Lightweight Public Key Authenticated Encryption With Keyword Search Against Adaptively-Chosen-Targets Adversaries for Mobile Devices
Yang Lu, Jiguo Li
Abstract
Cloud storage services have grown extensively in recent years. For security and privacy purposes, sensitive data need to be outsourced to clouds in encrypted form. Searchable public key encryption (SPKE) enables data ciphertexts to be retrieved by keyword(s) without decryption. Unfortunately, most of the existing SPKE schemes cannot withstand the keyword guessing attack. To combat such attack, public key authenticated encryption with keyword search (PAEKS) was presented. However, the existing PAEKS schemes were proven secure under a designated-targets security model, in which an adversary only can attack a sender and a recipient designated by the challenger. Our cryptanalysis indicates that such a scheme may be insecure against the practical attacks where the adversaries choose their targets by themselves. To fight against adaptively-chosen-targets adversaries, we refine the adversary model for PAEKS by permitting the adversaries to choose their targets adaptively, and then formalize the security definitions under the improved security model. After that, we devise a lightweight PAEKS scheme that avoids the time-consuming bilinear pairing operations and give the security proofs. The comparisons show that it outperforms the existing bilinear pairing-based PAEKS schemes in both the computation and communication performance, and therefore is more suitable for the resource-constrained mobile devices.