Chapter

Public Key Cryptography – PKC 2009

Volume 5443 of the series Lecture Notes in Computer Science pp 196-214

Blind and Anonymous Identity-Based Encryption and Authorised Private Searches on Public Key Encrypted Data

  • Jan CamenischAffiliated withLancaster UniversityZurich Research Lab, IBM Research
  • , Markulf KohlweissAffiliated withLancaster UniversityESAT-COSIC / IBBT, Katholieke Universiteit Leuven
  • , Alfredo RialAffiliated withLancaster UniversityESAT-COSIC / IBBT, Katholieke Universiteit Leuven
  • , Caroline SheedyAffiliated withCarnegie Mellon UniversitySchool of Computing, Dublin City University

Abstract

Searchable encryption schemes provide an important mechanism to cryptographically protect data while keeping it available to be searched and accessed. In a common approach for their construction, the encrypting entity chooses one or several keywords that describe the content of each encrypted record of data. To perform a search, a user obtains a trapdoor for a keyword of her interest and uses this trapdoor to find all the data described by this keyword.

We present a searchable encryption scheme that allows users to privately search by keywords on encrypted data in a public key setting and decrypt the search results. To this end, we define and implement two primitives: public key encryption with oblivious keyword search (PEOKS) and committed blind anonymous identity-based encryption (IBE). PEOKS is an extension of public key encryption with keyword search (PEKS) in which users can obtain trapdoors from the secret key holder without revealing the keywords. Furthermore, we define committed blind trapdoor extraction, which facilitates the definition of authorisation policies to describe which trapdoor a particular user can request. We construct a PEOKS scheme by using our other primitive, which we believe to be the first blind and anonymous IBE scheme.

We apply our PEOKS scheme to build a public key encrypted database that permits authorised private searches, i.e., neither the keywords nor the search results are revealed.

Keywords

Blind identity-based encryption searchable encryption public key encryption with keyword search