Skip to main content
SpringerLink
Log in

Verifiable Public-Key Encryption with Keyword Search Secure against Continual Memory Attacks

  • Published:
Mobile Networks and Applications Aims and scope Submit manuscript

Abstract

Public-key encryption with keyword search (PEKS) enables users to search on encrypted data which is applicable to scenario of sharing data in the cloud storage. The existing PEKS schemes fail to verify the returned result from the tester, i.e. they cannot guarantee the correctness and completeness of the result. In this paper, we resolve this problem by constructing a verifiable PEKS scheme which can efficiently verify the completeness of the result and thus the correctness. We also consider the security of verifiable PEKS scheme against a kind of side-channel attacks called the continual memory attacks which allow the adversary to obtain some leakage information of the secret key used in the search trapdoor generation algorithm and can help it break the security of the scheme. We extend our scheme to an enhanced one which remains secure even when the adversary can obtain unbounded total leakage information during the whole lifetime. Moreover, to make it resist keyword guessing attacks, we extend our scheme to one with a designated tester.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

Notes

  1. Create Queries implies the adversary can issue an update query for an identity and the challenger returns the handle of the new secret key of the identity to the adversary. So, an identity may have several handles in set S with respect to all of his secret keys used in entire lifetime.

  2. It is not allowed for the adversary to request the entire master key.

  3. In this definition, we do not allow the leakage in the UpdateKey process.

References

  1. Abdalla M, Bellare M, Catalano D, Kiltz E, Kohno T, Lange T, Malone-Lee J, Neven G, Paillier P, Shi H (2005) Searchable encryption revisited: consistency properties, relation to anonymous ibe, and extensions. In: Advances in cryptology-crypto 2005, pp 205–222

  2. Akavia A, Goldwasser S, Vaikuntanathan V (2009) Simultaneous hardcore bits and cryptography against memory attacks. In: TCC 2009, pp 474–495

  3. Ateniese G, Fu K, Green M, Hohenberger S (2006) Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans Inf Syst Secur 9(1):1–30

    Article  Google Scholar 

  4. Ateniese G, Burns R, Curtmola R, Herring J, Kissner L, Peterson Z, Song D (2007) Provable data possession at untrusted stores. In: CCS 2007. ACM, pp 598–609

  5. Baek J, Safiavi-Naini R, Susilo W (2008) Public key encryption with keyword search revisited. In: ICCSA 2008, pp 1249–1259

  6. Ballard L, Kamara S, Monrose F (2005) Achieving efficient conjunctive keyword searches over encrypted data. In: ICICS 2005, pp 414–426

  7. Bertino E, Paci F, Ferrini R, Shang N (2009) Privacy-preserving digital identity management for cloud computing. In: IEEE Data engineering bulletin, vol 32, pp 21–27

  8. Biham E, Shamir A (1997) Differential fault analysis of secret key cryptosystems. In: Advances in Cryptology-CRYPTO 1997. Springer, pp 513–525

  9. Biham E, Carmeli Y, Shamir A (2008) Bug attacks. In: Advances in cryptology-CRYPTO 2008. Springer, pp 221–240

  10. Boneh D, Waters B (2007) Conjunctive, subset and range queries on encrypted data. In: TCC 2007, pp 535–554

  11. Boneh D, Di Crescenzo G, Ostrovsky R, Persiano G (2004) Public key encryption with keyword search. In: Advances in cryptology-eurocrypt 2004, pp 506–522

  12. Brakerski Z, Kalai Y, Katz J, Vaikuntanathan V (2010) Overcoming the hole in the bucket: public-key cryptography resilient to continual memory leakage. In: FOCS 2010, pp 501–510

  13. Byun J, Rhee H, Park H, Lee D (2006) Off-line keyword guessing attacks on recent keyword search schemes over encrypted data. In: SDM 2006, pp 75–83

  14. Chen X, Huang X, Li J, Ma J, Wong D, Lou W (2015) New algorithms for secure outsourcing of large-scale systems of linear equations. IEEE Trans Inf Forens Secur 10(1):69–78

    Article  Google Scholar 

  15. Chen X, Li J, Ma J, Weng J, Lou W (2016) Verifiable computation over large database with incremental updates. IEEE Trans Comput 65(10):3184–3195

