Keyword Search Meets Membership Testing: Adaptive Security from SXDH

  • Sanjit Chatterjee
  • Sayantan MukherjeeEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11356)


Searchable encryption (SE) allows users to securely store sensitive data in encrypted form on cloud and at the same time perform keyword search over the encrypted documents. In this work, we focus on variants of SE schemes that along with keyword search, also support membership testing. The problem can be formulated in two flavors depending on whether the search policy is encoded in the ciphertext or in the trapdoor. The ciphertext-policy variant is called Broadcast Encryption with Keyword Search (BEKS) and allows only privileged users to perform keyword search on an encrypted file. Available dedicated constructions could achieve selective security under parameterized assumption. The key-policy variant, called Key-Aggregate Searchable Encryption (KASE), restricts the keyword search within a particular set of documents. Naive application of existing SE schemes in this scenario leads to inefficient protocols with either variable length trapdoor or exponential blowup of storage requirement in terms of the document set size. This therefore calls for an efficient solution that allows such subset based restricted search with constant trapdoor size.

In this work, we have presented adaptively secure solutions for both the above problems. Our BEKS construction achieves constant-size ciphertext whereas the KASE construction achieves constant-size trapdoor. Both the constructions are instantiated in prime-order bilinear groups and are proven anonymous CPA-secure under SXDH assumption by extending Jutla-Roy technique. Our proposed solutions improve upon the only other adaptively secure schemes that can be obtained using the generic technique of Ambrona et al.



We thank the anonymous reviewers of INDOCRYPT 2018 for their valuable suggestions.


  1. 1.
    Ambrona, M., Barthe, G., Schmidt, B.: Generic transformations of predicate encodings: constructions and applications. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10401, pp. 36–66. Springer, Cham (2017). Scholar
  2. 2.
    Attrapadung, N., Furukawa, J., Imai, H.: Forward-secure and searchable broadcast encryption with short ciphertexts and private keys. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 161–177. Springer, Heidelberg (2006). Scholar
  3. 3.
    Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004). Scholar
  4. 4.
    Boneh, D., Gentry, C., Waters, B.: Collusion resistant broadcast encryption with short ciphertexts and private keys. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 258–275. Springer, Heidelberg (2005). Scholar
  5. 5.
    Chang, Y.C., Mitzenmacher, M.: Privacy preserving keyword searches on remote encrypted data. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 442–455. Springer, Heidelberg (2005). Scholar
  6. 6.
    Chen, J., Gay, R., Wee, H.: Improved dual system ABE in prime-order groups via predicate encodings. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 595–624. Springer, Heidelberg (2015). Scholar
  7. 7.
    Chen, J., Gong, J.: ABE with tag made easy. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10625, pp. 35–65. Springer, Cham (2017). Scholar
  8. 8.
    Chu, C.K., Chow, S.S.M., Tzeng, W.G., Zhou, J., Deng, R.H.: Key-aggregate cryptosystem for scalable data sharing in cloud storage. IEEE Trans. Parallel Distrib. Syst. 25(2), 468–477 (2014)CrossRefGoogle Scholar
  9. 9.
    Cui, B., Liu, Z., Wang, L.: Key-aggregate searchable encryption (KASE) for group data sharing via cloud storage. IEEE Trans. Comput. 65(8), 2374–2385 (2016)MathSciNetCrossRefGoogle Scholar
  10. 10.
    Curtmola, R., Garay, J.A., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. J. Comput. Secur. 19(5), 895–934 (2011)CrossRefGoogle Scholar
  11. 11.
    Gentry, C., Silverberg, A.: Hierarchical ID-based cryptography. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 548–566. Springer, Heidelberg (2002). Scholar
  12. 12.
    Gentry, C., Waters, B.: Adaptive security in broadcast encryption systems (with short ciphertexts). In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 171–188. Springer, Heidelberg (2009). Scholar
  13. 13.
    Goh, E.: Secure indexes. IACR Cryptology ePrint Archive 2003, 216 (2003).
  14. 14.
    Jutla, C.S., Roy, A.: Shorter quasi-adaptive NIZK proofs for linear subspaces. J. Cryptol. 30(4), 1116–1156 (2017)MathSciNetCrossRefGoogle Scholar
  15. 15.
    Kiayias, A., Oksuz, O., Russell, A., Tang, Q., Wang, B.: Efficient encrypted keyword search for multi-user data sharing. In: Askoxylakis, I., Ioannidis, S., Katsikas, S., Meadows, C. (eds.) ESORICS 2016. LNCS, vol. 9878, pp. 173–195. Springer, Cham (2016). Scholar
  16. 16.
    Kiltz, E., Wee, H.: Quasi-adaptive NIZK for linear subspaces revisited. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 101–128. Springer, Heidelberg (2015). Scholar
  17. 17.
    Patranabis, S., Mukhopadhyay, D.: Spot the black hat in a dark room: parallelized controlled access searchable encryption on FPGAs. Cryptology ePrint Archive, Report 2017/668 (2017)Google Scholar
  18. 18.
    Ramanna, S.C.: More efficient constructions for inner-product encryption. In: Manulis, M., Sadeghi, A.-R., Schneider, S. (eds.) ACNS 2016. LNCS, vol. 9696, pp. 231–248. Springer, Cham (2016). Scholar
  19. 19.
    Ramanna, S.C., Sarkar, P.: Efficient (Anonymous) compact HIBE from standard assumptions. In: Chow, S.S.M., Liu, J.K., Hui, L.C.K., Yiu, S.M. (eds.) ProvSec 2014. LNCS, vol. 8782, pp. 243–258. Springer, Cham (2014). Scholar
  20. 20.
    Ramanna, S.C., Sarkar, P.: Efficient adaptively secure IBBE from the SXDH assumption. IEEE IT 62(10), 5709–5726 (2016)MathSciNetCrossRefGoogle Scholar
  21. 21.
    Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: Symposium on Security and Privacy, pp. 44–55. IEEE (2000)Google Scholar
  22. 22.
    Waters, B.: Dual system encryption: realizing fully secure IBE and HIBE under simple assumptions. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 619–636. Springer, Heidelberg (2009). Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  1. 1.Department of Computer Science and AutomationIndian Institute of ScienceBangaloreIndia

Personalised recommendations