The Design And Analysis Of Multi-User Searchable Encryption Scheme

The development of cloud computing has been motivating people to outsource complex data management to the cloud server as required, so as to reduce computing and storage cost at the user side. Searchable encryption(SE) protects data privacy by encryption, while supports keyword search on the ciphertexts. To some extent, it solves the data security and usability problems simultaneously. However, most of the existing SE schemes are limited to the single-user application scenarios, in which only data owner has right to access his encrypted data. Apparently, this can’t meet the requirements of data sharing in cloud environment. Address to this phenomenon, we consider the scenario that allow multiple users to search on the sharing ciphertexts, and design Multi-user searchable encryption(MUSE) schemes which are more in line with the application environment of cloud computing. We also solve several general problems in numerous existing schemes.This paper starts from the analysis of the practical application scenarios of searchable encryption. Considering the real demands,we abstract four generic application models and describe the corresponding solving strategies respectively. On this basis, we locate the problem to the “many-to-many” model and build a system framework based on hybrid cloud. First of all, based on the thought of key correlation and bilinear mapping, we propose a MUSE scheme without key sharing. This scheme allows different users to generate same query trapdoors while they possess different keys. Then it relieves the serious risks brought by the method of key sharing. Moreover, efficient user revocation mechanism makes the system dynamic updating more convenient. By delegating most computing operation to the cloud server, the computation overhead at user side is reduced. Secondly, on the basis of the previous scheme, taking more complicated access situation into account, we bring in an access control mechanism and propose an attribute-based MUSE scheme. This scheme combines the technology of ciphertext-policy attribute based encryption and MUSE closely. Detailing different users’ access rights makes the access control more flexible. Meanwhile, we ensure that no other privacy information will be leaked on the premise that user attribute keys are exposed. We also focus on the problem of search efficiency and provides a feasible way to improve it.Security analysis shows that the proposed MUSE schemes are of semantic security. In addition, compared with other schemes, we carefully consider the entire process of interactions. Our schemes support more powerful function. The above work has positive significance for the further development of MUSE applications.