research-article

Post-Quantum Searchable Encryption Supporting User-Authorization for Outsourced Data Management

Authors:

Siu-Ming YiuAuthors Info & Claims

CIKM '24: Proceedings of the 33rd ACM International Conference on Information and Knowledge Management

Pages 2702 - 2711

https://doi.org/10.1145/3627673.3679522

Published: 21 October 2024 Publication History

Abstract

With the widespread development of database systems, data security has become crucial when it comes to sharing among users and servers. A straightforward approach involves using searchable encryption to ensure the confidentiality of shared data. However, in certain scenarios, varying user tiers are granted disparate data searching privileges, and administrators need to restrict the searchability of ciphertexts to select users exclusively. To address this issue, public key encryption with authorized keyword search (PEAKS) was proposed, wherein solely authorized users possess the ability to conduct targeted keyword searches. Nonetheless, it is vulnerable to resist quantum computing attacks. As a result, research focusing on authorizing users to search for keywords while achieving quantum security is far-reaching. In this paper, we propose a lattice-based variant of PEAKS (L-PEAKS) that enables keyword dataset authorization for outsourced data management. Unlike existing schemes, our design incorporates identity-based encryption (IBE) to overcome the bottleneck of public key management. Besides, we utilize several lattice sampling algorithms to defend against attacks from quantum adversaries. Specifically, each authorized user must obtain a search privilege from an authority. The authority distributes an authorized token to the user within a specific time period, and the user generates a trapdoor for any authorized keywords. Our scheme is proven to be secure against IND-sID-CKA and T-EUF security in a quantum setting. We also conduct comprehensive evaluations on a commodity machine to assess completeness and provide theoretical complexity comparisons with existing state-of-the-art schemes.

References

[1]

Martin R Albrecht, Rachel Player, and Sam Scott. 2015. On the concrete hardness of learning with errors. Journal of Mathematical Cryptology, Vol. 9, 3 (2015), 169--203.

[2]

Rouzbeh Behnia, Muslum Ozgur Ozmen, and Attila Altay Yavuz. 2018. Lattice-based public key searchable encryption from experimental perspectives. IEEE Transactions on Dependable and Secure Computing, Vol. 17, 6 (2018), 1269--1282.

[3]

Dan Boneh, Giovanni Di Crescenzo, Rafail Ostrovsky, and Giuseppe Persiano. 2004. Public key encryption with keyword search. In Advances in Cryptology-EUROCRYPT 2004: International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, May 2--6, 2004. Proceedings 23. Springer, 506--522.

[4]

Luca Bonomi, Sepand Gousheh, and Liyue Fan. 2023. Enabling Health Data Sharing with Fine-Grained Privacy. In Proceedings of the 32nd ACM International Conference on Information and Knowledge Management. 131--141.

Digital Library

[5]

Yibo Cao, Shiyuan Xu, Xue Chen, Yunhua He, and Shuo Jiang. 2022. A forward-secure and efficient authentication protocol through lattice-based group signature in VANETs scenarios. Computer Networks, Vol. 214 (2022), 109149.

Digital Library

[6]

Biwen Chen, Libing Wu, Sherali Zeadally, and Debiao He. 2019. Dual-server public-key authenticated encryption with keyword search. IEEE Transactions on Cloud Computing, Vol. 10, 1 (2019), 322--333.

[7]

Xue Chen, Shiyuan Xu, Yibo Cao, Yunhua He, and Ke Xiao. 2023. AQRS: Anti-quantum ring signature scheme for secure epidemic control with blockchain. Computer Networks, Vol. 224 (2023), 109595.

Digital Library

[8]

Xue Chen, Shiyuan Xu, Tao Qin, Yu Cui, Shang Gao, and Weimin Kong. 2022. AQ--ABS: Anti-quantum attribute-based signature for EMRs sharing with blockchain. In 2022 IEEE Wireless Communications and Networking Conference (WCNC). IEEE, 1176--1181.

Digital Library

[9]

Leixiao Cheng and Fei Meng. 2022. Public key authenticated encryption with keyword search from LWE. In European Symposium on Research in Computer Security. Springer, 303--324.

Digital Library

[10]

Hui Cui, Robert H Deng, Joseph K Liu, and Yingjiu Li. 2017. Attribute-based encryption with expressive and authorized keyword search. In Information Security and Privacy: 22nd Australasian Conference, ACISP 2017, Auckland, New Zealand, July 3--5, 2017, Proceedings, Part I 22. Springer, 106--126.

