Research On Searchable Public Key Encryption Scheme With Key Update Function

With the rapid development of cloud storage,most enterprises or individuals choose to encrypt their data and then upload the ciphertexts to the cloud to protect the security and privacy of data.Public key encryption with keyword search(PEKS)allows users to search the ciphertexts without decrypting the encrypted data and disclosing the keyword information.However,cryptographic operations often occur on insecure devices or mobile devices,and these devices often face the risk of being lost or stolen.Therefore,the private keys stored on these devices are likely to be compromised.Key update can greatly reduce the harm caused by key leakage,so how to implement key update function in searchable public key encryption has become a problem worth solving.This paper proposes a keyupdatable and ciphertext-sharable public key encryption with keyword search(KU-CSPEKS)scheme.The proposed scheme not only solves some defects in the existing keyupdatable public key encryption with keyword search(KU-PEKS)scheme,but also realizes the ciphertext sharing function.In addition,this paper also studies how to implement the key-insulated function in certificateless searchable public key encryption and proposes a key-insulated certificateless public key encryption with keyword search(KI-CLPEKS)scheme.The main contributions of this paper are as follows:(1)In the existing KU-PEKS scheme,the user key is continuously updated with the operation of the system,but the keyword ciphertexts on the server cannot be updated without revealing the keyword information.In addition,it needs to send the trapdoors to the storage server through secure channels and does not consider the security of the trapdoor.This paper studies and proposes a KU-CS-PEKS scheme,which effectively overcomes the shortcomings of the KU-PEKS scheme.Firstly,it ensures the confidentiality of the ciphertexts and keywords when updating the ciphertexts,so that the server can update the ciphertexts without decryption;Secondly,it designates a storage server to perform the test operation,which eliminates the secure channel required by the trapdoor transmission;Finally,it implements the ciphertext sharing function,that is,other users can also access and retrieve the shared ciphertext on the server.This paper gives the definition of the KU-CSPEKS scheme and the corresponding security model,proposes a concrete KU-CS-PEKS scheme,and proves the scheme to satisfy the security of ciphertext indistinguishability under adaptively chosen keyword attack and the trapdoor indistinguishability under adaptively chosen keyword attack.The simulation experiment results show that the proposed KU-CSPEKS scheme is practical.(2)This paper introduces the key-insulation mechanism into certificateless public key encryption with keyword search(CLPEKS)and proposes a KI-CLPEKS scheme.This scheme not only avoids the problems of public key certificate management and key escrow,but also effectively reduces the harm caused by key leakage.In the KI-CLPEKS scheme,the user's private key is composed of two parts,namely,a partial private key and a secret value.Among them,the partial private key is generated by a key generation center(KGC),and the secret value is generated by the user.For KGC,it only knows the user's partial private key,and knows nothing about the secret value taken by the user,so it cannot obtain the user's complete private key,which effectively solves the key escrow problem.When the system is running,the public key of the scheme remains unchanged,and the private key is constantly updated with the operation of the system.Even if the private key of a certain period of time is leaked,the attacker cannot obtain the private key of other periods of time,which effectively reduces the harm caused by key leakage.This paper presents the definition and security model of the KI-CLPEKS scheme,proposes a concrete KI-CLPEKS scheme,and proves the scheme to satisfy the indistinguishability of ciphertext under adaptively chosen keyword attack.The simulation experiment results show that the proposed KI-CLPEKS scheme is practical.