Enabling Multi-Factor Authentication and Verification in Searchable Encryption

Abstract

AbstractData management with third-party involvement is often considered a severe concern in the new normal. The cloud environment has become the current trend in the modern internet era, but anonymity, maintenance, and data secrecy have become more concerned. Trusting third-party that store confidential data on the cloud may cause entities irreparable damage. As a result, the data should be kept protected to sustain secrecy. Searchable Encryption (SE) solves the problem by browsing through encrypted data. Previous studies have mainly focused on encrypting, searching, and decrypting data using searchable encryption schemes. However, most of the schemes failed to include multi-factor authentication and verification, which adds an extra layer of security to data access with SE. We introduced a multi-factor authentication and verification scheme called the TOTPV-KASE scheme, i.e., time-based one-time password and verification in key-aggregate searchable encryption. We present a summary of various searchable encryption schemes and implement the time-based one-time password generated by the owner of the data and verify it using an Inter Planetary File System (IPFS).KeywordsSearchable Encryption (SE)Data Owner (DO)Data User (DU)Cloud Service Provider (CSP)Key-Aggregate Searchable Encryption (KASE)Time-based One-Time Password (TOTP)Inter Planetary File System (IPFS)Time-based One-Time Password and Verification in Key-Aggregate Searchable Encryption (TOTPV-KASE)