Paper 2024/761

Enabling Lattice-based Authentication Encrypted Search with Ciphertext Broadcast for Cloud Storage

Abstract

The development of cloud computing facilitates data outsourced sharing and storage, but also brings up several security issues. Public key authenticated encryption with keyword search (PAEKS) enables the encrypted search over cloud data while resisting the insider keyword guessing attacks (IKGAs). However, existing PAEKS schemes are limited to a single receiver, restricting application prospects in cloud storage. In addition, quantum computing attacks and key leakage issues further threaten the data security, which attracted extensive attention from researchers. Therefore, designing an encrypted search scheme to resist the above-mentioned attacks is still far-reaching. In this paper, we first propose BroSearch, a lattice-based authentication encrypted search with ciphertext broadcast. It utilizes lattice sampling algorithms to authenticate the keyword and offers searchability over broadcasting ciphertext while enjoying IKGAs-resistant in a quantum setting. To get around key leakage issues, we then incorporate the minimal cover set technique and lattice basis extension algorithm to construct FS-BroSearch, as an enhanced version. Furthermore, we give rigorous security analysis (IND-CKA and IND-IKGA) and comprehensive performance evaluation of both schemes. Specifically, the time cost of BroSearch is at least 0.61, 0.82, and 0.83 times compared to prior arts in terms of ciphertext calculation, trapdoor generation, and search procedures, which is practical and effective for cloud storage.