Lattice-based proxy-oriented identity-based encryption with keyword search for cloud storage
Public-key encryption with keyword search (PEKS) enables users to search over encrypted data and retrieve target data efficiently. However, most of existing PEKS schemes are vulnerable to adversaries equipped with quantum computers in the near future, and even incur complex certificate management pr...
Κύριοι συγγραφείς: | , , , , , |
---|---|
Άλλοι συγγραφείς: | |
Μορφή: | Journal Article |
Γλώσσα: | English |
Έκδοση: |
2020
|
Θέματα: | |
Διαθέσιμο Online: | https://hdl.handle.net/10356/142923 |
_version_ | 1826119426929328128 |
---|---|
author | Zhang, Xiaojun Tang, Yao Wang, Huaxiong Xu, Chunxiang Miao, Yinbin Cheng, Hang |
author2 | School of Physical and Mathematical Sciences |
author_facet | School of Physical and Mathematical Sciences Zhang, Xiaojun Tang, Yao Wang, Huaxiong Xu, Chunxiang Miao, Yinbin Cheng, Hang |
author_sort | Zhang, Xiaojun |
collection | NTU |
description | Public-key encryption with keyword search (PEKS) enables users to search over encrypted data and retrieve target data efficiently. However, most of existing PEKS schemes are vulnerable to adversaries equipped with quantum computers in the near future, and even incur complex certificate management procedures due to the public key infrastructure (PKI). To this end, we propose a proxy-oriented identity-based encryption with keyword search (PO-IBEKS) scheme from lattices for cloud storage, which is post-quantum secure. In PO-IBEKS, an original data owner authorizes a proxy to encrypt sensitive data as well as corresponding keywords and upload ciphertexts to clouds, which alleviates the data processing burden on the original data owner. Besides, PO-IBEKS can resist inside keyword guessing attacks (IKGA) from misbehaved cloud servers by integrating the learning with errors (LWE) encryption and preimage sampleable function. Each entity in PO-IBEKS is identified with her/his recognizable information, thereby eliminating managing certificates. Formal security analysis proves that PO-IBEKS can achieve ciphertext indistinguishability, existential unforgeability, and delegation security. Experimental results demonstrate PO-IBEKS is much more practical when compared with existing schemes. |
first_indexed | 2024-10-01T04:59:49Z |
format | Journal Article |
id | ntu-10356/142923 |
institution | Nanyang Technological University |
language | English |
last_indexed | 2024-10-01T04:59:49Z |
publishDate | 2020 |
record_format | dspace |
spelling | ntu-10356/1429232023-02-28T19:49:08Z Lattice-based proxy-oriented identity-based encryption with keyword search for cloud storage Zhang, Xiaojun Tang, Yao Wang, Huaxiong Xu, Chunxiang Miao, Yinbin Cheng, Hang School of Physical and Mathematical Sciences Research Techno Plaza Science::Mathematics Proxy-oriented Identity-based Encryption Public-key encryption with keyword search (PEKS) enables users to search over encrypted data and retrieve target data efficiently. However, most of existing PEKS schemes are vulnerable to adversaries equipped with quantum computers in the near future, and even incur complex certificate management procedures due to the public key infrastructure (PKI). To this end, we propose a proxy-oriented identity-based encryption with keyword search (PO-IBEKS) scheme from lattices for cloud storage, which is post-quantum secure. In PO-IBEKS, an original data owner authorizes a proxy to encrypt sensitive data as well as corresponding keywords and upload ciphertexts to clouds, which alleviates the data processing burden on the original data owner. Besides, PO-IBEKS can resist inside keyword guessing attacks (IKGA) from misbehaved cloud servers by integrating the learning with errors (LWE) encryption and preimage sampleable function. Each entity in PO-IBEKS is identified with her/his recognizable information, thereby eliminating managing certificates. Formal security analysis proves that PO-IBEKS can achieve ciphertext indistinguishability, existential unforgeability, and delegation security. Experimental results demonstrate PO-IBEKS is much more practical when compared with existing schemes. Accepted version 2020-07-13T01:44:21Z 2020-07-13T01:44:21Z 2019 Journal Article Zhang, X., Tang, Y., Wang, H., Xu, C., Miao, Y., & Cheng, H. (2019). Lattice-based proxy-oriented identity-based encryption with keyword search for cloud storage. Information Sciences, 494, 193-207. doi:10.1016/j.ins.2019.04.051 0020-0255 https://hdl.handle.net/10356/142923 10.1016/j.ins.2019.04.051 494 193 207 en Information Sciences © 2019 Elsevier Inc. All rights reserved. This paper was published in Information Sciences and is made available with permission of Elsevier Inc. application/pdf |
spellingShingle | Science::Mathematics Proxy-oriented Identity-based Encryption Zhang, Xiaojun Tang, Yao Wang, Huaxiong Xu, Chunxiang Miao, Yinbin Cheng, Hang Lattice-based proxy-oriented identity-based encryption with keyword search for cloud storage |
title | Lattice-based proxy-oriented identity-based encryption with keyword search for cloud storage |
title_full | Lattice-based proxy-oriented identity-based encryption with keyword search for cloud storage |
title_fullStr | Lattice-based proxy-oriented identity-based encryption with keyword search for cloud storage |
title_full_unstemmed | Lattice-based proxy-oriented identity-based encryption with keyword search for cloud storage |
title_short | Lattice-based proxy-oriented identity-based encryption with keyword search for cloud storage |
title_sort | lattice based proxy oriented identity based encryption with keyword search for cloud storage |
topic | Science::Mathematics Proxy-oriented Identity-based Encryption |
url | https://hdl.handle.net/10356/142923 |
work_keys_str_mv | AT zhangxiaojun latticebasedproxyorientedidentitybasedencryptionwithkeywordsearchforcloudstorage AT tangyao latticebasedproxyorientedidentitybasedencryptionwithkeywordsearchforcloudstorage AT wanghuaxiong latticebasedproxyorientedidentitybasedencryptionwithkeywordsearchforcloudstorage AT xuchunxiang latticebasedproxyorientedidentitybasedencryptionwithkeywordsearchforcloudstorage AT miaoyinbin latticebasedproxyorientedidentitybasedencryptionwithkeywordsearchforcloudstorage AT chenghang latticebasedproxyorientedidentitybasedencryptionwithkeywordsearchforcloudstorage |