Abstract
Public key encryption with keyword search (PEKS), which was introduced by Boneh et al. at EUROCRYPT’ 04, is a breakthrough approach to searching encrypted data under a public key setting. In this cryptographic primitive, senders can generate searchable ciphertexts for specific keywords to be retrieved from a given document; receivers can generate corresponding trapdoors for search by using their private keys. Recently, Jiang et al. (ACISP’ 16) proposed an improved PEKS scheme called public key encryption with authorized keyword search (PEAKS); this scheme enables authorized users to generate trapdoors for specific sets of keywords even if these users do not have access to the private key. Unfortunately, authorized users cannot delegate this power to other unauthorized users because the authorization in PEAKS is insufficiently flexible; therefore, this scheme is not suitable for enterprise scenarios in general. In this work, we introduce a novel cryptographic primitive called public key encryption with hierarchical authorized keyword search (PEHAKS) to solve this problem. In contrast to PEAKS, the proposed primitive enables authorized users to further hierarchically delegate their power of generating trapdoors to unauthorized users. We formally define the system model of PEHAKS under a multikeyword setting, and the security requirements are designed to withstand attacks in a real scenario. Furthermore, we propose a provably secure scheme using the technique of dual pairing vector spaces and demonstrate that the scheme is secure under the hardness of the n-extended decisional Diffie–Hellman assumption. Therefore, the proposed scheme is secure and can be applied in scenarios that require hierarchical authorization. To the best of the authors’ knowledge, no PEKS variant schemes with this property have been previously designed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Abdalla, M.: Searchable encryption revisited: consistency properties, relation to anonymous IBE, and extensions. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 205–222. Springer, Heidelberg (2005). https://doi.org/10.1007/11535218_13
Abdalla, M., De Caro, A., Phan, D.H.: Generalized key delegation for wildcarded identity-based and inner-product encryption. IEEE Trans. Inf. Forensics Secur. 7(6), 1695–1706 (2012)
Abu-Libdeh, H., Princehouse, L., Weatherspoon, H.: RACS: a case for cloud storage diversity. In: ACM Symposium on Cloud Computing (2010)
Boneh, D., Crescenzo, G.D., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: EUROCRYPT (2004)
Chen, R., et al.: Server-aided public key encryption with keyword search. IEEE Trans. Inf. Forensics Secur. 11(12), 2833–2842 (2016)
Conway, J.H.: Atlas of Finite Groups: Maximal Subgroups and Ordinary Characters for Simple Groups. Oxford University Press (1985)
Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM J. Comput. 17(2), 281–308 (1988)
Hayes, B.: Cloud computing (2008)
Jiang, P., Mu, Y., Guo, F., Wen, Q.: Public key encryption with authorized keyword search. In: ACISP (2016)
Johnson, D., Menezes, A., Vanstone, S.: The elliptic curve digital signature algorithm (ECDSA). Int. J. Inf. Secur. 1(1), 36–63 (2001)
Lewko, A., Okamoto, T., Sahai, A., Takashima, K., Waters, B.: Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: EUROCRYPT (2010)
Liu, Z.Y., Tseng, Y.F., Tso, R., Chen, Y.C., Mambo, M.: Identity-certifying authority-aided identity-based searchable encryption framework in cloud systems. IEEE Syst. J. 16, 4629–4640 (2021)
Okamoto, T., Takashima, K.: Hierarchical predicate encryption for inner-products. In: EUROCRYPT (2009)
Okamoto, T., Takashima, K.: Fully secure functional encryption with general relations from the decisional linear assumption. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 191–208. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14623-7_11
Qian, L., Luo, Z., Du, Y., Guo, L.: Cloud computing: an overview. In: IEEE International Conference on Cloud Computing (2009)
Qin, B., Chen, Y., Huang, Q., Liu, X., Zheng, D.: Public-key authenticated encryption with keyword search revisited: Security model and constructions. Inf. Sci. 516, 515–528 (2020)
Wang, J., Chow, S.S.: Omnes pro uno: practical multi-writer encrypted database. In: USENIX Security (2022)
Wang, P., Chen, B., Xiang, T., Wang, Z.: Lattice-based public key searchable encryption with fine-grained access control for edge computing. Futur. Gener. Comput. Syst. 127, 373–383 (2022)
Wang, T., Quan, Y., Shen, X.S., Gadekallu, T.R., Wang, W., Dev, K.: A privacy-enhanced retrieval technology for the cloud-assisted internet of things. IEEE Trans. Industrial Inform. 18, 4981–4989 (2021)
Waters, B.: Dual system encryption: realizing fully secure IBE and HIBE under simple assumptions. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 619–636. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03356-8_36
Wei, L., et al.: Security and privacy for storage and computation in cloud computing. Inf. Sci. 258, 371–386 (2014)
Acknowledgments
The authors thank the anonymous reviewers for their insightful suggestions on this work. This research is partially supported by the National Science and Technology Council, Taiwan (ROC), under grant numbers NSTC 109-2221-E-004-011-MY3, NSTC 110-2221-E-004-003-, NSTC 110-2622-8-004-001-, NSTC 111-2218-E-004-001-MBK, and NSTC 111-2221-E-004-005-.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Liu, ZY., Chien, CC., Tseng, YF., Tso, R., Mambo, M. (2023). Public Key Encryption with Hierarchical Authorized Keyword Search. In: Seo, SH., Seo, H. (eds) Information Security and Cryptology – ICISC 2022. ICISC 2022. Lecture Notes in Computer Science, vol 13849. Springer, Cham. https://doi.org/10.1007/978-3-031-29371-9_8
Download citation
DOI: https://doi.org/10.1007/978-3-031-29371-9_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-29370-2
Online ISBN: 978-3-031-29371-9
eBook Packages: Computer ScienceComputer Science (R0)