Skip to main content
placeholder image

Server-aided public key encryption with keyword search

Journal Article


Abstract


  • © 2005-2012 IEEE.Public key encryption with keyword search (PEKS) is a well-known cryptographic primitive for secure searchable data encryption in cloud storage. Unfortunately, it is inherently subject to the (inside) offline keyword guessing attack (KGA), which is against the data privacy of users. Existing countermeasures for dealing with this security issue mainly suffer from low efficiency and are impractical for real applications. In this paper, we provide a practical and applicable treatment on this security vulnerability by formalizing a new PEKS system named server-aided public key encryption with keyword search (SA-PEKS). In SA-PEKS, to generate the keyword ciphertext/trapdoor, the user needs to query a semitrusted third-party called keyword server (KS) by running an authentication protocol, and hence, security against the offline KGA can be obtained. We then introduce a universal transformation from any PEKS scheme to a secure SA-PEKS scheme using the deterministic blind signature. To illustrate its feasibility, we present the first instantiation of SA-PEKS scheme by utilizing the Full Domain Hash RSA signature and the PEKS scheme proposed by Boneh et al. in Eurocrypt 2004. Finally, we describe how to securely implement the client-KS protocol with a rate-limiting mechanism against online KGA and evaluate the performance of our solutions in experiments.

Authors


  •   Chen, Rongmao (external author)
  •   Mu, Yi (external author)
  •   Yang, Guomin
  •   Guo, Fuchun
  •   Huang, Xinyi (external author)
  •   Wang, Xiaofen (external author)
  •   Wang, Yongjun (external author)

Publication Date


  • 2016

Citation


  • Chen, R., Mu, Y., Yang, G., Guo, F., Huang, X., Wang, X. & Wang, Y. (2016). Server-aided public key encryption with keyword search. IEEE Transactions on Information Forensics and Security, 11 (12), 2833-2842.

Scopus Eid


  • 2-s2.0-84994891036

Ro Metadata Url


  • http://ro.uow.edu.au/eispapers/6475

Has Global Citation Frequency


Number Of Pages


  • 9

Start Page


  • 2833

End Page


  • 2842

Volume


  • 11

Issue


  • 12

Place Of Publication


  • United States

Abstract


  • © 2005-2012 IEEE.Public key encryption with keyword search (PEKS) is a well-known cryptographic primitive for secure searchable data encryption in cloud storage. Unfortunately, it is inherently subject to the (inside) offline keyword guessing attack (KGA), which is against the data privacy of users. Existing countermeasures for dealing with this security issue mainly suffer from low efficiency and are impractical for real applications. In this paper, we provide a practical and applicable treatment on this security vulnerability by formalizing a new PEKS system named server-aided public key encryption with keyword search (SA-PEKS). In SA-PEKS, to generate the keyword ciphertext/trapdoor, the user needs to query a semitrusted third-party called keyword server (KS) by running an authentication protocol, and hence, security against the offline KGA can be obtained. We then introduce a universal transformation from any PEKS scheme to a secure SA-PEKS scheme using the deterministic blind signature. To illustrate its feasibility, we present the first instantiation of SA-PEKS scheme by utilizing the Full Domain Hash RSA signature and the PEKS scheme proposed by Boneh et al. in Eurocrypt 2004. Finally, we describe how to securely implement the client-KS protocol with a rate-limiting mechanism against online KGA and evaluate the performance of our solutions in experiments.

Authors


  •   Chen, Rongmao (external author)
  •   Mu, Yi (external author)
  •   Yang, Guomin
  •   Guo, Fuchun
  •   Huang, Xinyi (external author)
  •   Wang, Xiaofen (external author)
  •   Wang, Yongjun (external author)

Publication Date


  • 2016

Citation


  • Chen, R., Mu, Y., Yang, G., Guo, F., Huang, X., Wang, X. & Wang, Y. (2016). Server-aided public key encryption with keyword search. IEEE Transactions on Information Forensics and Security, 11 (12), 2833-2842.

Scopus Eid


  • 2-s2.0-84994891036

Ro Metadata Url


  • http://ro.uow.edu.au/eispapers/6475

Has Global Citation Frequency


Number Of Pages


  • 9

Start Page


  • 2833

End Page


  • 2842

Volume


  • 11

Issue


  • 12

Place Of Publication


  • United States