[11]

Xiaolei Dong, Zhenfu Cao, Jiachen Shen, et al. 2019. Revocable Public Key Encryption with Authorized Keyword Search. In 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). IEEE, 857--860.

[12]

Qingqing Gan, Joseph K Liu, Xiaoming Wang, Xingliang Yuan, Shi-Feng Sun, Daxin Huang, Cong Zuo, and Jianfeng Wang. 2022. Verifiable searchable symmetric encryption for conjunctive keyword queries in cloud storage. Frontiers of Computer Science, Vol. 16, 6 (2022), 166820.

Digital Library

[13]

Yu Guo, Yuxin Xi, Haodi Wang, Mingyue Wang, Cong Wang, and Xiaohua Jia. 2023. FedEDB: Building a Federated and Encrypted Data Store Via Consortium Blockchains. IEEE Transactions on Knowledge and Data Engineering (2023).

[14]

Yu Guo, Yu Zhao, Saihui Hou, Cong Wang, and Xiaohua Jia. 2023. Verifying in the dark: Verifiable machine unlearning by using invisible backdoor triggers. IEEE Transactions on Information Forensics and Security (2023).

[15]

Jialu Hao, Jian Liu, Huimei Wang, Lingshuang Liu, Ming Xian, and Xuemin Shen. 2019. Efficient attribute-based access control with authorized search in cloud storage. IEEE Access, Vol. 7 (2019), 182772--182783.

[16]

Qiong Huang and Hongbo Li. 2017. An efficient public-key searchable encryption scheme secure against inside keyword guessing attacks. Information Sciences, Vol. 403 (2017), 1--14.

Digital Library

[17]

Peng Jiang, Yi Mu, Fuchun Guo, and Qiaoyan Wen. 2016. Public key encryption with authorized keyword search. In Information Security and Privacy: 21st Australasian Conference, ACISP 2016, Melbourne, VIC, Australia, July 4--6, 2016, Proceedings, Part II 21. Springer, 170--186.

Digital Library

[18]

Peng Jiang, Yi Mu, Fuchun Guo, and Qiaoyan Wen. 2017. Secure-channel free keyword search with authorization in manager-centric databases. Computers & Security, Vol. 69 (2017), 50--64.

[19]

Chunchi Liu, Hechuan Guo, Minghui Xu, Shengling Wang, Dongxiao Yu, Jiguo Yu, and Xiuzhen Cheng. 2022. Extending on-chain trust to off-chain--trustworthy blockchain data collection using trusted execution environment (tee). IEEE Trans. Comput., Vol. 71, 12 (2022), 3268--3280.

[20]

Zi-Yuan Liu, Chu-Chieh Chien, Yi-Fan Tseng, Raylin Tso, and Masahiro Mambo. 2022. Public Key Encryption with Hierarchical Authorized Keyword Search. In International Conference on Information Security and Cryptology. Springer, 147--170.

[21]

Zi-Yuan Liu, Yi-Fan Tseng, Raylin Tso, Masahiro Mambo, and Yu-Chi Chen. 2022. Public-key authenticated encryption with keyword search: Cryptanalysis, enhanced security, and quantum-resistant instantiation. In Proceedings of the 2022 ACM on Asia conference on computer and communications security. 423--436.

Digital Library

[22]

Vadim Lyubashevsky. 2012. Lattice signatures without trapdoors. In Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 738--755.

Digital Library

[23]

Fei Meng, Leixiao Cheng, and Mingqiang Wang. 2021. ABDKS: attribute-based encryption with dynamic keyword search in fog computing. Frontiers of Computer Science, Vol. 15, 5 (2021), 155810.

Digital Library

[24]

Von Neumann. 1951. Various techniques used in connection with random digits. Notes by GE Forsythe (1951), 36--38.

[25]

Mo Sha, Yifan Cai, Sheng Wang, Linh Thi Xuan Phan, Feifei Li, and Kian-Lee Tan. 2024. Object-oriented Unified Encrypted Memory Management for Heterogeneous Memory Architectures. Proceedings of the ACM on Management of Data, Vol. 2, 3 (2024), 1--29.

