Abstract
The protection of user data and privacy is becoming more critical because they mainly come from different sources, such as the Internet of Things. The searchable encryption (SE) primitive is a potential candidate who can guarantee data privacy while maintaining the search capability. The majority of known SE methods rely on the bilinear pairing operation, which is an expensive operation compared to other cryptographic operations. Therefore, bilinear-based SE may not be suitable for deployment on constraint devices with limited processing power. In addition, most of the schemes presented in the literature were vulnerable to different types of attacks, such as keyword guessing attacks. We tackle these issues by presenting a pairing-free public key encryption with keyword search and does not require a secure channel. The proposed scheme is proven in the random oracle model to be secure against various keyword guessing attacks, based on the hardness of solving the discrete logarithm and the computational Diffie–Hellman problems. These results are concluded by thoroughly analyzing the proposed scheme and five other state-of-the-art schemes recently presented in the literature. Finally, based of the performance analysis, where the experiments are conducted using three different sets of parameters for the elliptic curve, combined with three hash functions that were advised by NIST to satisfy the different security requirements, we observe that the proposed scheme does not require much communication costs and is somewhat fast in executing the different algorithms. Moreover, the proposed scheme guarantees the security requirements and makes it semantically ciphertext-indistinguishability, trapdoor-indistinguishability secure, and resilient to online and offline keyword guessing attacks.
Similar content being viewed by others
Notes
As far as is currently known, the SHA2 family is still considered as a cryptographically strong. However, it will be regarded as a legacy mechanism for 2023 and beyond as mentioned in [44].
References
Song, D. X., Wagner, D., & Perrig, A. (2000). Practical techniques for searches on encrypted data. In: Proceedings of the IEEE computer society symposium on research in security and privacy (pp. 44–55). https://doi.org/10.1109/SECPRI.2000.848445.
Boneh, D., Crescenzo, G. D., Ostrovsky, R., & Persiano, G. (2004). Public key encryption with keyword search. In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) Vol. 3027 (pp. 506–522). https://doi.org/10.1007/978-3-540-24676-3_30.
Abdalla, M. et al. (2005). Searchable encryption revisited: Consistency properties, relation to anonymous IBE, and extensions. In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vol. 3621 LNCS (pp. 205–222). https://doi.org/10.1007/11535218_13.
Al-Riyami, S. S., & Paterson, K. G. (2003). Certificateless public key cryptography. In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) Vol. 2894 (pp. 452–473). https://doi.org/10.1007/978-3-540-40061-5_29.
Liu, Q., Wang, G., & Wu, J. (2012). Secure and privacy preserving keyword searching for cloud storage services. Journal of Network and Computer Applications, 35, 927–933. https://doi.org/10.1016/J.JNCA.2011.03.010
Peng, Y., Cui, J., Peng, C., & Ying, Z. (2014). Certificateless public key encryption with keyword search. China Communications, 11, 100–113. https://doi.org/10.1109/CC.2014.7004528
Byun, J. W., Rhee, H. S., Park, H. A. & Lee, D. H. (2006). Off-line keyword guessing attacks on recent keyword search schemes over encrypted data. In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) Vol. 4165 LNCS (pp. 75–83). https://doi.org/10.1007/11844662_6.
Yau, W. C., Phan, R. C., Heng, S. H., & Goi, B. M. (2013). Keyword guessing attacks on secure searchable public key encryption schemes with a designated tester. International Journal of Computer Mathematics, 90, 2581–2587. https://doi.org/10.1080/00207160.2013.778985
Pasupuleti, S. K., Ramalingam, S., & Buyya, R. (2016). An efficient and secure privacy-preserving approach for outsourced data of resource constrained mobile devices in cloud computing. Journal of Network and Computer Applications, 64, 12–22. https://doi.org/10.1016/J.JNCA.2015.11.023
Yang, Y., Zheng, X., & Tang, C. (2017). Lightweight distributed secure data management system for health internet of things. Journal of Network and Computer Applications, 89, 26–37. https://doi.org/10.1016/J.JNCA.2016.11.017
Islam, S. K. H., Obaidat, M. S., Rajeev, V., & Amin, R. (2017). Design of a certificateless designated server based searchable public key encryption scheme. Communications in Computer and Information Science, 655, 3–15. https://doi.org/10.1007/978-981-10-4642-1_1
Ma, M., He, D., Kumar, N., Choo, K. K. R., & Chen, J. (2018). Certificateless searchable public key encryption scheme for industrial internet of things. IEEE Transactions on Industrial Informatics, 14, 759–767. https://doi.org/10.1109/TII.2017.2703922
Uwizeye, E., Wang, J., Cheng, Z., & Li, F. (2019). Certificateless public key encryption with conjunctive keyword search and its application to cloud-based reliable smart grid system. Annales des Telecommunications/Annals of Telecommunications, 74, 435–449. https://doi.org/10.1007/S12243-019-00716-8
Al-Zubaidie, M., Zhang, Z. & Zhang, J. (2019). Ramhu: A new robust lightweight scheme for mutual users authentication in healthcare applications. Security and Communication Networks 2019, https://doi.org/10.1155/2019/3263902.
