Efficient Encrypted Keyword Search for Multi-user Data Sharing

  • Aggelos Kiayias
  • Ozgur OksuzEmail author
  • Alexander Russell
  • Qiang Tang
  • Bing Wang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9878)


In this paper, we provide a secure and efficient encrypted keyword search scheme for multi-user data sharing. Specifically, a data owner outsources a set of encrypted files to an untrusted server, shares it with a set of users, and a user is allowed to search keywords in a subset of files that he is authorized to access. In the proposed scheme, (a) each user has a constant size secret key, (b) each user generates a constant size trapdoor for a keyword without getting any help from any party (e.g., data owner), independent of the number of files that he is authorized to search, and (c) for the keyword ciphertexts of a file, the network bandwidth usage (from the data owner to the server) and storage overhead at the server do not depend on the number of users that are authorized to access the file. We show that our scheme has data privacy and trapdoor privacy. While several recent studies are on secure keyword search for data sharing, we show that they either suffer from scalability issues or lack user privacy.


Data sharing Keyword search Broadcast encryption 


  1. 1.
    Abdalla, M., Bellare, M., Catalano, D., Kiltz, E., Kohno, T., Lange, T., Malone-Lee, J., Neven, G., Paillier, P., Shi, H.: Searchable encryption revisited: consistency properties, relation to anonymous IBE, and extensions. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 205–222. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  2. 2.
    Attrapadung, N.: Unified Frameworks for Practical Broadcast Encryption and Public Key Encryption with High Functionalities. Ph.D. thesis, University of Tokyo (2007)Google Scholar
  3. 3.
    Attrapadung, N., Furukawa, J., Imai, H.: Forward-secure and searchable broadcast encryption with short ciphertexts and private keys. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 161–177. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  4. 4.
    Bao, F., Deng, R.H., Ding, X., Yang, Y.: Private query on encrypted data in multi-user settings. In: Chen, L., Mu, Y., Susilo, W. (eds.) ISPEC 2008. LNCS, vol. 4991, pp. 71–85. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  5. 5.
    Bellare, M., Boldyreva, A., O’Neill, A.: Deterministic and efficiently searchable encryption. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 535–552. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  6. 6.
    Boneh, D., Boyen, X., Goh, E.-J.: Hierarchical identity based encryption with constant size ciphertext. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 440–456. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  7. 7.
    Boneh, D., Boyen, X., Shacham, H.: Short group signatures. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 41–55. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  8. 8.
    Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  9. 9.
    Boneh, D., Gentry, C., Waters, B.: Collusion resistant broadcast encryption with short ciphertexts and private keys. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 258–275. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  10. 10.
    Boneh, D., Waters, B.: Conjunctive, subset, and range queries on encrypted data. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 535–554. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  11. 11.
    Boyen, X., Waters, B.: Anonymous hierarchical identity-based encryption (without random oracles). In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 290–307. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  12. 12.
    Cash, D., Jarecki, S., Jutla, C.S., Krawczyk, H., Roşu, M.-C., Steiner, M.: Highly-scalable searchable symmetric encryption with support for boolean queries. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 353–373. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  13. 13.
    Chang, Y.-C., Mitzenmacher, M.: Privacy preserving keyword searches on remote encrypted data. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 442–455. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  14. 14.
    Chu, C.-K., Chow, S.S.M., Tzeng, W.-G., Zhou, J., Deng, R.H.: Key-aggregate cryptosystem for scalable data sharing in cloud storage. IEEE Trans. Parallel Distrib. Syst. 25(2), 468–477 (2014)CrossRefGoogle Scholar
  15. 15.
    Cui, B., Liu, Z., Wang, L.: Key-aggregate searchable encryption (KASE) for group data sharing via cloud storage. IEEE Trans. Comput. 65(8), 2374–2385 (2016)MathSciNetCrossRefGoogle Scholar
  16. 16.
    Curtmola, R., Garay, J., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. In: CCS (2006)Google Scholar
  17. 17.
    Dong, C., Russello, G., Dulay, N.: Shared and searchable encrypted data for untrusted servers. In: Proceeedings of the 22nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security (2008)Google Scholar
  18. 18.
    Faber, S., Jarecki, S., Krawczyk, H., Nguyen, Q., Rosu, M., Steiner, M.: Rich queries on encrypted data: beyond exact matches. In: Pernul, G., Ryan, P.Y.A., Weippl, E. (eds.) ESORICS. LNCS, vol. 9327, pp. 123–145. Springer, Heidelberg (2015). doi: 10.1007/978-3-319-24177-7_7 CrossRefGoogle Scholar
  19. 19.
    Goh, E.-J.: Secure indexes. Cryptology eprint archive, report 2003/216 (2003)Google Scholar
  20. 20.
    Jarecki, S., Jutla, C.S., Krawczyk, H., Rosu, M., Steiner, M.: Outsourced symmetric private information retrieval. In: CCS (2013)Google Scholar
  21. 21.
    Kamara, S., Papamanthou, C., Roeder, T.: Dynamic searchable symmetric encryption. In: CCS (2012)Google Scholar
  22. 22.
    Kiayias, A., Oksuz, O., Tang, Q.: Distributed parameter generation for bilinear Diffie Hellman exponentiation and applications. In: López, J., Mitchell, C.J. (eds.) ISC 2015. LNCS, vol. 9290, pp. 548–567. Springer, Heidelberg (2015)CrossRefGoogle Scholar
  23. 23.
    Liang, K., Susilo, W.: Searchable attribute-based mechanism with efficient data sharing for secure cloud storage. IEEE Trans. Inform. Forensics Secur. 10, 1981–1992 (2015)CrossRefGoogle Scholar
  24. 24.
    Liu, Z., Li, J., Chen, X., Yang, J., Jia, C.: TMDS: thin-model data sharing scheme supporting keyword search in cloud storage. In: Susilo, W., Mu, Y. (eds.) ACISP 2014. LNCS, vol. 8544, pp. 115–130. Springer, Heidelberg (2014)Google Scholar
  25. 25.
    Popa, R.A., Zeldovich, N.: Multi Key Searchable Encryption (2013).
  26. 26.
    Shoup, V.: Lower bounds for discrete logarithms and related problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 256–266. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  27. 27.
    Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: IEEE Symposium on Security and Privacy (2000)Google Scholar
  28. 28.
    Tang, Q.: Nothing is for free: security in searching shared and encrypted data. IEEE Trans. Inform. Forensics Secur. 9, 1943–1952 (2014)CrossRefGoogle Scholar
  29. 29.
    Van Rompay, C., Molva, R., Önen, M.: Multi-user searchable encryption in the cloud. In: López, J., Mitchell, C.J. (eds.) ISC 2015. LNCS, vol. 9290, pp. 299–316. Springer, Heidelberg (2015)CrossRefGoogle Scholar
  30. 30.
    Zheng, Q., Xu, S., Ateniese, G.: VABKS: verifiable attribute-based keyword search over outsourced encrypted data. In: INFOCOM (2014)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Aggelos Kiayias
    • 1
  • Ozgur Oksuz
    • 2
    Email author
  • Alexander Russell
    • 2
  • Qiang Tang
    • 3
  • Bing Wang
    • 2
  1. 1.University of EdinburghEdinburghUK
  2. 2.University of ConnecticutStorrsUSA
  3. 3.Cornell University/NJITIthacaUSA

Personalised recommendations