结合公钥加密和关键字可搜索加密的加密方案

带关键字搜索的公钥加密(PEKS)是一种有用的加密原语,它允许用户将在加密数据上搜索的功能委托给不可信的第三方服务器,而不影响原始数据的安全性和隐私性。但是,由于缺乏对于数据的加密以及解密能力,PEKS方案不能单独进行使用,必须与标准的公钥加密方案(PKE)相结合。因此,Baek等人在2006年引入了一种新的加密原语,称为结合PKE和PEKS的加密方案(PKE+PEKS),它同时提供了PKE和PEKS的功能。目前,已有文献提出了几种PKE+PEKS方案。然而,他们都没有考虑关键字猜测攻击的问题。本文提出一个新的高效且能够抵抗关键字猜测攻击的PKE+PEKS方案,与已有方案相比,该方案在性能上有很大的提升,并且在生成关键字和数据密文时,不需要使用双线性对,极大地降低了计算和存储成本。安全性分析表明,本文中所提出的方案能够满足密文隐私安全性、陷门不可区分性和抗关键字猜测攻击的安全性。效率分析表明,本分提出的方案更加高效。

Integrated Public Key Encryption and Public Key Encryption with Keyword Search

Public key encryption with keyword search (PEKS) is a useful cryptographic primitive which allows one to delegate to an untrusted storage server the capability of searching on publicly encrypted data without impacting the security and privacy of original  data. However, due to lack of data encryption and decryption function, a PEKS scheme cannot be used alone but has to be coupled with a standard public key encryption (PKE) scheme. For this reason, a new cryptographic primitive called integrated PKE and PEKS (PKE+PEKS) was introduced by Baek et al. in 2006, which provides the functions of both PKE and PEKS. So far, several PKE+PEKS schemes have been proposed in the literature. However, none of them considers the keyword guessing attack. This paper proposes a new efficient PKE+PEKS scheme which can resist keyword guessing attacks. Compared with other existed scheme, the performance of this scheme is greatly improved and we needn’t use bilinear pairing in the generation of ciphertext of keywords and data, which reduces the cost of computation and storage. The security analysis shows that the scheme proposed in this paper can satisfy the security of ciphertext privacy, the trapdoor indistinguishability and the keyword guessing attack respectively. Efficiency analysis shows that the proposed scheme is more efficient.