Efficient secure channel free identity-based searchable encryption schemes with privacy preserving for cloud storage service

Abstract

Cloud storage is a basic service model of the cloud computing. Since the cloud data is stored in the ciphertext for the data confidentiality, how to search the cloud data again in ciphertext state for users is a natural requirement. The searchable encryption (SE) gives an efficient solution to achieve both the data confidentiality and the searchable requirement simultaneously. In SE schemes, the user can transfer a search trapdoor to the cloud server from a secure channel and the cloud server can use the received trapdoor to search the corresponding keyword ciphertext. Since the keywords are with low entropy, the traditional SE is vulnerable to keyword guessing attack. In order to remove the need of the secure channel and also to achieve the security against the keyword guessing attack, we build a single-user identity-based secure channel free SE scheme in the random oracle model by using lattice-based tools. Only the designated cloud server can finish the ciphertext search which means the secure channel between the user and the cloud server is not needed in the proposed scheme. Under the hardness of the learning with errors problem, we prove that the proposed scheme is ciphertext indistinguishable under the selective identity and chosen keyword attacks. Moreover, the proposed scheme also satisfies the trapdoor indistinguishability which directly leads to the security against the outside offline keyword guessing attack. Furthermore, we extend the proposed single-user scheme into the multi-user scenario. The proposed multi-user scheme inherits all functions achieved in the single-user scheme, such as secure channel free. Meanwhile, ciphertext length is fixed with the number of users increasing, which is more suitable for the large group users. In addition, we analyze the theoretical evaluation and experimental evaluation between the proposed schemes and some known literatures respectively. The results demonstrate that our proposed algorithms have several advantages in the both single-user and multi-user schemes, for example, the ciphertext lengths in the single/multi-user schemes are only 5.632KB and 6.016KB respectively and the running time of Test algorithm for any user groups is fixed to be 0.65ms in our simulated experiments.