KSII Transactions on Internet and Information Systems (TIIS)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

Novel Multi-user Conjunctive Keyword Search Against Keyword Guessing Attacks Under Simple Assumptions

  • Zhao, Zhiyuan (Zhengzhou Information Science and Technology Institute) ;
  • Wang, Jianhua (Zhengzhou Information Science and Technology Institute)
  • Received : 2016.12.11
  • Accepted : 2017.03.11
  • Published : 2017.07.31
Download PDF
⟨ Previous Next ⟩

Abstract

Conjunctive keyword search encryption is an important technique for protecting sensitive personal health records that are outsourced to cloud servers. It has been extensively employed for cloud storage, which is a convenient storage option that saves bandwidth and economizes computing resources. However, the process of searching outsourced data may facilitate the leakage of sensitive personal information. Thus, an efficient data search approach with high security is critical. The multi-user search function is critical for personal health records (PHRs). To solve these problems, this paper proposes a novel multi-user conjunctive keyword search scheme (mNCKS) without a secure channel against keyword guessing attacks for personal health records, which is referred to as a secure channel-free mNCKS (SCF-mNCKS). The security of this scheme is demonstrated using the Decisional Bilinear Diffie-Hellman (DBDH) and Decision Linear (D-Linear) assumptions in the standard model. Comparisons are performed to demonstrate the security advantages of the SCF-mNCKS scheme and show that it has more functions than other schemes in the case of analogous efficiency.

