On the Security of Key-Aggregate Searchable Encryption

Authors

  • Jing Wen School of Information Engineering, Lanzhou City University, Lanzhou, 730070, China
  • Haifeng Li 2) School of Computer and Information Science, Qinghai University of Science and Technology, Xining, 810016, China 3) Department of Information Technology, Qinghai University, Xining 810016, China
  • Caihui Lan School of Information Engineering, Lanzhou City University, Lanzhou, 730070, China

DOI:

https://doi.org/10.13052/jcsm2245-1439.13310

Keywords:

Searchable encryption, key-aggregate keyword searchable encryption, offline keyword guessing attack, authorization abuse

Abstract

The sharing of encrypted data in cloud computing is an essential functionality with countless applications in our everyday life. However, the issue of how to securely, efficiently and flexibly share encrypted data in multi-user settings has not been well solved. As a promising and elegant technique, the key-aggregate searchable encryption (KASE) scheme can efficiently support selective sharing of a large number of documents with a set of users using only a single, constant-size authorization key (i.e., the aggregated key). However, by conducting cryptanalysis on existing KASE schemes, we classify the attack methods into two types: offline keyword guessing attacks and authorization abuse. For the former attacks, we first employ the known keyword guessing attack methods to cryptanalyze several existing KASE schemes. Furthermore, we propose two novel keyword guessing attack methods, namely (1) Keyword guessing attack by modifying ciphertext and (2) Keyword guessing attack by constructing verification equation. For the latter attacks, we first utilized the known authorization abuse attack methods to cryptanalyze several existing KASE schemes. Furthermore, we develop a novel attack method in which the attacker can independently upgrade their own authorization and gain enhanced search privileges without colluding with multiple authorized users.

Downloads

Download data is not yet available.

Author Biographies

Jing Wen, School of Information Engineering, Lanzhou City University, Lanzhou, 730070, China

Jing Wen received the M.S. degree in computer science and technology from the Chang’an University in 2009. She is currently a Lecturer with the School of Electronics and Information Engineering, Lanzhou City University. Her research interests include network security and cryptography.

 

Haifeng Li, 2) School of Computer and Information Science, Qinghai University of Science and Technology, Xining, 810016, China 3) Department of Information Technology, Qinghai University, Xining 810016, China

Haifeng Li received the B.S. degree in computer science from Hebei University and the M.S. degree in computer science from Northwest Normal University and the Ph.D. degree with the School of Software, Dalian University of Technology. Currently, he is an associate with the School of Computer and Information Science, Qinghai University of Science and Technology. His research interests include applied cryptography, network security, cloud computing security, and big data security.

Caihui Lan, School of Information Engineering, Lanzhou City University, Lanzhou, 730070, China

Caihui Lan received the Ph.D. degree in basic mathematics from the School of Mathematics and Statistics, Northwest Normal University, Lanzhou, China, in 2013. He is currently an Associate Professor with the School of Electronics and Information Engineering, Lanzhou City University. His main research interests include cryptography and information security, in particular, cryptographic protocols.

References

Y Bao, W Qiu, and X Cheng. Secure and lightweight fine-grained searchable data sharing for iot-oriented and cloud-assisted smart healthcare system. IEEE Internet of Things Journal, 9(4):2513–2526, 2022.

D Boneh, G Crescenzo, R Ostrovsky, and G Persiano. Public key encryption with keyword search. international cconf. on the theory and applications of cryptographic techniques, interlaken, switzerland, 2–6 May, 2004.

P. Chaudhari and M. L. Das. Keysea: Keyword-based search with receiver anonymity in attribute-based searchable encryption. IEEE Transactions on Services Computing, 15(2):1036–1044, 2022.

Cheng-Kang Chu, Sherman SM Chow, Wen-Guey Tzeng, Jianying Zhou, and Robert H Deng. Key-aggregate cryptosystem for scalable data sharing in cloud storage. IEEE transactions on parallel and distributed systems, 25(2):468–477, 2013.

B Cui, Z Liu, and L Wang. Key-aggregate searchable encryption (kase) for group data sharing via cloud storage. IEEE Transactions on computers, 65(8):2374–2385, 2015.

K. Dhal, S. C. Rai, P. K. Pattnaik, and S. Tripathy. Cemar: a fine grained access control with revocation mechanism for centralized multi-authority cloud storage. Journal of supercomputing, 78(1):987–1009, 2022.

C Guo, N Luo, M.Z.A Bhuiyan, and et al. Key-aggregate authentication cryptosystem for data sharing in dynamic cloud storage. Future Generation Computer Systems, 2017.

