Efficient Expressive Attribute-Based Encryption with Keyword Search over Prime-Order Groups

Attribute-based encryption with keyword search(ABEKS)is a novel cryptographic paradigm that can be used to implementfine-grained access control and retrieve ciphertexts without disclosing the sensitive information.It is a perfect combination of attribute-based encryption(ABE)and public key encryption with keyword search(PEKS).Nevertheless,most of the existing ABEKS schemes have limited search capabilities and only support single or simple conjunctive keyword search.Due to the weak search capability and inaccurate search results,it is difficult to apply these schemes to practical applications.In this paper,an effi-cient expressive ABEKS(EABEKS)scheme supporting unbounded keyword uni-verse over prime-order groups is designed,which supplies the expressive keyword search function supporting the logical connectives of“AND”and“OR”.The proposed scheme not only leads to low computation and communica-tion costs,but also supports unbounded keyword universe.In the standard model,the scheme is proven to be secure under the chosen keyword attack and the cho-sen plaintext attack.The comparison analysis and experimental results show that it has better performance than the existing EABEKS schemes in the storage,com-putation and communication costs.

Hash Function Based Keyword Searchable Encryption Framework in Cloud Server Using MD5 and MECC

Cloud Computing expands its usability to various fields that utilize data and store it in a common space that is required for computing and the purpose of analysis as like the IoT devices.These devices utilize the cloud for storing and retrieving data since the devices are not capable of storing processing data on its own.Cloud Computing provides various services to the users like the IaaS,PaaS and SaaS.The major drawback that is faced by cloud computing include the Utilization of Cloud services for the storage of data that could be accessed by all the users related to cloud.The use of Public Key Encryptions with keyword search(PEKS)provides security against the untrustworthy third-party search capability on publicly encryption keys without revealing the data’s contents.But the Security concerns of PEKs arise when Inside Keywords Guessing attacks(IKGA),is identified in the system due to the untrusted server presume the keyword in trapdoor.This issue could be solved by using various algorithms like the Certificateless Hashed Public Key Authenticated Encryption with Keyword Search(CL-HPAEKS)which utilizes the Modified Elliptic Curve Cryptography(MECC)along with the Mutation Centred flower pollinations algorithm(CM-FPA)that is used in enhancing the performance of the algorithm using the Optimization in keys.The additional use of Message Digests 5(MD5)hash function in the system enhances the security Level that is associated with the system.The system that is proposed achieves the security level performance of 96 percent and the effort consumed by the algorithm is less compared to the other encryption techniques.

Certificateless Public Key Encryption with Keyword Search

Public Key Encryption with Keyword Search （PEKS）, an indispensable part of searchable encryption, is stock-in- trade for both protecting data and providing operability of encrypted data. So far most of PEKS schemes have been established on Identity-Based Cryptography （IBC） with key escrow problem inherently. Such problem severely restricts the promotion of IBC-based Public Key Infrastructure including PEKS component. Hence, Certificateless Public Key Cryptography （CLPKC） is efficient to remove such problem. CLPKC is introduced into PEKS, and a general model of Certificateless PEKS （CLPEKS） is formalized. In addition, a practical CLPEKS scheme is constructed with security and efficiency analyses. The proposal is secure channel free, and semantically secure against adaptive chosen keyword attack and keyword guessing attack. To illustrate the superiority, massive experiments are conducted on Enron Email dataset which is famous in information retrieval field. Compared with existed constructions, CLPEKS improves the efficiency in theory and removes the key escrow problem.

