Abstract
With the rapid growth of the internet of things (IoT), resource-constrained devices have become an integral part of our daily lives. Public key encryption with keyword search (PEKS) enables users to search over encrypted data without revealing sensitive information. However, the computational and memory constraints of these devices pose challenges for implementing PEKS. Additionally, most of the existing schemes are either vulnerable to attacks like keyword guessing attacks, or they rely on bilinear-pairing operations that make them inefficient for resource-constrained devices, or both. To address these issues, we propose a lightweight and pairing-free certificateless authenticated searchable encryption scheme with multi-trapdoor guarantees for resource-constrained devices. Our scheme embeds a shared key in the ciphertext and in the trapdoor that is computable by both the sender and the receiver to ensure authentication and protection against keyword guessing attacks. We also make the trapdoor generation probabilistic to eliminate the need for a secure channel when transmitting the trapdoor, hence, achieving multi-trapdoor indistinguishability. Furthermore, we employ regular cryptography operations instead of bilinear-pairing operations to support deployment on resource-constrained devices. Our scheme is efficient, secure, and outperforms other compared schemes in terms of security guarantees, computational costs, and communication overhead.
Similar content being viewed by others
Notes
We averaged the overall execution time of each operation, where we have 10000 samples.
A free and open-source emulator and virtualizer that allows users to run operating systems and programs designed for one architecture on a different architecture.
References
Peng, Y., Cui, J., Peng, C., & Ying, Z. (2014). Certificateless public key encryption with keyword search. China Communications, 11(11), 100–113. https://doi.org/10.1109/cc.2014.7004528
Byun, J. W., Rhee, H. S., Park, H. A., & Lee, D. H. (2006). Off-line keyword guessing attacks on recent keyword search schemes over encrypted data Secure Data Management: Third VLDB Workshop. SDM, 2006, 75–83. https://doi.org/10.1007/11844662_6
Huang, Q., & Li, H. (2017). An efficient public-key searchable encryption scheme secure against inside keyword guessing attacks. Information Sciences, 403–404, 1–14. https://doi.org/10.1016/j.ins.2017.03.038
Qin, B., Chen, Y., Huang, Q., Liu, X., & Zheng, D. (2020). Public-key authenticated encryption with keyword search revisited: Security model and constructions. Information Sciences, 516, 515–528. https://doi.org/10.1016/j.ins.2019.12.063
Yang, G., Guo, J., Han, L., Liu, X., & Tian, C. (2021). An improved secure certificateless public-key searchable encryption scheme with multi-trapdoor privacy. Peer-to-Peer Networking and Applications, 15(1), 503–515. https://doi.org/10.1007/s12083-021-01253-9
Boneh, D., Crescenzo, G. D., Ostrovsky, R., & Persiano, G. (2004). Public key encryption with keyword search. In Advances in cryptology—EUROCRYPT, 2004 3027, 506–522. https://doi.org/10.1007/978-3-540-24676-3_30
Ma, S., Huang, Q., Zhang, M., & Yang, B. (2015). Efficient public key encryption with equality test supporting flexible authorization. IEEE Transactions on Information Forensics and Security, 10(3), 458–470. https://doi.org/10.1109/tifs.2014.2378592
Fang, L., Susilo, W., Ge, C., & Wang, J. (2013). Public key encryption with keyword search secure against keyword guessing attacks without random oracle. Information Sciences, 238, 221–241. https://doi.org/10.1016/j.ins.2013.03.008
Wu, L., Zhang, Y., Ma, M., Kumar, N., & He, D. (2019). Certificateless searchable public key authenticated encryption with designated tester for cloud-assisted medical internet of things. Annals of Telecommunications, 74(7–8), 423–434. https://doi.org/10.1007/s12243-018-00701-7
