Key-aggregate searchable encryption supporting conjunctive queries for flexible data sharing in the cloud

Abstract

Searchable encryption (SE) meets users' demand for the keyword search on encrypted data. Key-aggregate searchable encryption (KASE) improves data owners' ability to selectively share encrypted data with users. In KASE, the data owner encrypts different documents/document classes with distinct keys and can share any selected subset of documents by simply transmitting an aggregate key to the user. The user only uploads an aggregate trapdoor to the server for querying these shared documents. However, the existing KASE schemes have some limitations: the security definition is incomplete, only single-keyword search is supported, and the provable security scheme relies on the random oracle model. For these reasons, in this paper, we propose the Key-Aggregate Searchable Encryption supporting Conjunctive Queries (KASE-CQ) framework and its two security models: indistinguishability against selective-document chosen keyword attack and existential unforgeability against selective-document chosen keyword attack. These models reflect the indistinguishability of ciphertext and the unforgeability of the aggregate key, respectively. Our system supports flexible data sharing and the conjunctive keyword search on encrypted data. Furthermore, we design a concrete KASE-CQ construction, which can be proven secure in the standard model. We also demonstrate that our construction is secure against the insider trapdoor attack presented by Zhou et al. [40]. Finally, performance analysis and comparisons with Cui et al.'s scheme [10] illustrate the superior efficiency of our scheme.