Multi-Owner Keyword Search over Shared Data without Secure Channels in the Cloud

Searchable encryption allows cloud users to outsource the massive encrypted data to the remote cloud and to search over the data without revealing the sensitive information. Many schemes have been proposed to support the keyword search in a public cloud. However,they have some potential limitations. First,most of the existing schemes only consider the scenario with the single data owner. Second,they need secure channels to guarantee the secure transmission of secret keys from the data owner to data users. Third,in some schemes,the data owner should be online to help data users when data users intend to perform the search,which is inconvenient.In this paper,we propose a novel searchable scheme which supports the multi-owner keyword search without secure channels. More than that,our scheme is a non-interactive solution,in which all the users only need to communicate with the cloud server. Furthermore,the analysis proves that our scheme can guarantee the security even without secure channels. Unlike most existing public key encryption based searchable schemes,we evaluate the performance of our scheme,which shows that our scheme is practical.

A Proxy Re-Encryption with Keyword Search Scheme in Cloud Computing

With the widespread use of cloud computing technology,more and more users and enterprises decide to store their data in a cloud server by outsourcing.However,these huge amounts of data may contain personal privacy,business secrets and other sensitive information of the users and enterprises.Thus,at present,how to protect,retrieve,and legally use the sensitive information while preventing illegal accesses are security challenges of data storage in the cloud environment.A new proxy re-encryption with keyword search scheme is proposed in this paper in order to solve the problem of the low retrieval efficiency of the encrypted data in the cloud server.In this scheme,the user data are divided into files,file indexes and the keyword corresponding to the files,which are respectively encrypted to store.The improved scheme does not need to re-encrypt partial file cipher-text as in traditional schemes,but re-encrypt the cipher-text of keywords corresponding to the files.Therefore the scheme can improve the computational efficiency as well as resist chosen keyword attack.And the scheme is proven to be indistinguishable under Hash Diffie-Hellman assumption.Furthermore,the scheme does not need to use any secure channels,making it more effective in the cloud environment.

Chosen-Ciphertext Attack Secure Public-Key Encryption with Keyword Search

As the use of cloud storage for various services increases,the amount of private personal information along with data stored in the cloud storage is also increasing.To remotely use the data stored on the cloud storage,the data to be stored needs to be encrypted for this reason.Since“searchable encryption”is enable to search on the encrypted data without any decryption,it is one of convenient solutions for secure data management.A public key encryption with keyword search(for short,PEKS)is one of searchable encryptions.Abdalla et al.firstly defined IND-CCA security for PEKS to enhance it’s security and proposed consistent IND-CCA secure PEKS based on the“robust”ANO-CCA secure identity-based encryption(IBE).In this paper,we propose two generic constructions of consistent IND-CCA secure PEKS combining(1)a hierarchical identity based encryption(for short,HIBE)and a signature scheme or(2)a HIBE,an encapsulation,and a message authentication code(for short,MAC)scheme.Our generic constructions identify that HIBE requires the security of a signature or a MAC as well as the weaker“ANO-CPA security(resp.,IND-CPA security)”of HIBE than“ANOCCA security(resp.,IND-CCA security)”of IBE required in for achieving IND-CCA secure(resp.,consistent)PEKS.Finally,we prove that our generic constructions satisfy IND-CCA security and consistency under the security models.

Constructing Certificateless Encryption with Keyword Search against Outside and Inside Keyword Guessing Attacks

Searchable public key encryption is a useful cryptographic paradigm that enables an untrustworthy server to retrieve the encrypted data without revealing the contents of the data. It offers a promising solution to encrypted data retrieval in cryptographic cloud storage. Certificateless public key cryptography (CLPKC) is a novel cryptographic primitive that has many merits. It overcomes the key escrow problem in identity-based cryptography (IBC) and the cumbersome certificate problem in conventional public key cryptography (PKC). Motivated by the appealing features of CLPKC, several certificateless encryption with keyword search (CLEKS) schemes have been presented in the literature. But, our cryptanalysis demonstrates that the previously proposed CLEKS frameworks suffer from the security vulnerability caused by the keyword guessing attack. To remedy the security weakness in the previous frameworks and provide resistance against both inside and outside keyword guessing attacks, we propose a new CLEKS framework. Under the new framework, we design a concrete CLEKS scheme and formally prove its security in the random oracle model. Compared with previous two CLEKS schemes, the proposed scheme has better overall performance while offering stronger security guarantee as it withstands the existing known types of keyword guessing attacks.

