Controlled Search: Building Inverted-Index PEKS With Less Leakage in Multiuser Setting

The public key encryption with keyword search (PEKS) schemes are mostly applied to small data sets in mail forwarding systems. When retrieving large databases, the typical search mechanism makes them inefficient and impractical. When designing a PEKS scheme, except for remedying the vulnerability of...

Full description

Saved in:
Bibliographic Details
Published in:IEEE internet of things journal 2024-01, Vol.11 (1), p.403-417
Main Authors: Qin, Guiyun, Liu, Pengtao, Hu, Chengyu, Li, Zengpeng, Guo, Shanqing
Format: Article
Language:English
Subjects:
Access control
Data encryption
Leakage
Linear transformations
Privacy
Searching
Security
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The public key encryption with keyword search (PEKS) schemes are mostly applied to small data sets in mail forwarding systems. When retrieving large databases, the typical search mechanism makes them inefficient and impractical. When designing a PEKS scheme, except for remedying the vulnerability of keyword guessing attacks (KGAs), other leakage issues, such as multipattern privacy and forward/backward security are rarely considered, which may lead to information leakage. Moreover, most existing PEKS only consider applications in single-user scenarios, and cannot be directly transferred to multiuser scenarios, which undermines the value of data utilization. To cope with the above concerns, we propose a PEKS scheme based on an inverted index where the bitmap is used to build the index for the first time in PEKS to meet some seemingly conflicting yet desirable characteristics. First, it has high search efficiency under multiwriter and multiuser. Through linear transformation, users quickly retrieve data and control other users’ access to their data without relying on a third party for authentication. Second, we prove its security in an enhanced security model that achieves multipattern privacy and forward and backward security. It can also resist KGA attacks without a designated tester, which makes it more practical. Finally, it can be extended to achieve search result verification. Compare to the scheme (Zhang et al. ICWS 2016), it has absolute advantages in security and computational cost where the search efficiency is improved by two orders of magnitude.
ISSN:2327-4662
2327-4662
DOI:10.1109/JIOT.2023.3287353