What are you looking for ?

R&D: Efficient Public-Key Searchable Encryption Vs. Inside Keyword Guessing Attacks for Cloud Storage

Authors prove security of scheme, which achieves same security goals as existing scheme; finally, authors analyze scheme's efficiency through theoretical analysis and performance evaluation, which demonstrates its efficiency.

Journal of Systems Architecture has published an article written by Axin Wu, State Key Laboratory of Cryptology, Beijing, Beijing, 100878, China, Fagen Li, School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, 611731, China, Xiangjun Xin, College of Software Engineering, Zhengzhou University of Light Industry, Zhengzhou, 450002, China, Yinghui Zhang, National Engineering Research Center for Secured Wireless (NERCSW), School of Cyberspace Security, Xi’an University of Posts & Telecommunications, Xi’an 710121, China, and Jianhao Zhu, College of Cyber Security, the College of Information Science and Technology, Jinan University, Guangzhou, Guangdong, 510632, China.

Abstract: Cloud storage offers data users relief from cumbersome management tasks and enhances overall efficiency. However, while it brings convenience, there is also the risk of privacy breaches. To address this, public-key encryption with keyword search (PEKE) presents a solution that balances efficiency, convenience, and security in the context of cloud storage. Nevertheless, PEKS is vulnerable to inside keyword guessing attacks and algorithm substitution attacks, posing a serious threat to its deployment. Cryptographic reverse firewall technique randomizes incoming messages to effectively defend against both types of attacks mentioned earlier through a gateway. However, this approach requires the gateway to store a random number for each keyword, increasing storage costs and potentially exposing keyword information. In response, we propose an improved scheme that inherits the remarkable properties of the method based on cryptographic reverse firewall. Additionally, the proposed scheme eliminates the need for gateways to store random numbers, reducing the management and storage burdens and supports multiple keywords for one document, a feature more aligned with real-world applications. Furthermore, we prove the security of the scheme, which achieves the same security goals as the existing scheme. Finally, we analyze the scheme s efficiency through theoretical analysis and performance evaluation, which demonstrates its efficiency.