FS-PEKS: Lattice-Based Forward Secure Public-Key Encryption with Keyword Search for Cloud-Assisted Industrial Internet of Things

Cloud-assisted Industrial Internet of Things (IIoT) relies on cloud computing to provide massive data storage services. To ensure the confidentiality, sensitive industrial data need to be encrypted before being outsourced to cloud storage server. Public-key encryption with keyword search (PEKS) enab...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on dependable and secure computing 2021-05, Vol.18 (3), p.1019-1032
Main Authors: Zhang, Xiaojun, Xu, Chunxiang, Wang, Huaxiong, Zhang, Yuan, Wang, Shixiong
Format: Article
Language:English
Subjects:
Cloud computing
Cloud-assisted Industrial Internet of Things
Data search
Data storage
Encryption
forward security
Industrial applications
insider keyword guessing attacks
Internet of Things
Keywords
lattice assumptions
Performance evaluation
Public key
public-key encryption with keyword search
Quantum computers
Receivers
Security
Servers
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Cloud-assisted Industrial Internet of Things (IIoT) relies on cloud computing to provide massive data storage services. To ensure the confidentiality, sensitive industrial data need to be encrypted before being outsourced to cloud storage server. Public-key encryption with keyword search (PEKS) enables users to search target encrypted data by keywords. However, most existing PEKS schemes are based on conventional hardness assumptions, which are vulnerable to adversaries equipped with quantum computers in the near future. Moreover, they suffer from key exposure, and thus the security would be broken once the keys are compromised. In this paper, we propose a forward secure PEKS scheme (FS-PEKS) based on lattice assumptions for cloud-assisted IIoT, which is post-quantum secure. We integrate a lattice-based delegation mechanism into FS-PEKS to achieve forward security, such that the security of the system is still guaranteed even the keys are compromised by the adversaries. We define the first formal security model on forward security of PEKS, and prove the security of FS-PEKS under the model. As the keywords of industrial data are with inherently low entropy, we further extend FS-PEKS to resist insider keyword guessing attacks (IKGA). The comprehensive performance evaluation demonstrates that FS-PEKS is practical for cloud-assisted IIoT.
ISSN:1545-5971
1941-0018
DOI:10.1109/TDSC.2019.2914117