Server-aided searchable encryption in multi-user setting

摘要

Searchable encryption schemes allow users to search encrypted data containing some keyword without decrypting the data. It protects the data privacy of data owners, meanwhile facilitates efficient data access in secure cloud storage service. Most of the existing schemes only considered the single-user setting, in which a user uploads his encrypted data and later performs searches on it. However, the majority of databases in practice do not only serve one user; instead, they support write operations by multiple data owners and search operations by some authorized users. There exists the following issues in existing multi-user searchable encryption schemes. First, some schemes allow only one data owner to write to the encrypted database; second, a number of schemes may require the data owner to interact with the authorized users to distribute secret keys; third, some other schemes cannot efficiently support the search authorization revocation on users, and do not achieve the trapdoor unlinkability. In this paper, we address these issues by proposing a server-aided searchable encryption scheme in multi-user setting. In our scheme, the data owners only need to know the public key of an administration server to generate the searchable ciphertext, regardless of the number of authorized users. Furthermore, our scheme is shown to be semantically secure against outside keyword guessing attacks. Finally, the performance analyses and comparisons with some existing schemes demonstrate that our scheme achieves better performance.