Security-enhanced public-key authenticated searchable encryption

Abstract

Public key authenticated encryption with keyword search (PAEKS) is an asymmetric searchable encryption technique secure against inside keyword guessing attacks. The security properties of PAEKS are modeled via ciphertext indistinguishability (CI) and trapdoor indistinguishability (TI). Nowadays, CI security has been extended to enable the attacker to challenge two keyword tuples (MCI security), and even obtain ciphertext embedded with any keyword (fully MCI security). However, similar extensions to TI security have not yet been achieved from bilinear pairings.In this work, we address this problem by focusing not only on ciphertext privacy, but also on trapdoor privacy. In particular, we adopt the enhanced TI-security, namely fully MTI security. We begin by conducting a detailed comparison of the fully MTI security with current TI models. Subsequently, we design a PAEKS scheme from bilinear pairings that initially achieves both fully MTI and fully MCI security, thereby offering a stronger security guarantee than other existing PAEKS schemes. To optimize the practical efficiency, we adopt various techniques: accelerating the online efficiency by shifting most computational cost offline; leveraging parallel computing to speed up the test algorithm. Consequently, our optimized scheme is competitive with other PAEKS schemes optimized using similar techniques.