Abstract
Public-key encryption with keyword search (PEKS) enables us to search over encrypted data, and is expected to be used between a cloud server and users’ devices such as laptops or smartphones. However, those devices might be lost accidentally or be stolen. In this paper, we deal with such a key-exposure problem on PEKS, and introduce a concept of PEKS with key-updating functionality, which we call key-updatable PEKS (KU-PEKS). Specifically, we propose two models of KU-PEKS: The key-evolution model and the key-insulation model. In the key-evolution model, a pair of public and secret keys can be updated if needed (e.g., the secret key is exposed). In the key-insulation model, a public key remains fixed while a secret key can be updated if needed. The former model makes a construction simple and more efficient than the latter model. On the other hand, the latter model is preferable for practical use since a user never updates his/her public key. We show constructions of a KU-PEKS scheme in each model in a black-box manner. We also give an experimental result for the most efficient instantiation, and show our proposal is practical.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
A cryptoperiod [23] means that the time span during which a specific key is authorized for use or in which the keys for a given system or application may remain in effect.
- 2.
For simplicity, we assume that the information of i, j, and k is attached to \({\textsf {t}}_{w',i}\) and \({\textsf {c}}_{w,j}^{(k)}\).
- 3.
For simplicity, we assume \(\mathcal {A}\) issues \(i\in \mathcal {T}\) to \(\mathcal {O}_{\textsc {rk}}\) after \(\mathcal {A}\) issues i to \(\mathcal {O}_{\textsc {kl}}\) except \(\L =\{\star \}\) (i.e., \(\mathcal {A}\) obtains \(\textsf {hk}\) from \(\mathcal {O}_{\textsc {kl}}\)).
- 4.
If \({\textsf {mk}}_{\texttt {T}}\) is not stored, the oracle generates it by \(\mathsf {MKUpd}({\textsf {mk}}_{0}, \mathsf {UpdGen}({\textsf {mhk}},{\texttt {T}}))\) and stored it.
References
Abdalla, M., Bellare, M., Catalano, D., Kiltz, E., Kohno, T., Lange, T., Malone-Lee, J., Neven, G., Paillier, P., Shi, H.: Searchable encryption revisited: consistency properties, relation to anonymous IBE, and extensions. J. Cryptol. 21(3), 350–391 (2008)
Baek, J., Safavi-Naini, R., Susilo, W.: Public key encryption with keyword search revisited. In: Gervasi, O., Murgante, B., Laganà , A., Taniar, D., Mun, Y., Gavrilova, M.L. (eds.) ICCSA 2008. LNCS, vol. 5072, pp. 1249–1259. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-69839-5_96
Blaze, M., Bleumer, G., Strauss, M.: Divertible protocols and atomic proxy cryptography. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 127–144. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0054122
Boldyreva, A., Goyal, V., Kumar, V.: Identity-based encryption with efficient revocation. In: Proceedings of CCS 2008, pp. 417–426. ACM, New York (2008)
Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24676-3_30
Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_13
Byun, J.W., Rhee, H.S., Park, H.-A., Lee, D.H.: Off-line keyword guessing attacks on recent keyword search schemes over encrypted data. In: Jonker, W., Petković, M. (eds.) SDM 2006. LNCS, vol. 4165, pp. 75–83. Springer, Heidelberg (2006). https://doi.org/10.1007/11844662_6
Canetti, R., Halevi, S., Katz, J.: A forward-secure public-key encryption scheme. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 255–271. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-39200-9_16
Carnegie Mellon University: Enron email dataset, 7 May 2015. http://www.cs.cmu.edu/ enron/
Cheon, J.H., Hopper, N., Kim, Y., Osipkov, I.: Provably secure timed-release public key encryption. ACM Trans. Inf. Syst. Secur. 11(2), 4:1–4:44 (2008)
Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private information retrieval. In: FOCS 1995, pp. 41–50 (1995)
Dodis, Y., Franklin, M., Katz, J., Miyaji, A., Yung, M.: A generic construction for intrusion-resilient public-key encryption. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 81–98. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24660-2_7
Dodis, Y., Katz, J., Xu, S., Yung, M.: Key-insulated public key cryptosystems. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 65–82. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-46035-7_5
Dodis, Y., Katz, J., Xu, S., Yung, M.: Strong key-insulated signature schemes. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 130–144. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36288-6_10
ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 10–18. Springer, Heidelberg (1985). https://doi.org/10.1007/3-540-39568-7_2
Emura, K., Phong, L.T., Watanabe, Y.: Keyword revocable searchable encryption with trapdoor exposure resistance and re-generateability. In: 2015 IEEE Trustcom/BigDataSE/ISPA, vol. 1, pp. 167–174, August 2015
Green, M., Ateniese, G.: Identity-based proxy re-encryption. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 288–306. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-72738-5_19
Hanaoka, Y., Hanaoka, G., Shikata, J., Imai, H.: Identity-based hierarchical strongly key-insulated encryption and its application. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 495–514. Springer, Heidelberg (2005). https://doi.org/10.1007/11593447_27
Jutla, C.S., Roy, A.: Shorter quasi-adaptive NIZK proofs for linear subspaces. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8269, pp. 1–20. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-42033-7_1
Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-68697-5_9
Lewko, A.: Tools for simulating features of composite order bilinear groups in the prime order setting. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 318–335. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29011-4_20
Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_3
National Institute of Standards and Technology: Nist special publication 800–57 part 1, revision 4, recommendation for key management part 1: General (2013). http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r4.pdf
Tang, Q.: Towards forward security properties for PEKS and IBE. In: Foo, E., Stebila, D. (eds.) ACISP 2015. LNCS, vol. 9144, pp. 127–144. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-19962-7_8
University of Tsukuba: TEPLA: University of Tsukuba Elliptic curve and Pairing Libraary (Jan2013 Released TEPLA 10, Dec-2015 Released TEPLA 20). http://www.cipher.risk.tsukuba.ac.jp/tepla/
Watanabe, Y., Shikata, J.: Identity-based hierarchical key-insulated encryption without random oracles. In: Cheng, C.-M., Chung, K.-M., Persiano, G., Yang, B.-Y. (eds.) PKC 2016. LNCS, vol. 9614, pp. 255–279. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49384-7_10
Acknowledgments
We would like to thank the anonymous reviewers for useful comments. The first author was supported by The Telecommunications Advancement Foundation. The second and third authors were supported by Grant-in-Aid for JSPS Fellows Grant Number JP17K00189. The last author was supported by JSPS Research Fellowship for Young Scientists and Grant-in-Aid for JSPS Fellows Grant Number JP16J10532 and JP17K12697.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Anada, H., Kanaoka, A., Matsuzaki, N., Watanabe, Y. (2018). Key-Updatable Public-Key Encryption with Keyword Search: Models and Generic Constructions. In: Susilo, W., Yang, G. (eds) Information Security and Privacy. ACISP 2018. Lecture Notes in Computer Science(), vol 10946. Springer, Cham. https://doi.org/10.1007/978-3-319-93638-3_20
Download citation
DOI: https://doi.org/10.1007/978-3-319-93638-3_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-93637-6
Online ISBN: 978-3-319-93638-3
eBook Packages: Computer ScienceComputer Science (R0)