Forward Secure Public-key Authenticated Encryption with Conjunctive Keyword Search

• Published in: Computer journal Vol. 66; no. 9; pp. 2265 - 2278
• Main Authors: Jiang, Zhe, Zhang, Kai, Wang, Liangliang, Ning, Jianting
• Format: Journal Article
• Language: English
• Published: Oxford University Press 18.09.2023
• Subjects: Forward Security; Searchable Encryption; Public-key Authenticated Encryption with Keyword Search; Public-key Encryption with Keyword Search; Keyword Guessing Attacks
• ISSN: 0010-4620; 1460-2067
• DOI: 10.1093/comjnl/bxac075

Abstract Public key encryption with keyword search is a promising primitive which enables search over encrypted data in secure data outsourcing services. In traditional construction, the associated keywords may be recovered from a given trapdoor by a malicious server through keyword guessing attacks. Therefore, the notion of public-key authenticated encryption with keyword search (PAEKS) was introduced, where a sender encrypts (and authenticates) the keywords using a receiver’s public key and its secret key. In this paper, we consider the forward security for PAEKS and introduce a new primitive: forward secure public-key authenticated encryption with keyword search (FS-PAEKS), which captures the information leakage risk from previously issued queries due to the updates on the outsourced data. Technically, we embed a non-interactively agreed key into the cipher-keyword generation algorithm, and bind the cipher-keyword and the trapdoor with a set converted from algorithm-generation time. Finally, we present an efficient FS-PAEKS scheme supporting conjunctive query, and prove its forward security against chosen keyword attacks and keyword guessing attacks. To illustrate practical performance, we implement our FS-PAEKS and related PAEKS schemes based on Enron dataset in real cloud environment.