Searchable Public-Key Encryption with Cryptographic Reverse Firewalls for Cloud Storage
Abstract : In order to protect data privacy in cloud storage, sensitive data is encrypted before being uploaded to a cloud server. How to retrieve ciphertext safely and effectively has become a problem. Public key encryption with keyword search (PEKS) realizes the retrieval of ciphertexts in clouds without disclosing secret information. However, most PEKS protocols can not resist an keyword guessing attack (KGA) launched by untrusted cloud servers. Meanwhile, these protocols are unable to detect vulnerabilities, resulting in information leakage. In this paper, we design a searchable public-key encryption with cryptographic reverse firewalls (SPKE-CRF), and use the JPBC library to implement the protocol. Security analysis shows that the SPKE-CRF protocol can resist a chosen keyword attack (CKA), a KGA, and an algorithm substitution attack (ASA) without secure channels. Performance analysis shows that the SPKE-CRF protocol has a significant communication and computational cost advantage while being resistant to the KGA and ASA from malicious insider attackers in cloud environments. Therefore, our SPKE-CRF protocol is secure and efficient for cloud storage.
? Quantum cryptography cannot be broken mainly because it seems impossible to assess the quantum states in any existing system.
? Therefore, quantum cryptography is then invented by the experts.
? More specially, quantum cryptography is a technique to exploit the properties of quantum for designing unbreakable ciphers.
? There is no doubt that quantum cryptography is completely different with the classical cryptography and the modern cryptography, whose security is based on physics instead of mathematics.
? It offers a secure and efficient method for users to search encrypted messages from the online third parties by a specific keyword.
? We study the problem of searching on data that is encrypted using a public key system.
? Constructing a secure PEKS appears to be a harder problem than constructing an IBE. Indeed, the following lemma shows that PEKS implies Identity Based Encryption.
? The problem is that the ciphertext CT could expose the public key (W) used to create CT.
? It appears that constructing a searchable public-key encryption is a harder problem than constructing an IBE scheme.
? We showed that PEKS implies Identity Based Encryption, but the converse is currently an open problem.
• The proposed schemes are proved to be semantic secure under Random Oracle Models which means the adversary cannot break any one bit of ciphertext.
• More specially, the proposed MPEKS scheme contains the properties of Ciphertext Indistinguish ability and Trapdoor Indistinguish ability and is proved to be semantic secure under Random Oracle Models so that it is able to resist OKGA.
• The proposed scheme applies artificial intelligence (Mamdani Fuzzy Inference System in Fuzzy Logic) technique to solve Fuzzy Keyword Search problem.
• The proposed system addresses both Single and Multiple Keyword(s) Search issues and resists OKGA.
? The performance and energy consumption of the implementation of the proposed ABE and its hybrid version are evaluated with a workstation, a PC, a smart phone, and an embedded device.
? The size of the access structure produces an impact on the performance of the ABE encryption and decryption algorithms.
? It may be inefficient when the length of the plaintext or the size of the access structure is large.
? The main feature of identity-based cryptosystems is that they do not need certificates for public keys.
? The identity string of a user, such as the email address or phone number, can be used as the user’s public key.
|