Dual Traceable Distributed Attribute-Based Searchable Encryption and Ownership Transfer
Yang Yang, Robert H. Deng, Wenzhong Guo, Hongju Cheng, Xiangyang Luo, Xianghan Zheng, Chunming Rong
Abstract
In this article, we propose <b>d</b> ual <b>t</b> raceable <b>d</b> istributed <b>a</b> ttribute <b>b</b> ased <b>e</b> ncryption with <b>s</b> ubset <b>k</b> eyword <b>s</b> earch system (DT-DABE-SKS, abbreviated as <inline-formula><tex-math notation="LaTeX">$\mathcal {DT}$</tex-math></inline-formula> ) to simultaneously realize data source trace (secure provenance) and user trace (traitor trace) and flexible subset keyword search from polynomial interpolation. Leveraging non-interactive zero-knowledge proof technology, <inline-formula><tex-math notation="LaTeX">$\mathcal {DT}$</tex-math></inline-formula> preserves privacy for both data providers and users in normal circumstances, but a trusted authority can disclose their real identities if necessary, such as the providers deceitfully uploading false data or users maliciously leaking secret attribute key. Next, we introduce the new conception of updatable and transferable message-lock encryption (UT-MLE) for block-level dynamic encrypted file update, where the owner does not have to download the whole ciphertext, decrypt, re-encrypt and upload for minor document modifications. In addition, the owner is permitted to transfer file ownership to other system customers with efficient computation in an authenticated manner. A nontrivial integration of <inline-formula><tex-math notation="LaTeX">$\mathcal {DT}$</tex-math></inline-formula> and UT-MLE lead to the distributed ABSE with ownership transfer system ( <inline-formula><tex-math notation="LaTeX">$\mathcal {DTOT}$</tex-math></inline-formula> ) to enjoy the above merits. We formally define <inline-formula><tex-math notation="LaTeX">$\mathcal {DT}$</tex-math></inline-formula> , UT-MLE, and their security model. Then, the instantiations of <inline-formula><tex-math notation="LaTeX">$\mathcal {DT}$</tex-math></inline-formula> and UT-MLE, and the formal security proof are presented. Comprehensive comparison and experimental analysis based on real dataset affirm their feasibility.