无安全信道的高效可搜索公钥加密方案

Efficient Public Key Encryption with Keyword Search Without Using Secure Channel

在云存储应用中,出于对数据安全和隐私保护的需求,用户将数据上传到云服务器之前往往需要对其进行加密.可搜索加密技术的出现有效地满足了用户在密文数据中搜索的需求.可搜索公钥加密相较于可搜索对称加密能够实现在密文上复杂的逻辑运算,功能更强大.传统基于关键词搜索的可搜索公钥加密假设用户和云服务器之间存在一个安全可信信道来传输陷门,从而防止陷门隐私的泄露.然而这一假设在很多场景下是不满足的. Baek等人首次提出了无安全信道的公钥可搜索加密(SCF-PEKS)方案来解决公钥可搜索加密机制中的这一缺陷,但是他们的方案只在随机谕言机模型下证明了安全性.本文在合数阶双线性群下,提出了一个在标准模型下安全高效的SCF-PEKS方案,基于判定性子群假设和DBDH假设,证明了本文方案可抵抗选择关键词攻击(IND-SCF-CKA).跟现有在标准模型下构造的相关方案相比,本文方案具有更简洁的构造和更好的安全性能.

In data outsourcing settings,users may encrypt their data before the data is uploaded to the cloud.Searchable encryption(SE)is a recently developed cryptographic primitive that supports keyword search over encrypted data.Among all the SE candidates,public key encryption with keyword search(PEKS)schemes are more powerful than searchable symmetric encryption(SSE)schemes.PEKS supports complicated computation on encrypted data while SSE cannot do it.Classic PEKS assumes a secure channel between users and storage servers to transfer the trapdoor parameters privately.This assumption seems naive in some cases.Baek et al.first suggested a secure-channel free public key encryption with keyword search(SCF-PEKS)scheme to solve this problem in secure-channel free settings.However,their scheme is proved secure only in the Random Oracle model.This paper proposes an efficient SCF-PEKS scheme constructed in composite-order bilinear groups,and is proved to be secure against chosen keyword attack(IND-SCF-CKA)in the standard model under the decisional subgroup assumption and the DBDH assumption.Compared with other related schemes constructed in the standard model,the proposed scheme has more concise construction,and achieves better security.