Verifiable Public-Key Encryption with Keyword Search Secure against Continual Memory Attacks

  • Chengyu HuEmail author
  • Zhen Li
  • Pengtao Liu
  • Rupeng Yang
  • Shanqing Guo
  • Hailong Zhang


Public-key encryption with keyword search (PEKS) enables users to search on encrypted data which is applicable to scenario of sharing data in the cloud storage. The existing PEKS schemes fail to verify the returned result from the tester, i.e. they cannot guarantee the correctness and completeness of the result. In this paper, we resolve this problem by constructing a verifiable PEKS scheme which can efficiently verify the completeness of the result and thus the correctness. We also consider the security of verifiable PEKS scheme against a kind of side-channel attacks called the continual memory attacks which allow the adversary to obtain some leakage information of the secret key used in the search trapdoor generation algorithm and can help it break the security of the scheme. We extend our scheme to an enhanced one which remains secure even when the adversary can obtain unbounded total leakage information during the whole lifetime. Moreover, to make it resist keyword guessing attacks, we extend our scheme to one with a designated tester.


Leakage resilience Verifiable PEKS Continual memory attacks Keyword guessing attacks 



This project is supported in part by National Natural Science Foundation of China (No.61602275, 61632020, 61602468, 61772311), Shandong Province Higher Educational Science and Technology Program (No.J15LN01), the Open Project of Co-Innovation Center for Information Supply & Assurance Technology, Anhui University(No.ADXXBZ201702).


