TY - JOUR
T1 - Certificateless Public Key Authenticated Encryption with Keyword Search Achieving Stronger Security
AU - Lu, Jingwei
AU - Li, Hongbo
AU - Huang, Jianye
AU - Ma, Sha
AU - Au, Man Ho Allen
AU - Huang, Qiong
N1 - Funding Information:
This research was funded by National Natural Science Foundation of China (No. 62272174, 61872152), Major Program of Guangdong Basic and Applied Research (No. 2019B030302008), Science and Technology Program of Guangzhou (No. 201902010081).
Publisher Copyright:
© 2023 by the authors.
PY - 2023/3
Y1 - 2023/3
N2 - Transforming data into ciphertexts and storing them in the cloud database is a secure way to simplify data management. Public key encryption with keyword search (PEKS) is an important cryptographic primitive as it provides the ability to search for the desired files among ciphertexts. As a variant of PEKS, certificateless public key authenticated encryption with keyword search (CLPAEKS) not only simplifies certificate management but also could resist keyword guessing attacks (KGA). In this paper, we analyze the security models of two recent CLPAEKS schemes and find that they ignore the threat that, upon capturing two trapdoors, the adversary could directly compare them and distinguish whether they are generated using the same keyword. To cope with this threat, we propose an improved security model and define the notion of strong trapdoor indistinguishability. We then propose a new CLPAEKS scheme and prove it to be secure under the improved security model based on the intractability of the DBDH problem and the DDH problem in the targeted bilinear group.
AB - Transforming data into ciphertexts and storing them in the cloud database is a secure way to simplify data management. Public key encryption with keyword search (PEKS) is an important cryptographic primitive as it provides the ability to search for the desired files among ciphertexts. As a variant of PEKS, certificateless public key authenticated encryption with keyword search (CLPAEKS) not only simplifies certificate management but also could resist keyword guessing attacks (KGA). In this paper, we analyze the security models of two recent CLPAEKS schemes and find that they ignore the threat that, upon capturing two trapdoors, the adversary could directly compare them and distinguish whether they are generated using the same keyword. To cope with this threat, we propose an improved security model and define the notion of strong trapdoor indistinguishability. We then propose a new CLPAEKS scheme and prove it to be secure under the improved security model based on the intractability of the DBDH problem and the DDH problem in the targeted bilinear group.
KW - certificateless public key cryptography
KW - encryption with keyword search
KW - keyword guessing attacks
KW - provable security
KW - trapdoor indistinguishability
UR - http://www.scopus.com/inward/record.url?scp=85151097048&partnerID=8YFLogxK
U2 - 10.3390/info14030142
DO - 10.3390/info14030142
M3 - Journal article
AN - SCOPUS:85151097048
SN - 2078-2489
VL - 14
SP - 1
EP - 18
JO - Information (Switzerland)
JF - Information (Switzerland)
IS - 3
M1 - 142
ER -