Paper 2020/1211

Public-key Authenticate Searchable Encryption With Probabilistic Trapdoor Generation

Leixiao Cheng and Fei Meng

Abstract

Public key encryption with keyword search (PEKS) is first introduced by Boneh et al. enabling a cloud server to search on encrypted data without leaking any information of the keyword. In almost all PEKS schemes, the privacy of trapdoor is vulnerable to inside keyword guessing attacks (KGA), i.e., the server can generate the ciphertext by its own and then run the test algorithm to guess the keyword contained in the trapdoor. To sole this problem, Huang et al. proposed the public-key authenticated encryption with keyword search (PAEKS) achieving ciphertext indistinguishability and trapdoor indistinguishability security, in which data sender not only encrypts the keyword but also authenticates it by using his/her secret key. However, in Huang's scheme, it's very easy for any entity to check whether the ciphertext keywords in two ciphertext are identical or not. Therefore, this feature conflicts the security requirement of ciphertext indistinguishability, even the scheme is provable secure. Recent, Qin et al. revised Huang's work and proposed a PAEKS scheme without the above drawback. Unfortunately, trapdoor generation algorithms of all above works are deterministic, which means it's easy to check whether the target keywords in two trapdoors are identical or not. This feature also conflicts with trapdoor indistinguishability security. In this paper, we solve this problem. We initially propose two public-key authenticated encryption with keyword search schemes with probabilistic trapdoor generation algorithm. We provide formal proof of our schemes in the random oracle model.