Publication Type
Journal Article
Version
publishedVersion
Publication Date
12-2016
Abstract
Public key encryption with keyword search (PEKS) is a well-known cryptographic primitive for secure searchable data encryption in cloud storage. Unfortunately, it is inherently subject to the (inside) offline keyword guessing attack (KGA), which is against the data privacy of users. Existing countermeasures for dealing with this security issue mainly suffer from low efficiency and are impractical for real applications. In this paper, we provide a practical and applicable treatment on this security vulnerability by formalizing a new PEKS system named server-aided public key encryption with keyword search (SA-PEKS). In SA-PEKS, to generate the keyword ciphertext/trapdoor, the user needs to query a semitrusted third-party called keyword server (KS) by running an authentication protocol, and hence, security against the offline KGA can be obtained. We then introduce a universal transformation from any PEKS scheme to a secure SA-PEKS scheme using the deterministic blind signature. To illustrate its feasibility, we present the first instantiation of SA-PEKS scheme by utilizing the Full Domain Hash RSA signature and the PEKS scheme proposed by Boneh et al. in Eurocrypt 2004. Finally, we describe how to securely implement the client-KS protocol with a rate-limiting mechanism against online KGA and evaluate the performance of our solutions in experiments.
Keywords
off-line keyword guessing attack, Public key encryption with keyword search, server-aided
Discipline
Information Security
Research Areas
Information Systems and Management
Publication
IEEE Transactions on Information Forensics and Security
Volume
11
Issue
12
First Page
2833
Last Page
2842
ISSN
1556-6013
Identifier
10.1109/TIFS.2016.2599293
Publisher
Institute of Electrical and Electronics Engineers
Citation
CHEN, Rongman; MU, Yi; YANG, Guomin; GUO, Fuchun; HUANG, Xinyi; WANG, Xiaofen; and WANG, Yongjun.
Server-aided public key encryption with keyword search. (2016). IEEE Transactions on Information Forensics and Security. 11, (12), 2833-2842.
Available at: https://ink.library.smu.edu.sg/sis_research/7359
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.
Additional URL
http://doi.org/10.1109/TIFS.2016.2599293