Lattice-based proxy-oriented identity-based encryption with keyword search for cloud storage

Public-key encryption with keyword search (PEKS) enables users to search over encrypted data and retrieve target data efficiently. However, most of existing PEKS schemes are vulnerable to adversaries equipped with quantum computers in the near future, and even incur complex certificate management pr...

Πλήρης περιγραφή

Λεπτομέρειες βιβλιογραφικής εγγραφής
Κύριοι συγγραφείς: Zhang, Xiaojun, Tang, Yao, Wang, Huaxiong, Xu, Chunxiang, Miao, Yinbin, Cheng, Hang
Άλλοι συγγραφείς: School of Physical and Mathematical Sciences
Μορφή: Journal Article
Γλώσσα:English
Έκδοση: 2020
Θέματα:
Διαθέσιμο Online:https://hdl.handle.net/10356/142923
_version_ 1826119426929328128
author Zhang, Xiaojun
Tang, Yao
Wang, Huaxiong
Xu, Chunxiang
Miao, Yinbin
Cheng, Hang
author2 School of Physical and Mathematical Sciences
author_facet School of Physical and Mathematical Sciences
Zhang, Xiaojun
Tang, Yao
Wang, Huaxiong
Xu, Chunxiang
Miao, Yinbin
Cheng, Hang
author_sort Zhang, Xiaojun
collection NTU
description Public-key encryption with keyword search (PEKS) enables users to search over encrypted data and retrieve target data efficiently. However, most of existing PEKS schemes are vulnerable to adversaries equipped with quantum computers in the near future, and even incur complex certificate management procedures due to the public key infrastructure (PKI). To this end, we propose a proxy-oriented identity-based encryption with keyword search (PO-IBEKS) scheme from lattices for cloud storage, which is post-quantum secure. In PO-IBEKS, an original data owner authorizes a proxy to encrypt sensitive data as well as corresponding keywords and upload ciphertexts to clouds, which alleviates the data processing burden on the original data owner. Besides, PO-IBEKS can resist inside keyword guessing attacks (IKGA) from misbehaved cloud servers by integrating the learning with errors (LWE) encryption and preimage sampleable function. Each entity in PO-IBEKS is identified with her/his recognizable information, thereby eliminating managing certificates. Formal security analysis proves that PO-IBEKS can achieve ciphertext indistinguishability, existential unforgeability, and delegation security. Experimental results demonstrate PO-IBEKS is much more practical when compared with existing schemes.
first_indexed 2024-10-01T04:59:49Z
format Journal Article
id ntu-10356/142923
institution Nanyang Technological University
language English
last_indexed 2024-10-01T04:59:49Z
publishDate 2020
record_format dspace
spelling ntu-10356/1429232023-02-28T19:49:08Z Lattice-based proxy-oriented identity-based encryption with keyword search for cloud storage Zhang, Xiaojun Tang, Yao Wang, Huaxiong Xu, Chunxiang Miao, Yinbin Cheng, Hang School of Physical and Mathematical Sciences Research Techno Plaza Science::Mathematics Proxy-oriented Identity-based Encryption Public-key encryption with keyword search (PEKS) enables users to search over encrypted data and retrieve target data efficiently. However, most of existing PEKS schemes are vulnerable to adversaries equipped with quantum computers in the near future, and even incur complex certificate management procedures due to the public key infrastructure (PKI). To this end, we propose a proxy-oriented identity-based encryption with keyword search (PO-IBEKS) scheme from lattices for cloud storage, which is post-quantum secure. In PO-IBEKS, an original data owner authorizes a proxy to encrypt sensitive data as well as corresponding keywords and upload ciphertexts to clouds, which alleviates the data processing burden on the original data owner. Besides, PO-IBEKS can resist inside keyword guessing attacks (IKGA) from misbehaved cloud servers by integrating the learning with errors (LWE) encryption and preimage sampleable function. Each entity in PO-IBEKS is identified with her/his recognizable information, thereby eliminating managing certificates. Formal security analysis proves that PO-IBEKS can achieve ciphertext indistinguishability, existential unforgeability, and delegation security. Experimental results demonstrate PO-IBEKS is much more practical when compared with existing schemes. Accepted version 2020-07-13T01:44:21Z 2020-07-13T01:44:21Z 2019 Journal Article Zhang, X., Tang, Y., Wang, H., Xu, C., Miao, Y., & Cheng, H. (2019). Lattice-based proxy-oriented identity-based encryption with keyword search for cloud storage. Information Sciences, 494, 193-207. doi:10.1016/j.ins.2019.04.051 0020-0255 https://hdl.handle.net/10356/142923 10.1016/j.ins.2019.04.051 494 193 207 en Information Sciences © 2019 Elsevier Inc. All rights reserved. This paper was published in Information Sciences and is made available with permission of Elsevier Inc. application/pdf
spellingShingle Science::Mathematics
Proxy-oriented
Identity-based Encryption
Zhang, Xiaojun
Tang, Yao
Wang, Huaxiong
Xu, Chunxiang
Miao, Yinbin
Cheng, Hang
Lattice-based proxy-oriented identity-based encryption with keyword search for cloud storage
title Lattice-based proxy-oriented identity-based encryption with keyword search for cloud storage
title_full Lattice-based proxy-oriented identity-based encryption with keyword search for cloud storage
title_fullStr Lattice-based proxy-oriented identity-based encryption with keyword search for cloud storage
title_full_unstemmed Lattice-based proxy-oriented identity-based encryption with keyword search for cloud storage
title_short Lattice-based proxy-oriented identity-based encryption with keyword search for cloud storage
title_sort lattice based proxy oriented identity based encryption with keyword search for cloud storage
topic Science::Mathematics
Proxy-oriented
Identity-based Encryption
url https://hdl.handle.net/10356/142923
work_keys_str_mv AT zhangxiaojun latticebasedproxyorientedidentitybasedencryptionwithkeywordsearchforcloudstorage
AT tangyao latticebasedproxyorientedidentitybasedencryptionwithkeywordsearchforcloudstorage
AT wanghuaxiong latticebasedproxyorientedidentitybasedencryptionwithkeywordsearchforcloudstorage
AT xuchunxiang latticebasedproxyorientedidentitybasedencryptionwithkeywordsearchforcloudstorage
AT miaoyinbin latticebasedproxyorientedidentitybasedencryptionwithkeywordsearchforcloudstorage
AT chenghang latticebasedproxyorientedidentitybasedencryptionwithkeywordsearchforcloudstorage