Privacy leakage of certificateless public key authenticated searchable encryption via frequency analysis: Attacks and revises |
| |
| Affiliation: | 1. School of Mathematics, Shandong University, Jinan, China;2. School of Cyber Science and Technology, Shandong University, Qingdao, China;3. School of Information Engineering, Ningxia University, Yinchuan, China;4. Yanqi Lake Beijing Institute of Mathematical Sciences and Applications, Beijing, China;5. Yau Mathematical Sciences Center, Tsinghua University, Beijing, China;1. School of Mathematics, Shandong University, Jinan, 250100, Shandong, China;2. School of Computing and Mathematical Sciences, University of Greenwich, London, UK |
| |
| Abstract: | Certificateless public key authenticated searchable encryption (CLPASE) is a versatile asymmetric searchable encryption that enables ciphertext retrieval, resists inside keyword guessing attacks, and avoids both certificate management problem and key escrow problem. However, most existing CLPASE schemes are vulnerable to frequency analysis which can extract keywords from user-generated trapdoors (i.e., search queries) and thus compromise user’s search privacy.In this paper, we give a detailed analysis showing that most CLPASE schemes reveal the underlying frequency distribution of the target keywords in the trapdoors searched by users, regardless of whether the trapdoor generation algorithm is deterministic or not. The analysis shows that frequency analysis has become a significant threat to users’ search privacy in the CLPASE system. To address this issue, we provide a concrete CLPASE scheme against frequency analysis. We then compare our scheme with previous CLPASE schemes in terms of features and performance evaluation. As a result, our scheme provides higher guarantee for user’s search privacy with comparable efficiency. |
| |
| Keywords: | Certificateless Authenticated searchable encryption Keyword guessing attacks Frequency analysis Search privacy |
| 本文献已被 ScienceDirect 等数据库收录! |
|
