Authors: Yang Lu; Qi Zeng
Addresses: School of Computer Science and Technology, Nanjing Normal University, No.1 Wenyuan Road Qixia District, Nanjing, 210023, China ' College of Computer and Information Engineering, Hohai University, No.8, Focheng Xi Road, Jiangning District, Nanjing 211100, China
Abstract: Public key encryption with keyword search (PEKS) is a useful cryptographic primitive which allows one to delegate to an untrusted storage server the capability of searching on publicly encrypted data without impacting the security and privacy of original data. However, due to lack of data encryption/decryption function, a PEKS scheme cannot be used alone but has to be coupled with a standard public key encryption (PKE) scheme. For this reason, a new cryptographic primitive called integrated PKE and PEKS (PKE/PEKS) was introduced by Baek et al. in 2006, which provides the functions of both PKE and PEKS. So far, several PKE/PEKS schemes have been proposed in the literature. However, none of them considers the keyword guessing attack. The first PKE/PEKS scheme proposed by Baek et al. was shown to be insecure under this attack. In this paper, we analyse the security of other PKE/PEKS schemes. We demonstrate that none of these schemes can resist the keyword guessing attack. The presented attacks show that a malicious storage server can successfully guess the keyword encoded in any keyword trapdoor produced by these schemes. Therefore, it is still an unsolved problem to devise a PKE/PEKS scheme withstanding the keyword guessing attack.
Keywords: public key encryption; keyword search; PKE/PEKS; keyword guessing attack.
International Journal of Embedded Systems, 2019 Vol.11 No.5, pp.634 - 642
Received: 25 Sep 2018
Accepted: 10 Jan 2019
Published online: 24 Sep 2019 *