Server-aided public key encryption with keyword search
Public key encryption with keyword search (PEKS) is a well-known cryptographic primitive for secure searchable data encryption in cloud storage. Unfortunately, it is inherently subject to the (inside) offline keyword guessing attack (KGA), which is against the data privacy of users. Existing counter...
Saved in:
| Main Authors: | , , , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2016
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/7359 https://ink.library.smu.edu.sg/context/sis_research/article/8362/viewcontent/Server_Aided_Public_Key_Encryption_With_Keyword_Search.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-8362 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-83622022-11-02T08:30:13Z Server-aided public key encryption with keyword search CHEN, Rongman MU, Yi YANG, Guomin GUO, Fuchun HUANG, Xinyi WANG, Xiaofen WANG, Yongjun Public key encryption with keyword search (PEKS) is a well-known cryptographic primitive for secure searchable data encryption in cloud storage. Unfortunately, it is inherently subject to the (inside) offline keyword guessing attack (KGA), which is against the data privacy of users. Existing countermeasures for dealing with this security issue mainly suffer from low efficiency and are impractical for real applications. In this paper, we provide a practical and applicable treatment on this security vulnerability by formalizing a new PEKS system named server-aided public key encryption with keyword search (SA-PEKS). In SA-PEKS, to generate the keyword ciphertext/trapdoor, the user needs to query a semitrusted third-party called keyword server (KS) by running an authentication protocol, and hence, security against the offline KGA can be obtained. We then introduce a universal transformation from any PEKS scheme to a secure SA-PEKS scheme using the deterministic blind signature. To illustrate its feasibility, we present the first instantiation of SA-PEKS scheme by utilizing the Full Domain Hash RSA signature and the PEKS scheme proposed by Boneh et al. in Eurocrypt 2004. Finally, we describe how to securely implement the client-KS protocol with a rate-limiting mechanism against online KGA and evaluate the performance of our solutions in experiments. 2016-12-01T08:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/7359 info:doi/10.1109/TIFS.2016.2599293 https://ink.library.smu.edu.sg/context/sis_research/article/8362/viewcontent/Server_Aided_Public_Key_Encryption_With_Keyword_Search.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University off-line keyword guessing attack Public key encryption with keyword search server-aided Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
off-line keyword guessing attack Public key encryption with keyword search server-aided Information Security |
| spellingShingle |
off-line keyword guessing attack Public key encryption with keyword search server-aided Information Security CHEN, Rongman MU, Yi YANG, Guomin GUO, Fuchun HUANG, Xinyi WANG, Xiaofen WANG, Yongjun Server-aided public key encryption with keyword search |
| description |
Public key encryption with keyword search (PEKS) is a well-known cryptographic primitive for secure searchable data encryption in cloud storage. Unfortunately, it is inherently subject to the (inside) offline keyword guessing attack (KGA), which is against the data privacy of users. Existing countermeasures for dealing with this security issue mainly suffer from low efficiency and are impractical for real applications. In this paper, we provide a practical and applicable treatment on this security vulnerability by formalizing a new PEKS system named server-aided public key encryption with keyword search (SA-PEKS). In SA-PEKS, to generate the keyword ciphertext/trapdoor, the user needs to query a semitrusted third-party called keyword server (KS) by running an authentication protocol, and hence, security against the offline KGA can be obtained. We then introduce a universal transformation from any PEKS scheme to a secure SA-PEKS scheme using the deterministic blind signature. To illustrate its feasibility, we present the first instantiation of SA-PEKS scheme by utilizing the Full Domain Hash RSA signature and the PEKS scheme proposed by Boneh et al. in Eurocrypt 2004. Finally, we describe how to securely implement the client-KS protocol with a rate-limiting mechanism against online KGA and evaluate the performance of our solutions in experiments. |
| format |
text |
| author |
CHEN, Rongman MU, Yi YANG, Guomin GUO, Fuchun HUANG, Xinyi WANG, Xiaofen WANG, Yongjun |
| author_facet |
CHEN, Rongman MU, Yi YANG, Guomin GUO, Fuchun HUANG, Xinyi WANG, Xiaofen WANG, Yongjun |
| author_sort |
CHEN, Rongman |
| title |
Server-aided public key encryption with keyword search |
| title_short |
Server-aided public key encryption with keyword search |
| title_full |
Server-aided public key encryption with keyword search |
| title_fullStr |
Server-aided public key encryption with keyword search |
| title_full_unstemmed |
Server-aided public key encryption with keyword search |
| title_sort |
server-aided public key encryption with keyword search |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2016 |
| url |
https://ink.library.smu.edu.sg/sis_research/7359 https://ink.library.smu.edu.sg/context/sis_research/article/8362/viewcontent/Server_Aided_Public_Key_Encryption_With_Keyword_Search.pdf |
| _version_ |
1770576319147409408 |