A multi-user searchable encryption scheme with keyword authorization in a cloud storage |
| |
| Affiliation: | 1. School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, Hubei 430074, China;2. School of Computer and Communication, Hunan Institute of Engineering, Xiangtan, Hunan, 411104, China;3. College of Information Science and Engineering, Hunan University, Changsha, Hunan 410082, China;4. National Supercomputing Center in Changsha, Changsha, Hunan 410082, China;5. Department of Computer Science, State University of New York, New Paltz, NY 12561, United States;1. The School of Science, Hangzhou Dianzi University, Hangzhou, 310018 China;2. Department of Physics, Zhejiang University, Hangzhou, 310027 China;1. Beijing Engineering Research Center of Massive Language Information Processing and Cloud Computing Application, School of Computer Science and Technology, Beijing Institute of Technology, Beijing 100081, China;2. Faculty of Engineering and Information Technology, University of Technology Sydney, NSW 2007, Australia;1. School of Mathematics, Shandong University, Jinan, China;2. School of Engineering and Information Technology, University of New South Wales Defence Force Academy Canberra, Australia |
| |
| Abstract: | Multi-user searchable encryption (MSE) allows a user to encrypt its files in such a way that these files can be searched by other users that have been authorized by the user. The most immediate application of MSE is to cloud storage, where it enables a user to securely outsource its files to an untrusted cloud storage provider without sacrificing the ability to share and search over it. Any practical MSE scheme should satisfy the following properties: concise indexes, sublinear search time, security of data hiding and trapdoor hiding, and the ability to efficiently authorize or revoke a user to search over a file. Unfortunately, there exists no MSE scheme to achieve all these properties at the same time. This seriously affects the practical value of MSE and prevents it from deploying in a concrete cloud storage system. To resolve this problem, we propose the first MSE scheme to satisfy all the properties outlined above. Our scheme can enable a user to authorize other users to search for a subset of keywords in encrypted form. We use asymmetric bilinear map groups of Type-3 and keyword authorization binary tree (KABtree) to construct this scheme that achieves better performance. We implement our scheme and conduct performance evaluation, demonstrating that our scheme is very efficient and ready to be deployed. |
| |
| Keywords: | Cloud storage Encrypted data Keyword authorization Multi-user searchable encryption |
| 本文献已被 ScienceDirect 等数据库收录! |
|
