Paper 2019/1418

Designated-ciphertext Searchable Encryption

Zi-Yuan Liu, Yi-Fan Tseng, Raylin Tso, and Masahiro Mambo

Abstract

Public-key encryption with keyword search (PEKS), proposed by Boneh \textit{et al.}, allows users to search encrypted keywords without losing data privacy. Although extensive studies have been conducted on this topic, only a few have focused on insider keyword guessing attacks (IKGA) that can reveal a user's sensitive information. In particular, after receiving a trapdoor used to search ciphertext from a user, a malicious insider (\textit{e.g}., a server) can randomly encrypt possible keywords using a user's public key, and then test whether the trapdoor corresponds to the selected keyword. This paper introduces a new concept called \textit{designated-ciphertext searchable encryption} (DCSE), which provides the same desired functionality as a PEKS scheme and prevents IKGA. Each trapdoor in DCSE is designated to a specific ciphertext, and thus malicious insiders cannot perform IKGA. We further propose a generic DCSE scheme that employs identity-based encryption and a key encapsulation mechanism. We provide formal proofs to demonstrate that the generic construction satisfies the security requirements. Moreover, we provide a lattice-based instantiation whose security is based on NTRU and ring-learning with errors assumptions; the proposed scheme is thus considered to be resistant to the quantum-computing attacks.