Blockchain-assisted verifiable certificate-based searchable encryption against untrusted cloud server for Industrial Internet of Things

Abstract

The Industrial Internet of Things (IIoT) has brought practical application value to many industries, where significant amounts of IIoT data and resources are outsourced to cloud server (CS) via diverse networks for data fusion, monitoring, sharing, and calculation analysis. Considering privacy, there is a need to execute the encryption operation on the data before outsourcing, while how to retrieve the encrypted data from CS becomes a thorny issue. Furthermore, the untrusted CS in charge of storing and searching the ciphertexts may return incorrect or incomplete search results for some interest. Verifiable public key searchable encryption (VPKSE) provides the ability to encrypt data, retrieve ciphertext, and verify search results simultaneously. However, the malicious behavior of CS has not been sufficiently considered in most existing schemes, that is, their verifiability only ensures the correctness of search results, neglecting completeness. In this paper, the verifiability of VPKSE is re-examined, and three verifiability levels are defined detailedly. On this basis, a blockchain-assisted verifiable certificated-based searchable encryption (BVCBSE) scheme for IIoT is put forward. The integration of blockchain and cryptographic accumulator ensures that an untrusted CS must return correct and complete search results, achieving the highest level of verifiability. In addition, security analysis demonstrates that BVCBSE can resist keyword guessing attack. Performance evaluation illustrates that BVCBSE is efficient and practical.