Chinese Keyword Search by Indexing in Relational Databases

In this paper, we propose a new method based on index to realize IR-style Chinese keyword search with ranking strategies in relational databases. This method creates an index by using the related information of tuple words and presents a ranking strategy in terms of the nature of Chinese words. For a Chinese keyword query, the index is used to match query search words and the tuple words in index quickly, and to compute similarities between the query and tuples by the ranking strategy, and then the set of identifiers of candidate tuples is generated. Thus, we retrieve top-N results of the query using SQL selection statements and output the ranked answers according to the similarities. The experimental results show that our method is efficient and effective.

Attribute-based keyword search encryption for power data protection

To protect the privacy of power data,we usually encrypt data before outsourcing it to the cloud servers.However,it is challenging to search over the encrypted data.In addition,we need to ensure that only authorized users can retrieve the power data.The attribute-based searchable encryption is an advanced technology to solve these problems.However,many existing schemes do not support large universe,expressive access policies,and hidden access policies.In this paper,we propose an attributebased keyword search encryption scheme for power data protection.Firstly,our proposed scheme can support encrypted data retrieval and achieve fine-grained access control.Only authorized users whose attributes satisfy the access policies can search and decrypt the encrypted data.Secondly,to satisfy the requirement in the power grid environment,the proposed scheme can support large attribute universe and hidden access policies.The access policy in this scheme does not leak private information about users.Thirdly,the security analysis and performance analysis indicate that our scheme is efficient and practical.Furthermore,the comparisons with other schemes demonstrate the advantages of our proposed scheme.

A Lightweight, Searchable, and Controllable EMR Sharing Scheme

Electronic medical records (EMR) facilitate the sharing of medical data, but existing sharing schemes suffer fromprivacy leakage and inefficiency. This article proposes a lightweight, searchable, and controllable EMR sharingscheme, which employs a large attribute domain and a linear secret sharing structure (LSSS), the computationaloverhead of encryption and decryption reaches a lightweight constant level, and supports keyword search andpolicy hiding, which improves the high efficiency of medical data sharing. The dynamic accumulator technologyis utilized to enable data owners to flexibly authorize or revoke the access rights of data visitors to the datato achieve controllability of the data. Meanwhile, the data is re-encrypted by Intel Software Guard Extensions(SGX) technology to realize resistance to offline dictionary guessing attacks. In addition, blockchain technology isutilized to achieve credible accountability for abnormal behaviors in the sharing process. The experiments reflectthe obvious advantages of the scheme in terms of encryption and decryption computation overhead and storageoverhead, and theoretically prove the security and controllability in the sharing process, providing a feasible solutionfor the safe and efficient sharing of EMR.

Keyword Search Encryption Scheme Resistant Against Keyword-Guessing Attack by the Untrusted Server

The user data stored in an untrusted server, such as the centralized data center or cloud computing server, may be dangerous of eavesdropping if the data format is a plaintext. However, the general ciphertext is difficult to search and thus limited for practical usage. The keyword search encryption is a helpful mechanism that provides a searchable ciphertext for some predefined keywords. The previous studies failed to consider the attack from the data storage server to guess the keyword. This kind of attack may cause some critical information revealed to the untrusted server. This paper proposes a new keyword search encryption model that can effectively resist the keyword-guessing attack performed by the untrusted data storage(testing) server. The testing(query)secret is divided into multiple shares so that the security can be guaranteed if the servers cannot conspire with each other to retrieve all shares of the secret.