Zhang, Y. L., Wen, L., Zhang, Y. J., & Wang, C. F. (2020). Deniably authenticated searchable encryption scheme based on blockchain for medical image data sharing. Multimedia Tools and Applications, 79(37–38), 27075–27090. https://doi.org/10.1007/s11042-020-09213-w
Baek, J., Safavi N, R., & Susilo, W. (2008). Public key encryption with keyword search revisited. Computational Science and Its Applications—ICCSA, 2008(5072), 1249–1259. https://doi.org/10.1007/978-3-540-69839-5_96
Rhee, H. S., Park, J. H., Susilo, W., & Lee, D. H. (2010). Trapdoor security in a searchable public-key encryption scheme with a designated tester. Journal of Systems and Software, 83(5), 763–771. https://doi.org/10.1016/j.jss.2009.11.726
Yau, W. C., Phan, R. C. W., Heng, S. H., & Goi, B. M. (2013). Keyword guessing attacks on secure searchable public key encryption schemes with a designated tester. International Journal of Computer Mathematics, 90(12), 2581–2587. https://doi.org/10.1080/00207160.2013.778985
Al-Riyami, S. S., & Paterson, K. G. (2003). Certificateless public key cryptography. Asiacrypt. https://doi.org/10.1007/978-3-540-40061-5_29
Yang, X., Chen, G., Wang, M., & Pei, X. (2019). Lightweight searchable encryption scheme based on certificateless cryptosystem. In 2019 4th international conference on mechanical, control and computer engineering (ICMCCE), (pp. 669–6693). https://doi.org/10.1109/icmcce48743.2019.00155
Lu, Y., & Li, J. (2019). Constructing certificateless encryption with keyword search against outside and inside keyword guessing attacks. China Communications, 16(7), 156–173. https://doi.org/10.23919/jcc.2019.07.013
Kim, H., Hahn, C., & Hur, J. (2020). Forward secure public key encryption with keyword search for cloud-assisted IoT. In 2020 IEEE 13th international conference on cloud computing, (pp. 549–556). https://doi.org/10.1109/cloud49709.2020.00083
Mane, P. M., & Chetty, M. S. R. (2020). A multi keyword searchable attribute-based encryption technique for data access control in cloud storage. International Journal of Advanced Trends in Computer Science and Engineering, 9(4), 4918–4926. https://doi.org/10.30534/ijatcse/2020/104942020
Zhang, Y., Liu, X., Lang, X., Zhang, Y., & Wang, C. (2020). VCLPKES: Verifiable certificateless public key searchable encryption scheme for industrial internet of things. IEEE Access, 8, 20849–20861. https://doi.org/10.1109/access.2020.2968501
Guo, L., Li, Z., Yau, W.-C., & Tan, S.-Y. (2020). A decryptable attribute-based keyword search scheme on eHealth cloud in internet of things platforms. IEEE Access, 8, 26107–26118. https://doi.org/10.1109/access.2020.2971088
Zhou, Y., Li, N., Tian, Y., An, D., & Wang, L. (2020). Public key encryption with keyword search in cloud: A survey. Entropy, 22(4), 421. https://doi.org/10.3390/e22040421
Cui, Y., Gao, F., Shi, Y., Yin, W., Panaousis, E., & Liang, K. (2020). An efficient attribute-based multi-keyword search scheme in encrypted keyword generation. IEEE Access, 8, 99024–99036. https://doi.org/10.1109/access.2020.2996940
Tso, R., Huang, K., Chen, Y. C., Rahman, S. M. M., & Wu, T. Y. (2020). Generic construction of dual-server public key encryption with keyword search on cloud computing. IEEE Access, 8, 152551–152564. https://doi.org/10.1109/access.2020.3017745
Zhang, S., Wen, Q., Li, W., Zhang, H., & Jin, Z. (2020). A multi-user public key encryption with multi-keyword search out of bilinear pairings. Sensors, 20(23), 6962. https://doi.org/10.3390/s20236962
Ma, M., Fan, S., & Feng, D. (2020). Multi-user certificateless public key encryption with conjunctive keyword search for cloud-based telemedicine. Journal of Information Security and Applications, 55, 102652. https://doi.org/10.1016/j.jisa.2020.102652
Mamta, & Gupta, B. (2020). An attribute-based keyword search for m-health networks. Journal of Computer Virology and Hacking Techniques, 17(1), 21–36. https://doi.org/10.1007/s11416-020-00361-z
Liang, Y., Li, Y., Cao, Q., & Ren, F. (2020). VPAMS: Verifiable and practical attribute-based multi-keyword search over encrypted cloud data. Journal of Systems Architecture, 108, 101741. https://doi.org/10.1016/j.sysarc.2020.101741
Miao, Y., Tong, Q., Deng, R. H., Choo, K. K. R., Liu, X., & Li, H. (2022). Verifiable searchable encryption framework against insider keyword-guessing attack in cloud storage. IEEE Transactions on Cloud Computing, 10(2), 835–848. https://doi.org/10.1109/tcc.2020.2989296
Senouci, M. R., Benkhaddra, I., Senouci, A., & Li, F. (2021). An efficient and secure certificateless searchable encryption scheme against keyword guessing attacks. Journal of Systems Architecture, 119, 102271. https://doi.org/10.1016/j.sysarc.2021.102271
Lu, Y., Li, J., & Wang, F. (2021). Pairing-free certificate-based searchable encryption supporting privacy-preserving keyword search function for IIoTs. IEEE Transactions on Industrial Informatics, 17(4), 2696–2706. https://doi.org/10.1109/tii.2020.3006474
Senouci, M. R., Benkhaddra, I., Senouci, A., & Li, F. (2022). A provably secure free-pairing certificateless searchable encryption scheme. Telecommunication Systems. https://doi.org/10.1007/s11235-022-00912-3
Lu, Y., Li, J., & Zhang, Y. (2020). Privacy-preserving and pairing-free multirecipient certificateless encryption with keyword search for cloud-assisted IIoT. IEEE Internet of Things Journal, 7(4), 2553–2562. https://doi.org/10.1109/jiot.2019.2943379
Lu, Y., Li, J., & Zhang, Y. (2021). Secure channel free certificate-based searchable encryption withstanding outside and inside keyword guessing attacks. IEEE Transactions on Services Computing, 14(6), 2041–2054. https://doi.org/10.1109/tsc.2019.2910113
Ghosh, S., Islam, S. K. H., Bisht, A., & Das, A. K. (2023). Provably secure public key encryption with keyword search for data outsourcing in cloud environments. Journal of Systems Architecture, 139, 102876. https://doi.org/10.1016/j.sysarc.2023.102876
Zhou, X., He, D., Ning, J., Luo, M., & Huang, X. (2023). Single-server public-key authenticated encryption with keyword search and its application in IIoT. IEEE Transactions on Network Science and Engineering. https://doi.org/10.1109/tnse.2023.3300716
Islam, S. K. H., Obaidat, M. S., Rajeev, V., & Amin, R. (2017). Design of a certificateless designated server based searchable public key encryption scheme. Communications in Computer and Information Science, 655, 3–15. https://doi.org/10.1007/978-981-10-4642-1_1
Lynn, B. PBC library—The pairing-based cryptography library. https://crypto.stanford.edu/pbc/.
Damien, G. (2020). Keylength—NIST report on cryptographic key length and cryptoperiod. https://www.keylength.com/en/4/.
Federal Office for Information Security. Cryptographic Mechanisms: Recommendations and Key Lengths, Version 2022-01. https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TG02102/BSI-TR-02102-1.html.
Acknowledgements
The authors express their gratitude to the editor and the anonymous reviewers for their valuable comments and suggestions, which have significantly enhanced the overall quality of this manuscript.
Funding
This work is supported by the Sichuan Science and Technology Program (grant no. 2022ZHCG0037)
Author information
Authors and Affiliations
Contributions
MRS initiated the project, overseeing code implementation, experiments, and manuscript writing. AS ensured code validity, verified data accuracy, and contributed to proofreading and formatting. FL focused on mathematical aspects, approving proofs and aiding in formatting. All authors reviewed and approved the final manuscript.
Corresponding author
Ethics declarations
Conflict of interest
Authors declare that they have no competing interests that could potentially influence the outcome or interpretation of the research findings in this manuscript.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Senouci, M.R., Senouci, A. & Li, F. A pairing-free certificateless authenticated searchable encryption with multi-trapdoor indistinguishability (MTP-IND) guarantees. Telecommun Syst 85, 443–460 (2024). https://doi.org/10.1007/s11235-023-01095-1
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11235-023-01095-1