, information systems, theory & methods

Xu Yang,Qiuhao Wang,Saiyu Qi,Ke Li,Jianfeng Wang,Wenjia Zhao,Yong Qi

DOI: https://doi.org/10.1109/tnse.2024.3445343

IF: 6.6

2024-01-01

IEEE Transactions on Network Science and Engineering

Abstract:Data outsourcing is a key service of cloud computing. While data encryption ensures confidentiality, it limits the ability to search encrypted data. Recently, ciphertext-policy attribute-based keyword search(CP-ABKS)schemes, which combine symmetric searchable encryption (SSE) and ciphertext policy attribute-based encryption (CP-ABE), have gained attention. However, most CP-ABKS schemes depend on an independent key management server (KMS) for key distribution, risking key leakage if the KMS is compromised. Additionally, these schemes lack secure update operations and efficient search result verification. To address these issues, we propose VKSA, a verifiable encrypted keyword search scheme with authorization for cloud-based multi-client environments. VKSA features a novel policy-hidden index for proxy-free authorized searches, a state-based secure update strategy for forward and backward security, and a delegated search result verification mechanism to ensure efficient and privacy-preserving verification. We further optimize VKSA for improved computational and enclave-storage efficiency. Security analysis and experiments confirm the security and efficiency of our schemes.

Lixue Sun,Chunxiang Xu,Mingwu Zhang,Kefei Chen,Hongwei Li

DOI: https://doi.org/10.1007/s11432-017-9124-0

2017-01-01

Science China Information Sciences

Abstract:Public key encryption with keyword search (PEKS) enables one to search encrypted data containing some keyword without decrypting the data in public key setting.Boneh et al.[1] introduced the notion of PEKS,but later Byun et al.[2] showed the scheme in [1] is vulnerable to the outsider/insider kcyword guessing attacks (KGA).Many previous PEKS studies have tackled the problem of keyword privacy against outsider KGA,while how to ensure keyword privacy against insider KGA launched by an untrusted cloud sever receives little attention.Moreover,the majority of PEKS schemes assume that the cloud server is honest-but-curious.In other researches,the server will honestly execute the search protocol and only attempt to infer sensitive information about the users.However,it is not always the case in the real world.The cloud server may be malicious,which may not honestly perform the search operation.

Jie Zhao,Hejiao Huang,Yongliang Xu,Xiaojun Zhang,Hongwei Du,Chao Huang

DOI: https://doi.org/10.1016/j.tcs.2024.114895

IF: 1.002

2024-10-05

Theoretical Computer Science

Abstract:Cloud-assisted e-healthcare sharing systems (EHSSs) play an increasingly pivotal role in the contemporary healthcare field. By outsourcing electronic medical records (EMRs) to the cloud, hospitals can alleviate local storage and management burdens while facilitating data sharing. Due to the highly sensitive nature of EMRs, encryption is necessary before storing them on the cloud. Attribute-based keyword search (ABKS) enables the privacy protection of EMRs with efficient search services. However, there remain some limitations in practical application. Firstly, most ABKS schemes only support single keyword queries, resulting in inaccurate results and wastage of computing and bandwidth resources. Secondly, since sensitive information within EMRs is encrypted as a whole, different data users (including internal doctors and external researchers) should have varying access rights to prevent leakage of this sensitive information. Thirdly, incorrect search results could lead to misdiagnosis or endanger patients' lives and affect researchers' decision-making processes. To effectively tackle these challenges, this paper proposes a verifiable attribute-based multi-keyword search scheme with sensitive information hiding (VABMKS-SIH) for cloud-assisted EHSSs, where we present a secure model for multi-keyword search with two-level access structure by incorporating an improved blindness filtering technique into ciphertext-policy attribute-based encryption (CP-ABE) within existing keyword search framework. Our scheme employs a super-increasing sequence to aggregate multiple filtered data blocks into one unified ciphertext, thereby greatly reducing communication overhead during the transmission phases of ciphertext. To check the correctness of returned results, we introduce a lightweight algebraic signature algorithm based on fundamental algebraic operations. A security analysis demonstrates that VABMKS-SIH is provably secure under the random oracle mode. Additionally, we also evaluate the proposed scheme's performance to demonstrate its utility in cloud-assisted EHSSs.

computer science, theory & methods