Keywords

Acknowledgement

Grant : Collaborative Precision Positioning Project

Supported by : National Key Research Program of China

References

  1. A. Bhargav-Spantzel, J. Camenisch, T. Gross and D. Sommer, "User centricity: a taxonomy and open issues," Journal of Computer Security, vol. 15, no. 5, pp. 493-527, July, 2007. https://doi.org/10.3233/JCS-2007-15502
  2. H. Lohr, A. R. Sadeghi and M. Winandy, "Securing the e-health cloud," in Proc. of the 1st ACM International Health Informatics Symposium, pp. 220-229, November 11-12, 2010.
  3. A. Mehmood, H. Song and J. Lloret, "Multi-agent based framework for secure and reliable communication among open clouds," Network Protocols and algorithms. Macrothink Institute, vol. 6, no. 4, pp. 60-76, December, 2014. https://doi.org/10.5296/npa.v6i4.6028
  4. I. Butun, M. Erol-Kantarci, B. Kantarci and H. Song, "Cloud-centric multi-level authentication as a service for secure public safety device networks," IEEE Communications Magazine, vol. 54, no. 4, pp. 47-53, April, 2016. https://doi.org/10.1109/MCOM.2016.7452265
  5. M. Shojafar, S. Abolfazli, H. Mostafaei and M. Singhal, "Improving channel assignment in multi-radio wireless mesh networks with learning automata," Wireless Personal Communications, vol. 82, no. 1, pp. 61-80, May, 2015. https://doi.org/10.1007/s11277-014-2194-0
  6. D. X. Song, D. Wagner and A. Perrig, "Practical techniques for searches on encrypted data," in Proc. of IEEE Symposium on Security and Privacy, pp. 44-55, May 14-17, 2000.
  7. D. Boneh, G. Di Crescenzo, R. Ostrovsky and G. Persiano, "Public key encryption with keyword search," in Proc. of International Conference on the Theory and Applications of Cryptographic Techniques, pp. 506-522, May 2-6, 2004.
  8. P. Golle, J. Staddon and B. Waters, "Secure conjunctive keyword search over encrypted data," in Proc. of International Conference on Applied Cryptography and Network Security, pp. 31-45, June 8-11, 2004.
  9. D. J. Park, K. Kim and P. J. Lee, "Public key encryption with conjunctive field keyword search," in Proc. of International Workshop on Information Security Applications, pp. 73-86, August 23-25, 2004.
  10. B. Zhang and F. Zhang, "An efficient public key encryption with conjunctive-subset keywords search," Journal of Network and Computer Application, vol. 34, no. 1, pp. 262-267, January, 2011. https://doi.org/10.1016/j.jnca.2010.07.007
  11. W. Sun, B. Wang, N. Cao and et al, "Verifiable privacy-preserving multi-keyword text search in the cloud supporting similarity-based ranking," IEEE Transactions on Parallel and Distributed Systems, vol. 25, no. 11, pp. 3025-3035, November, 2014. https://doi.org/10.1109/TPDS.2013.282
  12. W. Sun, X. Liu, W. Lou and et al, "Catch you if you lie to me: Efficient verifiable conjunctive keyword search over large dynamic encrypted cloud data," in Proc. of IEEE conference on computer communications, pp. 2110-2118, April 26-May 1, 2015.
  13. J. Baek, R. Safavinaini and W. Susilo, "Public Key Encryption with Keyword Search Revisited," in Proc. of International Conference on Computational Science and Its Applications, pp. 1249-1259, June 30-July 3, 2008.
  14. H. S. Rhee, J. H. Park, W. Susilo and D. H. Lee, "Improved searchable public key encryption with designated tester," in Proc. of ACM Symposium on Information, Computer and Communications Security, pp. 376-379, March 10-12, 2009.
  15. K. Emura, A. Miyaji, M. S. Rahman and K. Omote, "Generic constructions of secure-channel free searchable encryption with adaptive security," Security and Communication Networks, vol. 8, no. 8, pp. 1547-1560, May, 2015. https://doi.org/10.1002/sec.1103
  16. J. W. Byun, H. S. Rhee, H. A. Park and D. H. Lee, "Off-line keyword guessing attacks on recent keyword search schemes over encrypted data," in Proc. of Workshop on Secure Data Management, pp. 75-83, September 10-11, 2006.
  17. W. C. Yau, S. H. Heng and B. M. Goi, "Off-line keyword guessing attacks on recent public key encryption with keyword search schemes," in Proc. of International Conference on Autonomic and Trusted Computing, pp. 100-105, June 23-25, 2008.
  18. J. Baek, R. Safavi-Naini and W. Susilo, "On the integration of public key data encryption and public key encryption with keyword search," in Proc. of International Conference on Information Security, pp. 217-232, August 30-September 2, 2006.
  19. H.S. Rhee, W. Susilo and H-J. Kim, "Secure searchable public key encryption scheme against keyword guessing attacks," IEICE Electron. Express, vol. 6, no. 5, pp. 237-243, June, 2009. https://doi.org/10.1587/elex.6.237
  20. R. Canetti, O. Goldreich and S. Halevi, "The random oracle methodology, revisited," Journal of the ACM (JACM), vol. 51, no. 4, pp. 557-594, July, 2004. https://doi.org/10.1145/1008731.1008734
  21. M. S. Hwang, S. T. Hsu and C. C. Lee, "A new public key encryption with conjunctive field keyword search scheme," Information Technology And Control, vol. 43, no .3, pp. 277-288, February, 2014.
  22. L. Guo and W. C. Yau, "Efficient secure-channel free public key encryption with keyword search for EMRs in cloud storage," Journal of medical systems, vol. 39, no. 2, pp. 1-11, February, 2015. https://doi.org/10.1007/s10916-014-0182-2
  23. Y. Yang and M. Ma, "Conjunctive keyword search with designated tester and timing enabled proxy re-encryption function for e-health clouds," IEEE Transactions on Information Forensics and Security, vol. 11, no. 4, pp. 746-759, April, 2016. https://doi.org/10.1109/TIFS.2015.2509912
  24. Y. Miao, J. Ma, F. Wei and et al, "VCSE: Verifiable conjunctive keywords search over encrypted data without secure-channel," Peer-to-Peer Networking and Applications, pp. 1-13, May, 2016.
  25. M. Shojafar, J. H. Abawajy, Z. Delkhah and et al, "An efficient and distributed file search in unstructured peer-to-peer networks," Peer-to-Peer Networking and Applications, vol. 8, no. 1, pp. 120-136, January, 2015. https://doi.org/10.1007/s12083-013-0236-0
  26. Y. H. Hwang and P. J. Lee, "Public key encryption with conjunctive keyword search and its extension to a multi-user system," in Proc. of International Conference on Pairing-Based Cryptography, pp. 2-22, July 2-4, 2007.
  27. L. Cheung and C. Newport, "Provably secure ciphertext policy ABE," in Proc. of the 14th ACM conference on Computer and communications security, pp. 456-465, October 29-November 02, 2007.
  28. J. Bethencourt, A. Sahai and B. Waters, "Ciphertext-policy attribute-based encryption," in Proc. of IEEE symposium on security and privacy, pp. 321-334, May 20-23, 2007.
  29. M. Abdalla, M. Bellare, D. Catalano and et al, "Searchable encryption revisited: Consistency properties, relation to anonymous IBE, and extensions," in Proc. of Annual International Cryptology Conference, pp. 205-222, August 14-18, 2005.
  30. L. Fang, W. Susilo, C. Ge and J. Wang, "Public key encryption with keyword search secure against keyword guessing attacks without random oracle," Information Sciences, vol. 238, no. 7, pp. 221-241, July, 2013. https://doi.org/10.1016/j.ins.2013.03.008