Efective Error-Tolerant Keyword Search for Secure Cloud Computing

The existing solutions to keyword search in the cloud can be divided into two categories： searching on exact keywords and searching on error-tolerant keywords. An error-tolerant keyword search scheme permits to make searches on encrypted data with only an approximation of some keyword. The scheme is suitable to the case where users＇ searching input might not exactly match those pre-set keywords. In this paper, we first present a general framework for searching on error-tolerant keywords. Then we propose a concrete scheme, based on a fuzzy extractor, which is proved secure against an adaptive adversary under well-defined security definition. The scheme is suitable for all similarity metrics including Hamming distance, edit distance, and set difference. It does not require the user to construct or store anything in advance, other than the key used to calculate the trapdoor of keywords and the key to encrypt data documents. Thus, our scheme tremendously eases the users＇ burden. What is more, our scheme is able to transform the servers＇ searching for error-tolerant keywords on ciphertexts to the searching for exact keywords on plaintexts. The server can use any existing approaches of exact keywords search to search plaintexts on an index table.

Keyword Searches in Data-Centric XML Documents Using Tree Partitioning

This paper presents an effective keyword search method for data-centric extensive markup language （XML） documents. The method divides an XML document into compact connected integral subtrees, called self-integral trees （SI-Trees）, to capture the structural information in the XML document. The SI-Trees are generated based on a schema guide. Meaningful self-integral trees （MSI-Trees） are identified, which contain all or some of the input keywords for the keyword search in the XML documents. Indexing is used to accelerate the retrieval of MSI-Trees related to the input keywords. The MSI-Trees are ranked to identify the top-k results with the highest ranks. Extensive tests demonstrate that this method costs 10-100 ms to answer a keyword query, and outperforms existing approaches by 1-2 orders of magnitude.

ABDKS:attribute-based encryption with dynamic keyword search in fog computing

Attribute-based encryption with keyword search(ABKS)achieves both fine-grained access control and keyword search.However,in the previous ABKS schemes,the search algorithm requires that each keyword to be identical between the target keyword set and the ciphertext keyword set,otherwise the algorithm does not output any search result,which is not conducive to use.Moreover,the previous ABKS schemes are vulnerable to what we call a peer-decryption attack,that is,the ciphertext may be eavesdropped and decrypted by an adversary who has sufficient authorities but no information about the ciphertext keywords.In this paper,we provide a new system in fog computing,the ciphertext-policy attribute-based encryption with dynamic keyword search(ABDKS).In ABDKS,the search algorithm requires only one keyword to be identical between the two keyword sets and outputs the corresponding correlation which reflects the number of the same keywords in those two sets.In addition,our ABDKS is resistant to peer-decryption attack,since the decryption requires not only sufficient authority but also at least one keyword of the ciphertext.Beyond that,the ABDKS shifts most computational overheads from resource constrained users to fog nodes.The security analysis shows that the ABDKS can resist Chosen-Plaintext Attack(CPA)and Chosen-Keyword Attack(CKA).

Ginix: Generalized Inverted Index for Keyword Search

Keyword search has become a ubiquitous method for users to access text data in the face of information explosion. Inverted lists are usually used to index underlying documents to retrieve documents according to a set of keywords efficiently. Since inverted lists are usually large, many compression techniques have been proposed to reduce the storage space and disk I/O time. However, these techniques usually perform decompression operations on the fly, which increases the CPU time. This paper presents a more efficient index structure, the Generalized INverted IndeX （Ginix）, which merges consecutive IDs in inverted lists into intervals to save storage space. With this index structure, more efficient algorithms can be devised to perform basic keyword search operations, i.e., the union and the intersection operations, by taking the advantage of intervals. Specifically, these algorithms do not require conversions from interval lists back to ID lists. As a result, keyword search using Ginix can be more efficient than those using traditional inverted indices. The performance of Ginix is also improved by reordering the documents in datasets using two scalable algorithms. Experiments on the performance and scalability of Ginix on real datasets show that Ginix not only requires less storage space, but also improves the keyword search performance, compared with traditional inverted indexes.

