Designated-server identity-based authenticated encryption with keyword search for encrypted emails
In encrypted email system, how to search over encrypted cloud emails without decryption is an important and practical problem. Public key encryption with keyword search (PEKS) is an efficient solution to it. However, PEKS suffers from the complex key management problem in the public key infrastructu...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2019
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/7291 https://ink.library.smu.edu.sg/context/sis_research/article/8294/viewcontent/1_s2.0_S0020025519300052_main.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-8294 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-82942022-09-29T07:42:56Z Designated-server identity-based authenticated encryption with keyword search for encrypted emails LI, Hongbo HUANG, Qiong SHEN, Jian YANG, Guomin SUSILO, Willy In encrypted email system, how to search over encrypted cloud emails without decryption is an important and practical problem. Public key encryption with keyword search (PEKS) is an efficient solution to it. However, PEKS suffers from the complex key management problem in the public key infrastructure. Its variant in the identity-based setting addresses the drawback, however, almost all the schemes does not resist against offline keyword guessing attacks (KGA) by inside adversaries. In this work we introduce the notion of designated-server identity-based authenticated encryption with keyword search (dIBAEKS), in which the email sender authenticates the message while encrypting so that no adversary including the server can launch offline KGA. Furthermore, we strengthen the security requirement so that only the designated server has the capability to search over encrypted emails for receivers. We formally define dIBAEKS and its security models, and propose two dIBAEKS constructions using Type-I and Type-III bilinear pairing, respectively. We compare our schemes with some related IBEKS schemes in the literature, and do experiments to demonstrate its efficiency. Although they are slightly less computationally efficient than but still comparable with the related schemes, our schemes provide stronger security guarantee and better protect users' privacy. (C) 2019 Elsevier Inc. All rights reserved. 2019-05-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/7291 info:doi/10.1016/j.ins.2019.01.004 https://ink.library.smu.edu.sg/context/sis_research/article/8294/viewcontent/1_s2.0_S0020025519300052_main.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Encrypted email system Public key encryption Identity based encryption Inside keyword guessing attacks Data Storage Systems Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Encrypted email system Public key encryption Identity based encryption Inside keyword guessing attacks Data Storage Systems Information Security |
| spellingShingle |
Encrypted email system Public key encryption Identity based encryption Inside keyword guessing attacks Data Storage Systems Information Security LI, Hongbo HUANG, Qiong SHEN, Jian YANG, Guomin SUSILO, Willy Designated-server identity-based authenticated encryption with keyword search for encrypted emails |
| description |
In encrypted email system, how to search over encrypted cloud emails without decryption is an important and practical problem. Public key encryption with keyword search (PEKS) is an efficient solution to it. However, PEKS suffers from the complex key management problem in the public key infrastructure. Its variant in the identity-based setting addresses the drawback, however, almost all the schemes does not resist against offline keyword guessing attacks (KGA) by inside adversaries. In this work we introduce the notion of designated-server identity-based authenticated encryption with keyword search (dIBAEKS), in which the email sender authenticates the message while encrypting so that no adversary including the server can launch offline KGA. Furthermore, we strengthen the security requirement so that only the designated server has the capability to search over encrypted emails for receivers. We formally define dIBAEKS and its security models, and propose two dIBAEKS constructions using Type-I and Type-III bilinear pairing, respectively. We compare our schemes with some related IBEKS schemes in the literature, and do experiments to demonstrate its efficiency. Although they are slightly less computationally efficient than but still comparable with the related schemes, our schemes provide stronger security guarantee and better protect users' privacy. (C) 2019 Elsevier Inc. All rights reserved. |
| format |
text |
| author |
LI, Hongbo HUANG, Qiong SHEN, Jian YANG, Guomin SUSILO, Willy |
| author_facet |
LI, Hongbo HUANG, Qiong SHEN, Jian YANG, Guomin SUSILO, Willy |
| author_sort |
LI, Hongbo |
| title |
Designated-server identity-based authenticated encryption with keyword search for encrypted emails |
| title_short |
Designated-server identity-based authenticated encryption with keyword search for encrypted emails |
| title_full |
Designated-server identity-based authenticated encryption with keyword search for encrypted emails |
| title_fullStr |
Designated-server identity-based authenticated encryption with keyword search for encrypted emails |
| title_full_unstemmed |
Designated-server identity-based authenticated encryption with keyword search for encrypted emails |
| title_sort |
designated-server identity-based authenticated encryption with keyword search for encrypted emails |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2019 |
| url |
https://ink.library.smu.edu.sg/sis_research/7291 https://ink.library.smu.edu.sg/context/sis_research/article/8294/viewcontent/1_s2.0_S0020025519300052_main.pdf |
| _version_ |
1770576305178279936 |