Abstract
The cloud-assisted Internet of Things (CIoT) is booming, which utilizes powerful data processing capabilities of the cloud platform to solve massive Internet of Things (IoT) data. However, the CIoT faces new security challenges, such as the confidentiality of the outsourced data. Data encryption is a fundamental technique that can guarantee the confidentiality of outsourced data, but it limits target encrypted data retrieval from cloud platform. Public key encryption with keyword search (PEKS) provides a promising solution to address this problem. In PEKS, a cloud server can be authorized to search the keyword in encrypted documents and retrieve associated encrypted documents for the receiver. However, most existing PEKS schemes merely focus on keyword search function while ignoring the associated documents encryption/decryption function. Thus, in practice, a PEKS scheme must cooperate with another separated public key encryption (PKE) scheme to fulfill a completely secure data sharing scheme. To address this problem, in this paper, we propose a secure data sharing scheme with designated server that combines PKE scheme with PEKS scheme, which provides both keyword search and documents encryption/decryption functions. Furthermore, only the designated server can search the keyword via encrypted documents for enhanced security in our work. Moreover, our scheme also satisfies the public verifiability of search results, which includes both keywords and documents ciphertexts’ correctness and integrity. As to the security, our scheme provides stronger indistinguishability security of document and keyword in the proposed security model.
Highlights
Cloud storage has been widely deployed in daily life
Data is migrated from the user to a cloud server, in which the cloud server is widely recognized as an honest-but-curious party
Searchable encryption is mainly divided into two techniques, which are symmetric searchable encryption (SSE) and public key encryption with keyword search (PEKS)
Summary
We propose a secure data sharing scheme with designated server that captures both functions of PKE and PEKS, which provides the functions both keyword search and documents encryption/decryption. Our scheme can satisfy the public verifiability of search results, including ciphertexts both documents and keywords, which achieves the correctness and integrity. (1) We introduce the definition of secure data sharing scheme with designated server, which satisfies the functions both of keyword search and documents encryption/decryption. Chen et al [6] proposed a PEKS-PKE scheme in 2016 and Chen et al.’s general construction leaks the keyword to the server These three schemes do not discuss the security of trapdoor, and their schemes do not support the correctness and integrity verification of the search results, including the returned ciphertexts both documents and keywords.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