Q Huang and H Li. An efficient public-key searchable encryption scheme secure against inside keyword guessing attacks. Information Sciences, s 403–404:1–14, 2017.

W. Hussain, J. M. Merigo, H. Gao, and et al. Integrated ahp-iowa, powa framework for ideal cloud provider selection and optimum resource management. IEEE Transactions on Services Computing, 2022.

Ik Rae Jeong, Jeong Ok Kwon, Dowon Hong, and Dong Hoon Lee. Constructing peks schemes secure against keyword guessing attacks is possible? Computer communications, 32(2):394–396, 2009.

M. Kamimura, N. Yanai, S Okamura, and et al. Key-aggregate searchable encryption, revisited: Formal foundations for cloud applications, and their implementation. IEEE Access, pages 1–17, 2020.

Aggelos Kiayias, Ozgur Oksuz, Alexander Russell, Qiang Tang, and Bing Wang. Efficient encrypted keyword search for multi-user data sharing. In European symposium on research in computer security, pages 173–195. Springer, 2016.

JoonYoung Lee, MyeongHyun Kim, JiHyeon Oh, YoungHo Park, KiSung Park, and Sungkee Noh. A secure key aggregate searchable encryption with multi delegation in cloud data sharing service. Applied Sciences, 11(19), 2021.

T Li, Z Liu, C Jia, and et al. key-aggregate searchable encryption under multi-owner setting for group data sharing in the cloud. Int. J. Web and Grid Services, 14(1):21–43, 2018.

Tong Li, Zheli Liu, Ping Li, Chunfu Jia, Zoe L Jiang, and Jin Li. Verifiable searchable encryption with aggregate keys for data sharing in outsourcing storage. In Australasian inproceedings on Information Security and Privacy, pages 153–169. Springer, 2016.

Jinlu Liu, Bo Zhao, Jing Qin, Xinyi Hou, and Jixin Ma. Key-aggregate searchable encryption supporting conjunctive queries for flexible data sharing in the cloud. Information Sciences, 645:119336, 2023.

Zheli Liu, Tong Li, Ping Li, Chunfu Jia, and Jin Li. Verifiable searchable encryption with aggregate keys for data sharing system. Future Generation Computer Systems, 78:778–788, 2018.

C Lou, M Cao, Y Lou, and et al. A secure key-aggregate keyword retrieval scheme over encrypted data in cloud computing. IEEE Access, pages 1–12, 2020.

Jihyeon Oh, JoonYoung Lee, MyeongHyun Kim, Youngho Park, KiSung Park, and SungKee Noh. A secure data sharing based on key aggregate searchable encryption in fog-enabled iot environment. IEEE Transactions on Network Science and Engineering, 9(6):4468–4481, 2022.

S Patranabis, Y Shrivastava, and D Mukhopadhyay. Provably secure key-aggregate cryptosystems with broadcast aggregate keys for online data sharing on the cloud. IEEE Transactions on Computers, 66(5): 891–904, 2017.

H Wang, X Dong, Z Cao, and et al. Secure key-aggregation authorized searchable encryption. Science China, Information Sciences, 62: 039111:–039111:3, 2019.

Xuqi Wang, Yu Xie, Xiangguo Cheng, and Zhengtao Jiang. An efficient key-aggregate keyword searchable encryption for data sharing in cloud storage. In IEEE Globecom Workshops (GC Wkshps), pages 1–6, 2019.

Z Wang. Provably secure key-aggregate cryptosystems with auxiliary inputs for data sharing on the cloud. Future generation computer systems, 939(APR):770–776, 2019.

Y Yao, Z Zhai, J Liu, and et al. lattice-based key-aggregate (searchable) encryption in cloud storage. IEEE Access, 2019.

Rang Zhou, Xiaosong Zhang, Xiaojiang Du, Xiaofen Wang, Guowu Yang, and Mohsen Guizani. File-centric multi-key aggregate keyword searchable encryption for industrial internet of things. IEEE Transactions on Industrial Informatics, 14(8):3648–3658, 2018.

Downloads

Published

2024-04-09

How to Cite

1.
Wen J, Li H, Lan C. On the Security of Key-Aggregate Searchable Encryption. JCSANDM [Internet]. 2024 Apr. 9 [cited 2025 Feb. 12];13(03):565-84. Available from: https://journals.riverpublishers.com/index.php/JCSANDM/article/view/22471

Issue

2024: Vol 13 Iss 3

Section

Articles

License

Copyright (c) 2024 Journal of Cyber Security and Mobility

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.