Digital Library

[26]

Jiabei Wang, Rui Zhang, Jianhao Li, and Yuting Xiao. 2022. Owner-enabled secure authorized keyword search over encrypted data with flexible metadata. IEEE Transactions on Information Forensics and Security, Vol. 17 (2022), 2746--2760.

[27]

Mingyue Wang, Yinbin Miao, Yu Guo, Hejiao Huang, Cong Wang, and Xiaohua Jia. 2022. Aesm 2 attribute-based encrypted search for multi-owner and multi-user distributed systems. IEEE Transactions on Parallel and Distributed Systems, Vol. 34, 1 (2022), 92--107.

[28]

Brent Waters. 2005. Efficient identity-based encryption without random oracles. In Advances in Cryptology--EUROCRYPT 2005: 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22--26, 2005. Proceedings 24. Springer, 114--127.

Digital Library

[29]

Guanglu Wei, Kai Fan, Kuan Zhang, Haoyang Wang, Yirui Wang, Kan Yang, Hui Li, and Yintang Yang. 2024. Lower Rounds Lattice-based Anonymous AKA under the seCK model for the IoT. Peer-to-Peer Networking and Applications, Vol. 17, 4 (2024), 2031--2046.

[30]

Gang Xu, Shiyuan Xu, Yibo Cao, Fan Yun, Yu Cui, Yiying Yu, Ke Xiao, et al. 2022. PPSEB: a postquantum public-key searchable encryption scheme on blockchain for E-healthcare scenarios. Security and Communication Networks, Vol. 2022 (2022).

Digital Library

[31]

Lingling Xu, Wanhua Li, Fangguo Zhang, Rong Cheng, and Shaohua Tang. 2019. Authorized keyword searches on public key encrypted data with time controlled keyword privacy. IEEE Transactions on Information Forensics and Security, Vol. 15 (2019), 2096--2109.

[32]

Lei Xu, Xingliang Yuan, Ron Steinfeld, Cong Wang, and Chungen Xu. 2019. Multi-writer searchable encryption: An LWE-based realization and implementation. In Proceedings of the 2019 ACM Asia conference on computer and communications security. 122--133.

Digital Library

[33]

Minghui Xu, Jiahao Zhang, Hechuan Guo, Xiuzhen Cheng, Dongxiao Yu, Qin Hu, Yijun Li, and Yipu Wu. 2024. FileDES: A Secure Scalable and Succinct Decentralized Encrypted Storage Network. arXiv preprint arXiv:2403.14985 (2024).

[34]

Shiyuan Xu, Yibo Cao, Xue Chen, Yanmin Zhao, and Siu-Ming Yiu. 2023. Post-Quantum Public-Key Authenticated Searchable Encryption with Forward Security: General Construction, and Applications. In International Conference on Information Security and Cryptology. Springer, 274--298.

[35]

Shiyuan Xu, Xue Chen, Yu Guo, Siu-Ming Yiu, Shang Gao, and Bin Xiao. 2024. Efficient and Secure Post-Quantum Certificateless Signcryption for Internet of Medical Things. Cryptology ePrint Archive (2024).

[36]

Shiyuan Xu, Xue Chen, and Yunhua He. 2021. EVchain: An anonymous blockchain-based system for charging-connected electric vehicles. Tsinghua Science and Technology, Vol. 26, 6 (2021), 845--856.

[37]

Kan Yang and Senjuti Dutta. 2021. Secure and efficient task matching with multi-keyword in multi-requester and multi-worker crowdsourcing. In 2021 IEEE/ACM 29th International Symposium on Quality of Service (IWQOS). IEEE, 1--6.

[38]

Yang Yang, Guoyin Zhang, Sizhao Li, and Zechao Liu. 2024. Offline/online attribute-based searchable encryption scheme from ideal lattices for IoT. Frontiers of Computer Science, Vol. 18, 3 (2024), 183817.

Digital Library

[39]

Xiaojun Zhang, Chunxiang Xu, Huaxiong Wang, Yuan Zhang, and Shixiong Wang. 2021. FS-PEKS: Lattice-based forward secure public-key encryption with keyword search for cloud-assisted industrial Internet of Things. IEEE Transactions on dependable and secure computing, Vol. 18, 3 (2021), 1019--1032.