    Article  MathSciNet  Google Scholar 

  16. Chen Y (2015) Speks: secure server-designation public key encryption with keyword search against keyword guessing attacks. Comput J 58(4):922–933

    Article  Google Scholar 

  17. Chen Y, Zhang Z, Lin D, Cao Z (2012) Anonymous identity-based hash proof system and its applications. In: ProvSec 2012, pp 143–160

  18. Dachman-Soled D, Dov Gordon S, Liu F, O’Neill A, Zhou H (2016) Leakage-resilient public-key encryption from obfuscation. In: PKC 2016, pp 101–128

  19. Dodis Y, Kalai Y, Lovett S (2009) On cryptography with auxiliary input. In: STOC 2009, pp 621–630

  20. Dziembowski S, Pietrzak K (2008) Leakage-resilient cryptography. In: FOCS 2008, pp 293–302

  21. Fortis T, Munteanu V, Negru V (2015) A taxonomic view of cloud computing services. Int J Comput Sci Eng 11(1):17–28

    Google Scholar 

  22. Gandolfi K, Mourtel C, Olivier F (2001) Electromagnetic analysis: concrete results. In: CHES 2001, pp 251–261

  23. Gao C, Cheng Q, He P, Susilo W, Li J (2018) Privacy-preserving naive bayes classifiers secure against the substitution-then-comparison attack. Inform Sci 444:72–88

    Article  MathSciNet  Google Scholar 

  24. Gentry C (2009) Fully homomorphic encryption using ideal lattices. In: STOC 2009. ACM, pp 169–178

  25. Goh EJ (2003) Secure indexes cryptology. ArXiv:2003:216

  26. Golle P, Staddon J, Waters B (2004) Secure conjunctive keyword search over encrypted data. In: ACNS 2004, pp 31–45

  27. Halderman J, Schoen S, Nadia H, Clarkson W, Paul W, Calandrino J, Feldman A, Appelbaum J, Felten E (2008) Lest we remember: cold-boot attacks on encryption keys. In: USENIX security symposium 2008, pp 45–60

  28. Hu C, Yang R, Liu P, Yu Z, Y Z X u Q (2016) Public-key encryption with keyword search secure against continual memory attacks. Secur Commun Netw 9(11):1613–1629

    Article  Google Scholar 

  29. Joshi J, Bhatti R, Bertino E, Ghafoor A (2004) Access control language for multidomain environments. IEEE Internet Comput 8(6):40–50

    Article  Google Scholar 

  30. Kocher P (1996) Timing attacks on implementations of diffie-hellman, rsa, dss, and other systems. In: Advances in Cryptology-CRYPTO 1996. Springer, pp 104–113

  31. Kocher P, Jaffe J, Jun B (1999) Differential power analysis. In: Advances in Cryptology-CRYPTO 1999. Springer, pp 388– 397

  32. Lai J, Zhou X, Deng RH, Li Y, Chen K (2013) Expressive search on encrypted data. In: AisaCCS 2013, pp 243–252

  33. Li H, Liu D, Dai Y, Luan T, Shen X (2015a) Enabling efficient multi-keyword ranked search over encrypted mobile cloud data through blind storage. IEEE Transa Emerg Topics Comput 3(1):127–138

    Article  Google Scholar 

  34. Li H, Yang Y, Dai Y, Yu S, Xiang Y (2017) Achieving secure and efficient dynamic searchable symmetric encryption over medical cloud data. IEEE Transactions on Cloud Computing. https://doi.org/10.1109/TCC.2017.2769645

  35. Li H, Liu D, Dai Y, Luan T, Yu S (2018a) Personalized search over encrypted data with efficient and secure updates in mobile clouds. IEEE Trans Emerg Topics Comput 6(1):97–109

    Article  Google Scholar 

  36. Li J, Chen X, Xhafa F, Barolli L (2015b) Secure deduplication storage systems supporting keyword search. J Comput Syst Sci 81(8):1532–1541

    Article  MathSciNet  Google Scholar 

  37. Li J, Liu Z, Chen X, Tan X, Wong D (2015c) L-encdb: a lightweight framework for privacy-preserving data queries in cloud computing. Knowl-Based Syst 79:18–26