Efficient keyword search over graph-structured data based on minimal covered r-cliques

Keyword search is an alternative for structured languages in querying graph-structured data.A result to a keyword query is a connected structure covering all or part of the queried keywords.The textual coverage and structural compactness have been known as the two main properties of a relevant result to a keyword query.Many previous works examined these properties after retrieving all of the candidate results using a ranking function in a comparative manner.However,this needs a time-consuming search process,which is not appropriate for an interactive system in which the user expects results in the least possible time.This problem has been addressed in recent works by confining the shape of results to examine their coverage and compactness during the search.However,these methods still suffer from the existence of redundant nodes in the retrieved results.In this paper,we introduce the semantic of minimal covered r-clique(MCCr)for the results of a keyword query as an extended model of existing definitions.We propose some efficient algorithms to detect the MCCrs of a given query.These algorithms can retrieve a comprehensive set of non-duplicate MCCrs in response to a keyword query.In addition,these algorithms can be executed in a distributive manner,which makes them outstanding in the field of keyword search.We also propose the approximate versions of these algorithms to retrieve the top-k approximate MCCrs in a polynomial delay.It is proved that the approximate algorithms can retrieve results in two-approximation.Extensive experiments on two real-world datasets confirm the efficiency and effectiveness of the proposed algorithms.

Constructing pairing-free certificateless public key encryption with keyword search

Searchable public key encryption enables a storage server to retrieve the publicly encrypted data without revealing the original data contents.It offers a perfect cryptographic solution to encrypted data retrieval in encrypted data storage systems.Certificateless cryptography(CLC)is a novel cryptographic primitive that has many merits.It overcomes the key escrow problem in identity-based cryptosystems and the cumbersome certificate problem in conventional public key cryptosystems.Motivated by the appealing features of CLC,three certificateless encryption with keyword search(CLEKS)schemes were presented in the literature.However,all of them were constructed with the costly bilinear pairing and thus are not suitable for the devices that have limited computing resources and battery power.So,it is interesting and worthwhile to design a CLEKS scheme without using bilinear pairing.In this study,we put forward a pairing-free CLEKS scheme that does not exploit bilinear pairing.We strictly prove that the scheme achieves keyword ciphertext indistinguishability against adaptive chosen-keyword attacks under the complexity assumption of the computational Diffie-Hellman problem in the random oracle model.Efficiency comparison and the simulation show that it enjoys better performance than the previous pairing-based CLEKS schemes.In addition,we briefly introduce three extensions of the proposed CLEKS scheme.

An Efficient Multi-Keyword Query Processing Strategy on P2P Based Web Search

The paper presents a novel benefit based query processing strategy for efficient query routing. Based on DHT as the overlay network, it first applies Nash equilibrium to construct the optimal peer group based on the correlations of keywords and coverage and overlap of the peers to decrease the time cost, and then presents a two-layered architecture for query processing that utilizes Bloom filter as compact representation to reduce the bandwidth consumption. Extensive experiments conducted on a real world dataset have demonstrated that our approach obviously decreases the processing time, while improves the precision and recall as well.

Improved Research on Fuzzy Search over Encrypted Cloud Data Based on Keywords

A search strategy over encrypted cloud data based on keywords has been improved and has presented a method using different strategies on the client and the server to improve the search efficiency in this paper. The client uses the Chinese and English to achieve the synonym construction of the keywords, the establishment of the fuzzy-syllable words and synonyms set of keywords and the implementation of fuzzy search strategy over the encryption of cloud data based on keywords. The server side through the analysis of the user’s query request provides keywords for users to choose and topic words and secondary words are picked out. System will match topic words with historical inquiry in time order, and then the new query result of the request is directly gained. The analysis of the simulation experiment shows that the fuzzy search strategy can make better use of historical results on the basis of privacy protection for the realization of efficient data search, saving the search time and improving the efficiency of search.