Xu, L., Li, J., Chen, X., Li, W., Tang, S., & Wu, H. T. (2019). Tc-PEDCKS: Towards time controlled public key encryption with delegatable conjunctive keyword search for internet of things. Journal of Network and Computer Applications, 128, 11–20. https://doi.org/10.1016/J.JNCA.2018.12.003.
Eltayieb, N., Elhabob, R., Hassan, A., & Li, F. (2019). An efficient attribute-based online/offline searchable encryption and its application in cloud-based reliable smart grid. Journal of Systems Architecture, 98, 165–172. https://doi.org/10.1016/J.SYSARC.2019.07.005
Lu, Y., & Li, J. G. (2019). Constructing pairing-free certificateless public key encryption with keyword search. Frontiers of Information Technology and Electronic Engineering, 20, 1049–1060. https://doi.org/10.1631/FITEE.1700534.
Wu, L., Zhang, Y., Ma, M., Kumar, N., & He, D. (2019). Certificateless searchable public key authenticated encryption with designated tester for cloud-assisted medical internet of things. Annales des Telecommunications/Annals of Telecommunications, 74, 423–434. https://doi.org/10.1007/S12243-018-00701-7
Dai, H., Dai, X., Yi, X., Yang, G., & Huang, H. (2019). Semantic-aware multi-keyword ranked search scheme over encrypted cloud data. Journal of Network and Computer Applications, 147, 102442. https://doi.org/10.1016/J.JNCA.2019.102442.
Zhong, H., Li, Z., Cui, J., Sun, Y., & Liu, L. (2020). Efficient dynamic multi-keyword fuzzy search over encrypted cloud data. Journal of Network and Computer Applications, 149, 102469. https://doi.org/10.1016/J.JNCA.2019.102469.
Pakniat, N., Shiraly, D., & Eslami, Z. (2020). Certificateless authenticated encryption with keyword search: Enhanced security model and a concrete construction for industrial IoT. Journal of Information Security and Applications, 53, 102525. https://doi.org/10.1016/J.JISA.2020.102525.
Lu, Y., Li, J., & Zhang, Y. (2020). Privacy-preserving and pairing-free multirecipient certificateless encryption with keyword search for cloud-assisted IIoT. IEEE Internet of Things Journal, 7, 2553–2562. https://doi.org/10.1109/JIOT.2019.2943379
Hassan, A., Wang, Y., Elhabob, R., Eltayieb, N., & Li, F. (2020). An efficient certificateless public key encryption scheme with authorized equality test in healthcare environments. Journal of Systems Architecture, 109, 101776. https://doi.org/10.1016/J.SYSARC.2020.101776.
Pan, X., & Li, F. (2021). Public-key authenticated encryption with keyword search achieving both multi-ciphertext and multi-trapdoor indistinguishability. Journal of Systems Architecture, 115, 102075. https://doi.org/10.1016/J.SYSARC.2021.102075.
Cheng, L., & Meng, F. (2021). Security analysis of pan et al public-key authenticated encryption with keyword search achieving both multi-ciphertext and multi-trapdoor indistinguishability. Journal of Systems Architecture, 119, 102248. https://doi.org/10.1016/J.SYSARC.2021.102248.
Senouci, M. R., Benkhaddra, I., Senouci, A., & Li, F. (2021). An efficient and secure certificateless searchable encryption scheme against keyword guessing attacks. Journal of Systems Architecture, 119, 102271. https://doi.org/10.1016/J.SYSARC.2021.102271.
Lu, Y., Li, J., & Wang, F. (2021). Pairing-free certificate-based searchable encryption supporting privacy-preserving keyword search function for IIoTs. IEEE Transactions on Industrial Informatics, 17, 2696–2706. https://doi.org/10.1109/TII.2020.3006474
Ma, M., Fan, S., & Feng, D. (2020). Multi-user certificateless public key encryption with conjunctive keyword search for cloud-based telemedicine. Journal of Information Security and Applications, 55, 102652. https://doi.org/10.1016/J.JISA.2020.102652.
