PKE-MET Public-Key Encryption with Multi-Ciphertext Equality Test in Cloud Computing
Abstract : Cloud computing enables users to remove the necessity of the need of local hardware architecture, which removes the burden of the users from high computation costs. Therefore, it has attracted much attention and research has been conducted heavily on it. To protect users’ privacy, data is usually encrypted prior to being sent to the cloud server. As the resulting system is un usable, since the cloud can no longer search throughout the data, new cryptographic primitive such as public-key encryption with equality test (PKEET) has been introduced. In PKEET, users can test whether the underlying messages of two cipher texts encrypted under different public keys are equal or not without the need to decrypt those cipher texts. This is a very useful tool, especially for the cloud database, since PKEET mainly focuses on the equality test between two cipher texts. However, in practice, the cloud server may need to verify the equivalence among more than two cipher texts. This leads to disclosing unnecessary information of users and redundant computation cost will also occur when using traditional PKEET schemes. How to make this more efficient and practical remains an interesting research problem. In this paper, to solve the aforementioned problems by providing a novel concept of public-key encryption with multi cipher text equality test (PKE-MET). In PKE-MET, each cipher text can designate a numbers such that the cloud server can only perform equality test on this cipher text with others-1ciphertexts, where all their designated numbers are For PKE-MET, besides traditional OW-CPA and IND-CPA security, we specially define Number security. We instantiate PKE-MET to a concrete scheme and give its security proof. Furthermore, to enable the primitive to be more practical in applications, we extend it to the concept of PKE with flexible MET (PKE-FMET). In PKE-FMET, the cloud server can perform equality test on any number of cipher texts as long as the maximum number of their designated numbers is less than or equal to the number of cipher texts. We construct a PKE-FMET scheme based on our PKE-MET construction and prove its security under the defined security models. Besides, the performance analysis mainly of efficiency and security between our constructions and existing equality test schemes in cloud computing show that our proposed schemes are more efficient and secure in the multi cipher text scenario.
Cloud computing provides a broad range of services like operating systems, hardware, software and resources. Availability of these services encourages data owners to outsource their intensive computations and massive data to the cloud. However, considering the entrusted nature of cloud server, it is essential to encrypt the data before outsourcing it to the cloud. Unfortunately, this leads to a challenge when it comes to providing search functionality for encrypted data located in the cloud.
? In PKE-ET scheme the equality test can not only be performed on the cipher texts which are encrypted under the same public key but also under different public keys.
? PKE-ET is founded on public key infrastructure (PKI) system; certificate management becomes an issue since the systems overhead drastically increase.
This paper presents a public key encryption with equality test for heterogeneous systems (PKE-ET-HS). The PKE-ET-HS scheme simulates certificate less public encryption with equality test (CLE-ET) with the identity-based encryption with equality test (IBE-ET). This scheme provides the authorized cloud server the right to actuate the equivalence of two messages having their encryptions performed under heterogeneous systems. Basing on the random oracle model, we construct the security of our proposed scheme under the bilinear Diffie-Hellman (BDH) assumption. Eventually, we evaluate the size of storage, computation complexities, and properties with other related works and illustrations indicate good performance from our scheme.
This scheme was known as identity-based encryption with keyword search (IBE-KS) and supported cipher texts that were encrypted under the same identity.
The advantage in this scheme is that, it is quite flexible since an authorized cloud server has the search functionality hence can search messages to ascertain whether two cipher texts encrypted with same or different public keys are equivalent.
|