Lattice-Based Forward Secure Multi-User Authenticated Searchable Encryption for Cloud Storage Systems

IF 3.8 2区计算机科学 Q2 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE IEEE Transactions on Computers Pub Date : 2025-02-11 DOI:10.1109/TC.2025.3540649

Shiyuan Xu;Xue Chen;Yu Guo;Yuer Yang;Shengling Wang;Siu-Ming Yiu;Xiuzhen Cheng

{"title":"Lattice-Based Forward Secure Multi-User Authenticated Searchable Encryption for Cloud Storage Systems","authors":"Shiyuan Xu;Xue Chen;Yu Guo;Yuer Yang;Shengling Wang;Siu-Ming Yiu;Xiuzhen Cheng","doi":"10.1109/TC.2025.3540649","DOIUrl":null,"url":null,"abstract":"Public key authenticated encryption with keyword search (PAEKS) has been widely studied in cloud storage systems, which allows the cloud server to search encrypted data while safeguarding against insider keyword guessing attacks (IKGAs). Most PAEKS schemes are based on the discrete logarithm (DL) hardness. However, this assumption becomes insecure when it comes to quantum attacks. To address this concern, there have been studies on post-quantum PAEKS based on lattice. But to our best knowledge, current lattice-based PAEKS exhibit limited applicability and security, such as only supporting single user scenarios, or encountering secret key leakage problem. In this paper, we propose FS-MUAEKS, the forward-secure multi-user authenticated searchable encryption, mitigating the secret key exposure problem and further supporting multi-user scenarios in a quantum setting. Additionally, we formalize the security models of FS-MUAEKS and prove its security in the random oracle model (ROM). Ultimately, the comprehensive performance evaluation indicates that our scheme is computationally efficient and surpasses other state-of-the-art PAEKS schemes. The ciphertext generation overhead of our scheme is only 0.27 times of others in the best case. The communication overhead of our FS-MUAEKS algorithm is constant at 1.75MB under different security parameter settings.","PeriodicalId":13087,"journal":{"name":"IEEE Transactions on Computers","volume":"74 5","pages":"1663-1677"},"PeriodicalIF":3.8000,"publicationDate":"2025-02-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Computers","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10880094/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

Public key authenticated encryption with keyword search (PAEKS) has been widely studied in cloud storage systems, which allows the cloud server to search encrypted data while safeguarding against insider keyword guessing attacks (IKGAs). Most PAEKS schemes are based on the discrete logarithm (DL) hardness. However, this assumption becomes insecure when it comes to quantum attacks. To address this concern, there have been studies on post-quantum PAEKS based on lattice. But to our best knowledge, current lattice-based PAEKS exhibit limited applicability and security, such as only supporting single user scenarios, or encountering secret key leakage problem. In this paper, we propose FS-MUAEKS, the forward-secure multi-user authenticated searchable encryption, mitigating the secret key exposure problem and further supporting multi-user scenarios in a quantum setting. Additionally, we formalize the security models of FS-MUAEKS and prove its security in the random oracle model (ROM). Ultimately, the comprehensive performance evaluation indicates that our scheme is computationally efficient and surpasses other state-of-the-art PAEKS schemes. The ciphertext generation overhead of our scheme is only 0.27 times of others in the best case. The communication overhead of our FS-MUAEKS algorithm is constant at 1.75MB under different security parameter settings.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

基于格的云存储系统前向安全多用户认证可搜索加密

基于关键字搜索的公钥认证加密（PAEKS）在云存储系统中得到了广泛的研究，它允许云服务器在搜索加密数据的同时防范内部关键字猜测攻击（IKGAs）。大多数PAEKS方案是基于离散对数（DL）硬度的。然而，当涉及到量子攻击时，这种假设变得不安全。为了解决这个问题，已经有了基于晶格的后量子PAEKS的研究。但据我们所知，目前基于格子的paek表现出有限的适用性和安全性，例如仅支持单用户场景，或者遇到密钥泄露问题。在本文中，我们提出了FS-MUAEKS，一种前向安全的多用户认证可搜索加密，减轻了密钥暴露问题，并进一步支持量子环境下的多用户场景。此外，我们还形式化了FS-MUAEKS的安全模型，并在随机oracle模型（ROM）中证明了其安全性。最后，综合性能评估表明，我们的方案计算效率高，优于其他最先进的PAEKS方案。在最佳情况下，我们方案的密文生成开销仅为其他方案的0.27倍。在不同的安全参数设置下，FS-MUAEKS算法的通信开销恒定在1.75MB。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

IEEE Transactions on Computers 工程技术-工程：电子与电气

CiteScore

6.60

自引率

5.40%

发文量

199

审稿时长

6.0 months

期刊介绍： The IEEE Transactions on Computers is a monthly publication with a wide distribution to researchers, developers, technical managers, and educators in the computer field. It publishes papers on research in areas of current interest to the readers. These areas include, but are not limited to, the following: a) computer organizations and architectures; b) operating systems, software systems, and communication protocols; c) real-time systems and embedded systems; d) digital devices, computer components, and interconnection networks; e) specification, design, prototyping, and testing methods and tools; f) performance, fault tolerance, reliability, security, and testability; g) case studies and experimental and theoretical evaluations; and h) new and important applications and trends.