Kar, J. (2020). Provably secure certificateless deniable authenticated encryption scheme. Journal of Information Security and Applications, 54, 102581. https://doi.org/10.1016/J.JISA.2020.102581.
Nayak, S. K., & Tripathy, S. (2021). SEPS: Efficient public-key based secure search over outsourced data. Journal of Information Security and Applications, 61, 102932. https://doi.org/10.1016/J.JISA.2021.102932.
Tang, X., Guo, C., Choo, K. K. R., Liu, Y., & Li, L. (2021). A secure and trustworthy medical record sharing scheme based on searchable encryption and blockchain. Computer Networks, 200, 108540. https://doi.org/10.1016/J.COMNET.2021.108540.
Panguluri, S. D., Lakshmy, K. V., Srinivasan, C., Panguluri, S. D., & Srinivasan, C. (2022). Enabling multi-factor authentication and verification in searchable encryption. Micro-Electronics and Telecommunication Engineering, 373, 717–728. https://doi.org/10.1007/978-981-16-8721-1_66
Wang, K., Xie, S., & Rodrigues, J. (2022). Medical data security of wearable tele-rehabilitation under internet of things. Internet of Things and Cyber-Physical Systems, 2, 1–11. https://doi.org/10.1016/J.IOTCPS.2022.02.001
Sarma, R., Kumar, C., & Barbhuiya, F. A. (2022). Macfi: A multi-authority access control scheme with efficient ciphertext and secret key size for fog-enhanced IoT. Journal of Systems Architecture, 123, 102347. https://doi.org/10.1016/J.SYSARC.2021.102347.
Deebak, B. D., Memon, F. H., Dev, K., Khowaja, S. A., & Qureshi, N. M. F. (2022). AI-enabled privacy-preservation phrase with multi-keyword ranked searching for sustainable edge-cloud networks in the era of industrial IoT. Ad Hoc Networks, 125, 102740. https://doi.org/10.1016/J.ADHOC.2021.102740
Xiang, X., & Zhao, X. (2022). Blockchain-assisted searchable attribute-based encryption for e-health systems. Journal of Systems Architecture, 124, 102417. https://doi.org/10.1016/J.SYSARC.2022.102417
Ali, M., Sadeghi, M. R., Liu, X., Miao, Y., & Vasilakos, A. V. (2022). Verifiable online/offline multi-keyword search for cloud-assisted industrial internet of things. Journal of Information Security and Applications, 65, 103101. https://doi.org/10.1016/J.JISA.2021.103101
Lee, Y. L., Lee, H. A., Hsu, C. Y., Kung, H. H., & Chiu, H. W. (2022). SEMRES - a triple security protected blockchain based medical record exchange structure. Computer Methods and Programs in Biomedicine, 215, 106595. https://doi.org/10.1016/J.CMPB.2021.106595
Chenam, V. B., & Ali, S. T. (2022). A designated cloud server-based multi-user certificateless public key authenticated encryption with conjunctive keyword search against IKGA. Computer Standards & Interfaces, 81, 103603. https://doi.org/10.1016/J.CSI.2021.103603
Andola, N., et al. (2022). A secure searchable encryption scheme for cloud using hash-based indexing. Journal of Computer and System Sciences, 126, 119–137. https://doi.org/10.1016/J.JCSS.2021.12.004
Mizuide, T., Takayasu, A. & Takagi, T. (2019). Tight reductions for Diffie-Hellman variants in the algebraic group model. In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) Vol. 11405 LNCS (pp. 169–188). https://doi.org/10.1007/978-3-030-12612-4_9
Lynn, B. PBC library: The pairing-based cryptography library. https://crypto.stanford.edu/pbc/.
Damien, G. Keylength: NIST report on cryptographic key length and cryptoperiod (2020). https://www.keylength.com/en/4/.
Federal Office for Information Security. Cryptographic Mechanisms: Recommendations and Key Lengths, Version 2022-01. https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TG02102/BSI-TR-02102-1.html.
Acknowledgements
This work is supported by Sichuan Science and Technology Program (Grant Nos. 2020JDTD0007 and 2021YFG0157).
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Senouci, M.R., Benkhaddra, I., Senouci, A. et al. A provably secure free-pairing certificateless searchable encryption scheme. Telecommun Syst 80, 383–395 (2022). https://doi.org/10.1007/s11235-022-00912-3
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11235-022-00912-3