Searchable encryption (SE) is a promising technology that provides search functions while preserving information privacy. A small number of SE schemes can be applied to a distributed system. In such systems, multiple owners provide data that is encrypted by their secret keys to the system for retrieval by users. In this setup, however, users need to scan a searchable index for retrievals, which leads to linear search complexity. Moreover, updates of users (e.g., revoking an expired user from the system) generally incur substantial overhead to re-build the index. Accordingly, we propose a scan-free verifiable public-key searchable encryption scheme with an efficient user update function in a distributed system (i.e., in a multi-owner multi-user model). First, owners self-select secret keys to encrypt keywords. A master secret key is designed to support keyword searches among these keys. Additionally, a searchable index with an implicit relationship between the same keyword is proposed. There is no need to scan the index for keyword retrieval, which achieves sub-linear search complexity. It is also important that the updates of owners do not exert an influence on users and the other owners in our proposed scheme. As the key revocation mechanism, the master secret key is split into more partial secret keys that are distributed to users. Accordingly, the system only needs to re-split and re-distribute the key rather than re-building the index for updates of users. When making queries, not only are the content of queries and the master secret key concealed, but collusion between some users and the cloud server is resisted. The proposed scheme also supports an efficient result verification mechanism. The security and utility of our scheme were confirmed thru analysis and evaluation.
Read full abstract