  1. 1.
    Abdalla M, Bellare M, Catalano D, Kiltz E, Kohno T, Lange T, Malone-Lee J, Neven G, Paillier P, Shi H (2005) Searchable encryption revisited: consistency properties, relation to anonymous ibe, and extensions. In: Advances in cryptology-crypto 2005, pp 205–222Google Scholar
  2. 2.
    Akavia A, Goldwasser S, Vaikuntanathan V (2009) Simultaneous hardcore bits and cryptography against memory attacks. In: TCC 2009, pp 474–495Google Scholar
  3. 3.
    Ateniese G, Fu K, Green M, Hohenberger S (2006) Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans Inf Syst Secur 9(1):1–30CrossRefzbMATHGoogle Scholar
  4. 4.
    Ateniese G, Burns R, Curtmola R, Herring J, Kissner L, Peterson Z, Song D (2007) Provable data possession at untrusted stores. In: CCS 2007. ACM, pp 598–609Google Scholar
  5. 5.
    Baek J, Safiavi-Naini R, Susilo W (2008) Public key encryption with keyword search revisited. In: ICCSA 2008, pp 1249–1259Google Scholar
  6. 6.
    Ballard L, Kamara S, Monrose F (2005) Achieving efficient conjunctive keyword searches over encrypted data. In: ICICS 2005, pp 414–426Google Scholar
  7. 7.
    Bertino E, Paci F, Ferrini R, Shang N (2009) Privacy-preserving digital identity management for cloud computing. In: IEEE Data engineering bulletin, vol 32, pp 21–27Google Scholar
  8. 8.
    Biham E, Shamir A (1997) Differential fault analysis of secret key cryptosystems. In: Advances in Cryptology-CRYPTO 1997. Springer, pp 513–525Google Scholar
  9. 9.
    Biham E, Carmeli Y, Shamir A (2008) Bug attacks. In: Advances in cryptology-CRYPTO 2008. Springer, pp 221–240Google Scholar
  10. 10.
    Boneh D, Waters B (2007) Conjunctive, subset and range queries on encrypted data. In: TCC 2007, pp 535–554Google Scholar
  11. 11.
    Boneh D, Di Crescenzo G, Ostrovsky R, Persiano G (2004) Public key encryption with keyword search. In: Advances in cryptology-eurocrypt 2004, pp 506–522Google Scholar
  12. 12.
    Brakerski Z, Kalai Y, Katz J, Vaikuntanathan V (2010) Overcoming the hole in the bucket: public-key cryptography resilient to continual memory leakage. In: FOCS 2010, pp 501–510Google Scholar
  13. 13.
    Byun J, Rhee H, Park H, Lee D (2006) Off-line keyword guessing attacks on recent keyword search schemes over encrypted data. In: SDM 2006, pp 75–83Google Scholar
  14. 14.
    Chen X, Huang X, Li J, Ma J, Wong D, Lou W (2015) New algorithms for secure outsourcing of large-scale systems of linear equations. IEEE Trans Inf Forens Secur 10(1):69–78CrossRefGoogle Scholar
  15. 15.
    Chen X, Li J, Ma J, Weng J, Lou W (2016) Verifiable computation over large database with incremental updates. IEEE Trans Comput 65(10):3184–3195MathSciNetCrossRefzbMATHGoogle Scholar
  16. 16.
    Chen Y (2015) Speks: secure server-designation public key encryption with keyword search against keyword guessing attacks. Comput J 58(4):922–933CrossRefGoogle Scholar
  17. 17.
    Chen Y, Zhang Z, Lin D, Cao Z (2012) Anonymous identity-based hash proof system and its applications. In: ProvSec 2012, pp 143–160Google Scholar
  18. 18.
    Dachman-Soled D, Dov Gordon S, Liu F, O’Neill A, Zhou H (2016) Leakage-resilient public-key encryption from obfuscation. In: PKC 2016, pp 101–128Google Scholar
  19. 19.
    Dodis Y, Kalai Y, Lovett S (2009) On cryptography with auxiliary input. In: STOC 2009, pp 621–630Google Scholar
  20. 20.
    Dziembowski S, Pietrzak K (2008) Leakage-resilient cryptography. In: FOCS 2008, pp 293–302Google Scholar
  21. 21.
    Fortis T, Munteanu V, Negru V (2015) A taxonomic view of cloud computing services. Int J Comput Sci Eng 11(1):17–28Google Scholar
  22. 22.
    Gandolfi K, Mourtel C, Olivier F (2001) Electromagnetic analysis: concrete results. In: CHES 2001, pp 251–261Google Scholar
  23. 23.
    Gao C, Cheng Q, He P, Susilo W, Li J (2018) Privacy-preserving naive bayes classifiers secure against the substitution-then-comparison attack. Inform Sci 444:72–88MathSciNetCrossRefGoogle Scholar
  24. 24.
    Gentry C (2009) Fully homomorphic encryption using ideal lattices. In: STOC 2009. ACM, pp 169–178Google Scholar
  25. 25.
    Goh EJ (2003) Secure indexes cryptology. ArXiv:2003:216
  26. 26.
    Golle P, Staddon J, Waters B (2004) Secure conjunctive keyword search over encrypted data. In: ACNS 2004, pp 31–45Google Scholar
  27. 27.
    Halderman J, Schoen S, Nadia H, Clarkson W, Paul W, Calandrino J, Feldman A, Appelbaum J, Felten E (2008) Lest we remember: cold-boot attacks on encryption keys. In: USENIX security symposium 2008, pp 45–60Google Scholar
  28. 28.
    Hu C, Yang R, Liu P, Yu Z, Y Z X u Q (2016) Public-key encryption with keyword search secure against continual memory attacks. Secur Commun Netw 9(11):1613–1629CrossRefGoogle Scholar
  29. 29.