    Article  Google Scholar 

  38. Li J, Li J, Xie D, Cai Z (2016) Secure auditing and deduplicating data in cloud. IEEE Trans Comput 65(8):2386–2396

    Article  MathSciNet  Google Scholar 

  39. Li J, Chen X, Chow S, Huang Q, Wong D, Liu Z (2018b) Multi-authority fine-grained access control with accountability and its application in cloud. J Netw Comput Appl 112:89–96

    Article  Google Scholar 

  40. Li S, Cui J, Zhong H, He Q (2017b) Lepa: a lightweight and efficient public auditing scheme for cloud-assisted wireless body sensor networks. Secur Commun Netw 2017(11):1–16

    Article  Google Scholar 

  41. Rhee H, Park J, Susilo W, Lee D (2010) Trapdoor security in a searchable public-key encryption scheme with a designated tester. J Syst Softw 83(5):763–771

    Article  Google Scholar 

  42. Shamir A (1984) Identity based cryptosystems and signature schemes. In: Advances in Cryptology-CRYPTO 1984. Springer, pp 47–53

  43. Shen J, Gui Z, Ji S, Shen J, Tan H, Tang Y (2018) Cloud-aided lightweight certificateless authentication protocol with anonymity for wireless body area networks. J Netw Comput Appl 106:117–123

    Article  Google Scholar 

  44. Song D, Wagner D, Perrig A (2000) Practical techniques for searching on encrypted data. In: Security & Privacy 2000, pp 44–55

  45. Xu Y, Wang M, Zhong H, Cui J, Liu L, Franqueira V (2017) Verifiable public key encryption scheme with equality test in 5g networks. IEEE Access 5:12,702–12,713

    Article  Google Scholar 

  46. Yu J, Ren K, Wang C, Varadharajan V (2015) Enabling cloud storage auditing with key-exposure resistance. IEEE Trans Inf Forens Secur 10(6):1167–1179

    Article  Google Scholar 

  47. Zheng Q, Xu S, Ateniese G (2014) Vabks: verifiable attributebased keyword search over outsourced encrypted data. In: Infocom 2014, pp 522–530

  48. Zhong H, Cui J, Shi R, Xia C (2016) Many-to-one homomorphic encryption scheme. Secur Commun Netw 9(10):1007–1015

    Article  Google Scholar 

  49. Zhong H, Zhu W, Xu Y, Cui J (2018) Multi-authority attribute-based encryption access control scheme with policy hidden for cloud storage. Soft Comput 22:243–251

    Article  Google Scholar 

  50. Zhu B, Zhu B, Ren K (2011) Peksrand: providing predicate privacy in public-key encryption with keyword search. In: ICC 2011, pp 1–6

Download references

Acknowledgements

This project is supported in part by National Natural Science Foundation of China (No.61602275, 61632020, 61602468, 61772311), Shandong Province Higher Educational Science and Technology Program (No.J15LN01), the Open Project of Co-Innovation Center for Information Supply & Assurance Technology, Anhui University(No.ADXXBZ201702).

Author information

Authors and Affiliations

  1. School of Software Engineering, Shandong University, Jinan, 250101, China

    Chengyu Hu & Shanqing Guo

  2. School of Computer Science and Technology, Anhui University, Hefei, 230601, China

    Chengyu Hu

  3. School of Computer Science and Technology, Shandong University of Finance and Economics, Jinan, China

    Zhen Li

  4. School of Information, Shandong University of Political Science and Law, 250014, Jinan, China

    Pengtao Liu

  5. School of Computer Science and Technology, Shandong University, 250101, Jinan, China

    Rupeng Yang

  6. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, 100093, Beijing, China

    Hailong Zhang

Authors
  1. Chengyu Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zhen Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Pengtao Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Rupeng Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Shanqing Guo
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Hailong Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Chengyu Hu.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Hu, C., Li, Z., Liu, P. et al. Verifiable Public-Key Encryption with Keyword Search Secure against Continual Memory Attacks. Mobile Netw Appl 26, 2490–2500 (2021). https://doi.org/10.1007/s11036-018-1101-4

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11036-018-1101-4

Keywords

Search

Navigation