Practical Attribute-Based Conjunctive Keyword Search Scheme

2019 ◽  
Vol 63 (8) ◽  
pp. 1203-1215 ◽  
Author(s):  
Yang Chen ◽  
Wenmin Li ◽  
Fei Gao ◽  
Kaitai Liang ◽  
Hua Zhang ◽  
...  
Keyword(s):  
Keyword Search ◽  
Inner Product ◽  
Real World Data ◽  
Data Set ◽  
Fine Grained ◽  
Keyword Guessing Attack ◽  
Secure Search ◽  
Data Owner ◽  
Cryptographic Primitive ◽  
Guessing Attack

Abstract To date cloud computing may provide considerable storage and computational power for cloud-based applications to support cryptographic operations. Due to this benefit, attribute-based keyword search (ABKS) is able to be implemented in cloud context in order to protect the search privacy of data owner/user. ABKS is a cryptographic primitive that can provide secure search services for users but also realize fine-grained access control over data. However, there have been two potential problems that prevent the scalability of ABKS applications. First of all, most of the existing ABKS schemes suffer from the outside keyword guessing attack (KGA). Second, match privacy should be considered while supporting multi-keyword search. In this paper, we design an efficient method to combine the keyword search process in ABKS with inner product encryption and deploy several proposed techniques to ensure the flexibility of retrieval mode, the security and efficiency of our scheme. We later put forward an attribute-based conjunctive keyword search scheme against outside KGA to solve the aforementioned problems. We provide security notions for two types of adversaries and our construction is proved secure against chosen keyword attack and outside KGA. Finally, all-side simulation with real-world data set is implemented for the proposed scheme, and the results of the simulation show that our scheme achieves stronger security without yielding significant cost of storage and computation.

scholarly journals Fine-Grained Attribute-Based Multikeyword Search for Shared Multiowner in Internet of Things

2021 ◽  
Vol 2021 ◽  
pp. 1-14
Author(s):  
Yunhong Zhou ◽  
Jiehui Nan ◽  
Licheng Wang
Keyword(s):  
Internet Of Things ◽  
Keyword Search ◽  
Security Analysis ◽  
Security And Privacy ◽  
Management Service ◽  
Specific Data ◽  
Fine Grained ◽  
Secure Search ◽  
Data Owner ◽  
Iot Devices

At present, with the popularity of Internet of things (IoT), a huge number of datasets generated by IoT devices are being uploaded to the cloud storage in remote data management service, but a series of security and privacy defects also arises, where one of the best ways for preventing data disclosure is encryption. Among them, searchable encryption (SE) is considered to be a very attractive cryptographic technology, since it allows users to search records in an encrypted form and to protect user’s data on an untrusted server. For the sake of enhancing search permission, attribute-based keyword search (ABKS) is an efficient method to provide secure search queries and fine-grained access authentications over ciphertexts. However, most existing ABKS schemes concentrate on single keyword search, which usually returns redundant and irrelevant results, so it would cost some unnecessary computation and communication resources. Furthermore, existing work in the literature mostly only supports unshared multiowner where a specific data owner owns each file, which is not able to satisfy more desired expressive search. In this work, we propose a novel attribute-based multikeyword search for shared multiowner (ABMKS-SM) primitive in IoT to achieve enhanced access control for users; meanwhile, it can support multikeyword search over ciphertexts and give a formal security analysis in the adaptive against chosen keyword attack (IND-CKA) model. Finally, we have also implemented this prototype to show efficiency when compared with some previous schemes.

scholarly journals ABKS-SKGA: Attribute-based keyword search secure against keyword guessing attack

2021 ◽  
Vol 74 ◽  
pp. 103471
Author(s):  
Jiguo Li ◽  
Min Wang ◽  
Yang Lu ◽  
Yichen Zhang ◽  
Huaqun Wang
Keyword(s):  
Keyword Search ◽  
Keyword Guessing Attack ◽  
Guessing Attack

An ElGamal-like Secure Channel Free Public Key Encryption with Keyword Search Scheme

2019 ◽  
Vol 30 (02) ◽  
pp. 255-273 ◽  
Author(s):  
Min-Shiang Hwang ◽  
Cheng-Chi Lee ◽  
Shih-Ting Hsu
Keyword(s):  
Keyword Search ◽  
Bilinear Pairing ◽  
Public Key ◽  
Encryption Scheme ◽  
Public Key Encryption ◽  
Keyword Guessing Attack ◽  
Elgamal Cryptosystem ◽  
Guessing Attack ◽  
Secure Channel

