TY - JOUR
T1 - Secure-channel free keyword search with authorization in manager-centric databases
AU - Jiang, Peng
AU - Mu, Yi
AU - Guo, Fuchun
AU - Wen, Qiaoyan
N1 - Publisher Copyright:
© 2016 Elsevier Ltd
PY - 2017/8
Y1 - 2017/8
N2 - Public key encryption with keyword search (PEKS) provides the functionality of encrypted data retrieval with keyword privacy in database systems. PEKS allows a user to specify a keyword and search the encrypted data associated with this keyword that is uploaded by others. In this paper, we investigate the retrieval privilege management in the manager-centric model, where each user has a different search right over the unique keyword set. Unfortunately, employing the prior PEKS and other related cryptographic techniques might suffer from the problems of key abuse and bandwidth consumption. To address these issues, we introduce a new cryptographic primitive called public key encryption with authorized keyword search (PEAKS). In PEAKS, the search right is assigned by the authority over a distinct keyword set and the user with an authorized search right can only search data associated with these keywords. We propose two constructions with formal security proof, namely the basic PEAKS scheme and the secure channel-free PEAKS (SCF-PEAKS) scheme. Both schemes feature with the constant-size authorized token, while the SCF-PEAKS scheme is also resistant against the outsider keyword guessing attacks. The performance evaluation shows that the proposed schemes consume less bandwidth for frequent token update.
AB - Public key encryption with keyword search (PEKS) provides the functionality of encrypted data retrieval with keyword privacy in database systems. PEKS allows a user to specify a keyword and search the encrypted data associated with this keyword that is uploaded by others. In this paper, we investigate the retrieval privilege management in the manager-centric model, where each user has a different search right over the unique keyword set. Unfortunately, employing the prior PEKS and other related cryptographic techniques might suffer from the problems of key abuse and bandwidth consumption. To address these issues, we introduce a new cryptographic primitive called public key encryption with authorized keyword search (PEAKS). In PEAKS, the search right is assigned by the authority over a distinct keyword set and the user with an authorized search right can only search data associated with these keywords. We propose two constructions with formal security proof, namely the basic PEAKS scheme and the secure channel-free PEAKS (SCF-PEAKS) scheme. Both schemes feature with the constant-size authorized token, while the SCF-PEAKS scheme is also resistant against the outsider keyword guessing attacks. The performance evaluation shows that the proposed schemes consume less bandwidth for frequent token update.
KW - Authorization
KW - Database system management
KW - Provable security
KW - Searchable encryption
KW - Secure keyword search
UR - http://www.scopus.com/inward/record.url?scp=85008224726&partnerID=8YFLogxK
U2 - 10.1016/j.cose.2016.11.015
DO - 10.1016/j.cose.2016.11.015
M3 - Article
AN - SCOPUS:85008224726
SN - 0167-4048
VL - 69
SP - 50
EP - 64
JO - Computers and Security
JF - Computers and Security
ER -