Dual Traceable Distributed Attribute-Based Searchable Encryption and Ownership Transfer

Abstract

In this paper, we propose dual traceable distributed attribute based encryption with subset keyword search system (DT-DABE-SKS, abbreviated as DT) to simultaneously realize data source trace (secure provenance) and user trace (traitor trace) and flexible subset keyword search from polynomial interpolation. Leveraging non-interactive zero-knowledge proof technology, DT preserves privacy for both data providers and users in normal circumstances, but a trusted authority can disclose their real identities if necessary, such as the providers deceitfully uploading false data or users maliciously leaking secret attribute key. Next, we introduce the new conception of updatable and transferable message-lock encryption (UT-MLE) for block-level dynamic encrypted file update, where the owner does not have to download the whole ciphertext, decrypt, re-encrypt and upload for minor document modifications. In addition, the owner is permitted to transfer file ownership to other system customers with efficient computation in an authenticated manner. A nontrivial integration of DT and UT-MLE lead to the distributed ABSE with ownership transfer system (DTOT) to enjoy the above merits. We formally define DT, UT-MLE, and their security model. Then, the instantiations of DT and UT-MLE, and the formal security proof are presented. Comprehensive comparison and experimental analysis based on real dataset affirm their feasibility.