Cryptology ePrint Archive: Report 2017/679

Searchable Encryption with Access Control

Nils Löken

Abstract: Outsourcing data to the cloud is becoming increasingly prevalent. To ensure data confidentiality, encrypting the data before outsourcing it is advised. While encryption protects the secrets in the data, it also prevents operations on the data. For example in a multi-user setting, data is often accessed via search, but encryption prevents search. Searchable encryption solves this dilemma. However, in a multi-user setting not all users may be allowed to access all data, requiring some means of access control. We address the question how searchable encryption and access control can be combined. Combining these technologies is required to achieve strong notions of confidentiality: if a ciphertext occurs as a search result, we learn something about the underlying document, even if access control does not let us access the document. This illustrates a need to link search and access control, so that search results presented to users only feature data the users are allowed to access. Our searchable encryption scheme with access control establishes that link.

Category / Keywords: cryptographic protocols / Searchable encryption, inverted index, access control, authority key customization, multi-authority ABE

Original Publication (with major differences): 12th International Conference on Availability, Reliability and Security (ARES 2017)

Date: received 7 Jul 2017

Contact author: nils loeken at uni-paderborn de

Available format(s): PDF | BibTeX Citation

Version: 20170718:150000 (All versions of this report)

Short URL: ia.cr/2017/679