The idea of public key encryption with keyword search (PEKS), proposed by Boneh et al., enables one to send a trapdoor containing a encrypted keyword to query data without revealing the keyword. In Boneh et al.’s design, the trapdoor has to be transferred through a secure channel, which is both costly and inefficient. Baek et al. then proposed an efficient secure channel free public key encryption scheme with keyword search (SCF-PEKS). After that, vast amounts of research have focused on the protection against the off-line keyword guessing attack (OKGA) by enhancing the model. However, most of the PEKS/SCF-PEKS schemes developed so far are constructed by applying bilinear pairing and are susceptible to off-line keyword guessing attacks. In this paper, we propose a new SCF-PEKS scheme based on the ElGamal cryptosystem. The proposed scheme is not only secure against off-line keyword guessing attacks but also improves the efficiency.

scholarly journals A Secured Proxy-Based Data Sharing Module in IoT Environments Using Blockchain

Sensors ◽  
2019 ◽  
Vol 19 (5) ◽  
pp. 1235 ◽  
Author(s):  
Kwame Obour Agyekum ◽  
Qi Xia ◽  
Emmanuel Sifah ◽  
Jianbin Gao ◽  
Hu Xia ◽  
...  
Keyword(s):  
Access Control ◽  
Data Sharing ◽  
Security And Privacy ◽  
Inner Product ◽  
Data Confidentiality ◽  
Collusion Attacks ◽  
Fine Grained ◽  
Computing Paradigm ◽  
Attribute Based Encryption ◽  
Data Owner

Access and utilization of data are central to the cloud computing paradigm. With the advent of the Internet of Things (IoT), the tendency of data sharing on the cloud has seen enormous growth. With data sharing comes numerous security and privacy issues. In the process of ensuring data confidentiality and fine-grained access control to data in the cloud, several studies have proposed Attribute-Based Encryption (ABE) schemes, with Key Policy-ABE (KP-ABE) being the prominent one. Recent works have however suggested that the confidentiality of data is violated through collusion attacks between a revoked user and the cloud server. We present a secured and efficient Proxy Re-Encryption (PRE) scheme that incorporates an Inner-Product Encryption (IPE) scheme in which decryption of data is possible if the inner product of the private key, associated with a set of attributes specified by the data owner, and the associated ciphertext is equal to zero 0 . We utilize a blockchain network whose processing node acts as the proxy server and performs re-encryption on the data. In ensuring data confidentiality and preventing collusion attacks, the data are divided into two, with one part stored on the blockchain network and the other part stored on the cloud. Our approach also achieves fine-grained access control.

scholarly journals A Multi-User Ciphertext Policy Attribute-Based Encryption Scheme with Keyword Search for Medical Cloud System

2020 ◽  
Vol 11 (1) ◽  
pp. 63
Author(s):  
Han-Yu Lin ◽  
Yan-Ru Jiang
Keyword(s):  
Health Information ◽  
Keyword Search ◽  
Population Aging ◽  
Personal Health Record ◽  
Fine Grained ◽  
Attribute Based Encryption ◽  
Cryptographic Primitive ◽  
Cloud Server ◽  
Ciphertext Policy ◽  
Cloud Servers

Population aging is currently a tough problem of many countries. How to utilize modern technologies (including both information and medical technologies) to improve the service quality of health information is an important issue. Personal Health Record (PHR) could be regarded as a kind of health information records of individuals. A ciphertext policy attribute-based encryption (CP-ABE) is a cryptographic primitive for fine-grained access control of outsourced data in clouds. In order to enable patients to effectively store his medical records and PHR data in medical clouds, we propose an improved multi-user CP-ABE scheme with the functionality of keyword search which enables data users to seek for specific ciphertext in the cloud server by using a specific keyword. Additionally, we adopt an independent proxy server in the proposed system architecture to isolate the communication between clients and the cloud server, so as to prevent cloud servers from suffering direct attacks and also reduce the computational loading of cloud servers. Compared with the previous approach, the proposed encryption algorithm takes less running time and the ciphertext length is also relatively short. Moreover, the procedures of re-encryption and pre-decryption only require one exponentiation computation, respectively.

Sign in / Sign up

Export Citation Format

Share Document