Abstract
Multi-user searchable encryption (MSE) enables authorized users to search over encrypted documents in the cloud. Generally, security problems in existing MSE schemes are solved as follows: (1) transmitting authority values and search tokens through secure channels to resist keyword guessing attack; (2) involving a trusted third party (TTP) to manage users and (3) relying on online users to distribute the decryption keys. However, these methods result in extra overhead and heavily restrict the scalability of the systems. In this paper, we propose a secure channel-free and TTP-free MSE scheme. It is secure against keyword guessing attack by introducing a designated server. And it achieves fine-grained access control to grant and revoke the privileges of users without TTP. More specifically, each document is encrypted with a unique and independent key, where the key distribution is integrated with user authorization and search procedures. We provide a concrete construction of the scheme and give formal proofs of its security in the random oracle model.
Similar content being viewed by others
References
Armbrust M, Fox A, Griffith R et al (2010) A view of cloud computing. Commun ACM 53(4):50–58
Stergiou C, et al (2016) Secure integration of internet of things and cloud computing, FGCS, Elsevier
Bösch C, Hartel P, Jonker W et al (2015) A survey of provably secure searchable encryption. ACM Computing Surveys (CSUR) 47(2):18
Gupta BB, Agrawal DP, (2016) Shingo Yamaguchi, Handbook of research on modern cryptographic solutions for computer and cyber security, IGI Global Publisher, USA
Song D, Wagner D, Perrig A. (2000) Practical techniques for searches on encrypted data[C]// Proc of the 21st IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 44–55
Xia Z, Wang X, Sun X et al (2015) A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data. IEEE Transactions on Parallel and Distributed Systems 27(2):340–352
Fu Z, Sun X, Liu Q, Zhou L et al (2015) Achieving efficient cloud search services: multi-keyword ranked search over encrypted cloud data supporting parallel computing. IEICE Trans Commun E98-B(1):190–200
Xia Z et al (2016) A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data. IEEE Transactions on Parallel and Distributed Systems 27(2):340–352
Fu Z, Wu X, Guan C, Sun X et al (2016) Towards efficient multi-keyword fuzzy search over encrypted outsourced data with accuracy improvement. IEEE Transactions on Information Forensics and Security. doi:10.1109/TIFS.2016.2596138
Strizhov M, Osman Z, Ray I (2016) Substring position search over encrypted cloud data supporting efficient multi-user setup. Future Internet 8(3):28
Li J, Chen X, Xhafa F, Barolli L (2015b) Secure deduplication storage systems supporting keyword search. J Comput Syst Sci 81(8):1532–1541
Li J, Li Y, Chen X, Lee P, Lou W (2015e) A hybrid cloud approach for secure authorized deduplication. IEEE Transactions on Parallel and Distributed Systems 26(5):1206–1216
Li J, Chen X, Huang X, Tang S, Xiang Y, Hassan MM, Alelaiwi A (2015a) Secure distributed deduplication systems with improved reliability. IEEE Trans Comput 64(12):3569–3579
Li J, Yan H, Liu Z, Chen X, Huang X, Wong DS (2015f) Location-sharing systems with enhanced privacy in mobile online social networks. IEEE Syst J PP(99): 1–10
Boneh D, Di Crescenzo G, Ostrovsky R et al (2004) Public key encryption with keyword search[G]//LNCS 3027: advances in cryptology-Eurocrypt 2004. Springer, Berlin, pp 506–522
Li J, Li J, Chen X, Jia C, Lou W (2015d) Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans Comput 64(2):425–437
Li J, Huang X, Li J et al (2014) Securely outsourcing attribute-based encryption with checkability. IEEE Transactions on Parallel and Distributed Systems 25(8):2201–2210
Zhao F, Nishide T, Sakurai K (2012) Multi-user keyword search scheme for secure data sharing with fine-grained access control [G]//LNCS 7259: information security and cryptology-ICISC 2011. Springer, Berlin, pp 406–418
Zheli L, Zhi W, Xiaochun C, et al (2013) Multi-user searchable encryption with coarser-grained access control in hybrid cloud[C]// Proc of the 4th Int Conf on Emerging Intelligent Data and Web Technologies. Piscataway, NJ: IEEE, 249–255
Curtmola R, Garay J, Kamara S, & Ostrovsky R (2006) Searchable symmetric encryption: improved definitions and efficient constructions. In: Proceedings of the 13th ACM conference on Computer and communications security. ACM. pp. 79–88
Dong C, Russello G, Dulay N (2011) Shared and searchable encrypted data for untrusted servers. J Comput Secur 19(3):367–397
Byun JW, Rhee HS, Park HA, Lee DH (2006) Off-line keyword guessing attacks on recent keyword search schemes over encrypted data. In: Secure Data Management. Springer Berlin, Heidelberg, pp 75–83
Chen R, Mu Y, Yang G, Guo F, & Wang X (2015) A new general framework for secure public key encryption with keyword search. In Information Security and Privacy (ACISP’15). Springer International Publishing. pp. 59–76
Xu P, Jin H, Wu Q, Wang W (2013) Public-key encryption with fuzzy keyword search: a provably secure scheme under keyword guessing attack. IEEE Trans Comput 62(11):2266–2277
Tang Q, & Chen L (2009) Public-key encryption with registered keyword search. In: Public Key Infrastructures, Services and Applications (EuroPKI’09). Springer Berlin: Heidelberg. pp. 163–178
Baek J, Safavi-Naini R, Susilo W (2006) Public key encryption with keyword search revisited. In: Proceedings of ACIS’06
Wu TY, Tsai TT, Tseng YM (2014) Efficient searchable ID-based encryption with a designated server. Annals of Telecommunications-Annales des Télécommunications 69(7–8):391–402
Bao F, Deng RH, Ding X et al (2008) Private query on encrypted data in multi-user settings[G]//LNCS 4991: information security practice and experience. Springer, Berlin, pp 71–85
Popa RA, Zeldovich N (2013) Multi-key searchable encryption [DB/OL].IACR Cryptology ePrint Archive, [2015–06-07]. http://eprint.iacr.org/2013/508.pdf
Tang Q (2014) Nothing is for free: security in searching shared and encrypted data. IEEE Trans on Information Forensics and Security 9(11):1943–1952
Li Z, Jiang H, Zhao M (2015c) A discretionary searchable encryption scheme in multi-user settings. Journal of Computer Research and Development 52(10):2313–2322
Boneh D, Franklin M (2001) Identity-based encryption from the Weil pairing [G]// LNCS 2139: advances in cryptology—CRYPTO 2001. Springer, Berlin, pp 213–229
Popa R (2014) A building practical systems that compute on encrypted data [D]. Massachusetts Institute of Technology, Cambridge
Rhee HS, Park JH, Susilo W, Lee DH (2010) Trapdoor security in a searchable public-key ecryption scheme. J Syst Softw 83:763–771
Acknowledgements
This work is supported by the National Natural Science Foundation (NSF) under grant No. 61572294, 61602275 and NSF Key Project under grant No. 61632020.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Li, Z., Zhao, M., Jiang, H. et al. Multi-user searchable encryption with a designated server. Ann. Telecommun. 72, 617–629 (2017). https://doi.org/10.1007/s12243-017-0571-x
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12243-017-0571-x