    Joshi J, Bhatti R, Bertino E, Ghafoor A (2004) Access control language for multidomain environments. IEEE Internet Comput 8(6):40–50CrossRefGoogle Scholar
  30. 30.
    Kocher P (1996) Timing attacks on implementations of diffie-hellman, rsa, dss, and other systems. In: Advances in Cryptology-CRYPTO 1996. Springer, pp 104–113Google Scholar
  31. 31.
    Kocher P, Jaffe J, Jun B (1999) Differential power analysis. In: Advances in Cryptology-CRYPTO 1999. Springer, pp 388– 397Google Scholar
  32. 32.
    Lai J, Zhou X, Deng RH, Li Y, Chen K (2013) Expressive search on encrypted data. In: AisaCCS 2013, pp 243–252Google Scholar
  33. 33.
    Li H, Liu D, Dai Y, Luan T, Shen X (2015a) Enabling efficient multi-keyword ranked search over encrypted mobile cloud data through blind storage. IEEE Transa Emerg Topics Comput 3(1):127–138CrossRefGoogle Scholar
  34. 34.
    Li H, Yang Y, Dai Y, Yu S, Xiang Y (2017) Achieving secure and efficient dynamic searchable symmetric encryption over medical cloud data. IEEE Transactions on Cloud Computing.
  35. 35.
    Li H, Liu D, Dai Y, Luan T, Yu S (2018a) Personalized search over encrypted data with efficient and secure updates in mobile clouds. IEEE Trans Emerg Topics Comput 6(1):97–109CrossRefGoogle Scholar
  36. 36.
    Li J, Chen X, Xhafa F, Barolli L (2015b) Secure deduplication storage systems supporting keyword search. J Comput Syst Sci 81(8):1532–1541MathSciNetCrossRefzbMATHGoogle Scholar
  37. 37.
    Li J, Liu Z, Chen X, Tan X, Wong D (2015c) L-encdb: a lightweight framework for privacy-preserving data queries in cloud computing. Knowl-Based Syst 79:18–26CrossRefGoogle Scholar
  38. 38.
    Li J, Li J, Xie D, Cai Z (2016) Secure auditing and deduplicating data in cloud. IEEE Trans Comput 65(8):2386–2396MathSciNetCrossRefzbMATHGoogle Scholar
  39. 39.
    Li J, Chen X, Chow S, Huang Q, Wong D, Liu Z (2018b) Multi-authority fine-grained access control with accountability and its application in cloud. J Netw Comput Appl 112:89–96CrossRefGoogle Scholar
  40. 40.
    Li S, Cui J, Zhong H, He Q (2017b) Lepa: a lightweight and efficient public auditing scheme for cloud-assisted wireless body sensor networks. Secur Commun Netw 2017(11):1–16CrossRefGoogle Scholar
  41. 41.
    Rhee H, Park J, Susilo W, Lee D (2010) Trapdoor security in a searchable public-key encryption scheme with a designated tester. J Syst Softw 83(5):763–771CrossRefGoogle Scholar
  42. 42.
    Shamir A (1984) Identity based cryptosystems and signature schemes. In: Advances in Cryptology-CRYPTO 1984. Springer, pp 47–53Google Scholar
  43. 43.
    Shen J, Gui Z, Ji S, Shen J, Tan H, Tang Y (2018) Cloud-aided lightweight certificateless authentication protocol with anonymity for wireless body area networks. J Netw Comput Appl 106:117–123CrossRefGoogle Scholar
  44. 44.
    Song D, Wagner D, Perrig A (2000) Practical techniques for searching on encrypted data. In: Security & Privacy 2000, pp 44–55Google Scholar
  45. 45.
    Xu Y, Wang M, Zhong H, Cui J, Liu L, Franqueira V (2017) Verifiable public key encryption scheme with equality test in 5g networks. IEEE Access 5:12,702–12,713CrossRefGoogle Scholar
  46. 46.
    Yu J, Ren K, Wang C, Varadharajan V (2015) Enabling cloud storage auditing with key-exposure resistance. IEEE Trans Inf Forens Secur 10(6):1167–1179CrossRefGoogle Scholar
  47. 47.
    Zheng Q, Xu S, Ateniese G (2014) Vabks: verifiable attributebased keyword search over outsourced encrypted data. In: Infocom 2014, pp 522–530Google Scholar
  48. 48.
    Zhong H, Cui J, Shi R, Xia C (2016) Many-to-one homomorphic encryption scheme. Secur Commun Netw 9(10):1007–1015CrossRefGoogle Scholar
  49. 49.
    Zhong H, Zhu W, Xu Y, Cui J (2018) Multi-authority attribute-based encryption access control scheme with policy hidden for cloud storage. Soft Comput 22:243–251CrossRefzbMATHGoogle Scholar
  50. 50.
    Zhu B, Zhu B, Ren K (2011) Peksrand: providing predicate privacy in public-key encryption with keyword search. In: ICC 2011, pp 1–6Google Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  • Chengyu Hu
    • 1
    • 2
    Email author
  • Zhen Li
    • 3
  • Pengtao Liu
    • 4
  • Rupeng Yang
    • 5
  • Shanqing Guo
    • 1
  • Hailong Zhang
    • 6
  1. 1.School of Software EngineeringShandong UniversityJinanChina
  2. 2.School of Computer Science and TechnologyAnhui UniversityHefeiChina
  3. 3.School of Computer Science and TechnologyShandong University of Finance and EconomicsJinanChina
  4. 4.School of InformationShandong University of Political Science and LawJinanChina
  5. 5.School of Computer Science and TechnologyShandong UniversityJinanChina
  6. 6.State Key Laboratory of Information Security, Institute of Information EngineeringChinese Academy of SciencesBeijingChina

Personalised recommendations