[40]

Yifang Zhang, Mingyue Wang, Yu Guo, and Fangda Guo. 2023. Towards dynamic and reliable private key management for hierarchical access structure in decentralized storage. In Proceedings of the 32nd ACM International Conference on Information and Knowledge Management. 3371--3380.

Digital Library

[41]

Zhanhao Zhao, Hexiang Pan, Gang Chen, Xiaoyong Du, Wei Lu, and Beng Chin Ooi. 2023. VeriTxn: Verifiable transactions for cloud-native databases with storage disaggregation. Proceedings of the ACM on Management of Data, Vol. 1, 4 (2023), 1--27.

Digital Library

[42]

Tengfei Zheng, Yuchuan Luo, Tongqing Zhou, and Zhiping Cai. 2022. Towards differential access control and privacy-preserving for secure media data sharing in the cloud. Computers & Security, Vol. 113 (2022), 102553.

Digital Library

[43]

Jie Zhu, Qi Li, Cong Wang, Xingliang Yuan, Qian Wang, and Kui Ren. 2018. Enabling generic, verifiable, and secure data search in cloud services. IEEE Transactions on Parallel and Distributed Systems, Vol. 29, 8 (2018), 1721--1735.

Cited By

Xu GXu SCao YXiao KMao YChen XDong MYu S(2025)AAQ-PEKS: An Attribute-based Anti-Quantum Public Key Encryption Scheme with Keyword Search for E-healthcare ScenariosPeer-to-Peer Networking and Applications10.1007/s12083-024-01842-418:2Online publication date: 11-Jan-2025
https://doi.org/10.1007/s12083-024-01842-4

Index Terms

Post-Quantum Searchable Encryption Supporting User-Authorization for Outsourced Data Management
1. Security and privacy
  1. Cryptography
    1. Public key (asymmetric) techniques
      1. Public key encryption
  2. Database and storage security
    1. Management and querying of encrypted data

Recommendations

Towards asymmetric searchable encryption with message recovery and flexible search authorization
ASIA CCS '13: Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security

When outsourcing data to third-party servers, searchable encryption is an important enabling technique which simultaneously allows the data owner to keep his data in encrypted form and the third-party servers to search in the ciphertexts. Motivated by ...
Identity-based encryption with outsourced equality test in cloud computing

It is the first time to integrate identity-based encryption into public key encryption with equality test.It extends identity-based encryption with keyword search to yield a general function: equality test.It is proven to be one-way chosen-ciphertext ...
Improved searchable public key encryption with designated tester
ASIACCS '09: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security

Recently, Baek et al. proposed an efficient public key encryption scheme with keyword search based on the scheme of Boneh et al., However, the security model of Baek et al. seriously limits the ability of the adversary.

In this paper, we enhance the ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CIKM '24: Proceedings of the 33rd ACM International Conference on Information and Knowledge Management

October 2024

5705 pages

ISBN:9798400704369

DOI:10.1145/3627673

General Chairs:
Edoardo Serra
Boise State University, USA
,
Francesca Spezzano
Boise State University, USA

Copyright © 2024 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGIR: ACM Special Interest Group on Information Retrieval

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 October 2024

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Shenzhen- Hong Kong-Macao Science and Technology Plan Project
Theme-based Research Scheme
HKU-SCF FinTech Academy
National Natural Science Foundation of China
CAS Special Re- search Assistant Program
China Post-doctoral Science Foundation

Conference

CIKM '24

Sponsor:

SIGIR

CIKM '24: The 33rd ACM International Conference on Information and Knowledge Management

October 21 - 25, 2024

ID, Boise, USA

Acceptance Rates

Overall Acceptance Rate 1,861 of 8,427 submissions, 22%

Upcoming Conference

CIKM '25

Sponsor:
sigir
sigir

The 34th ACM International Conference on Information and Knowledge Management

November 10 - 14, 2025

Seoul , Republic of Korea

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
99
Total Downloads

Downloads (Last 12 months)99
Downloads (Last 6 weeks)18

Reflects downloads up to 26 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Xu GXu SCao YXiao KMao YChen XDong MYu S(2025)AAQ-PEKS: An Attribute-based Anti-Quantum Public Key Encryption Scheme with Keyword Search for E-healthcare ScenariosPeer-to-Peer Networking and Applications10.1007/s12083-024-01842-418:2Online publication date: 11-Jan-2025
https://doi.org/10.1007/s12083-024-01842-4

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten