On the Security of a Certificateless Public Key Encryption with Keyword Search

  • Tsu-Yang WuEmail author
  • Chao Meng
  • Chien-Ming Chen
  • King-Hang Wang
  • Jeng-Shyang Pan
Conference paper
Part of the Smart Innovation, Systems and Technologies book series (SIST, volume 81)


Public key encryption with keyword search (PEKS) is one of searchable encryption mechanisms. It not only provides user to retrieve ciphertext by keyword but also protects the confidentiality of keyword. In the past, many PEKS schemes based on different cryptosystems were proposed. Recently. Zheng et al. proposed a certificateless based PEKS scheme called CLKS. In this paper, we show that Zheng et al.’s CLKS scheme has some security flaw, i.e. their scheme suffered from an off-line keyword guessing attack.


Public key encryption with keyword search Certificateless Off-line keyword guessing attack Cryptanalysis 



The authors would thank anonymous referees for a valuable comments and suggestions. The work of Chien-Ming Chen was supported in part by the Project NSFC (National Natural Science Foundation of China) under Grant number 61402135 and in part by Shenzhen Technical Project under Grant number JCYJ20150513151706574.


  1. 1.
    Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 452–473. Springer (2003)Google Scholar
  2. 2.
    Baek, J., Safavi-Naini, R., Susilo, W.: Public key encryption with keyword search revisited. In: Computational science and its applications-ICCSA 2008, pp. 1249–1259 (2008)Google Scholar
  3. 3.
    Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: International Conference on the Theory and Applications of Cryptographic Techniques, pp. 506–522. Springer (2004)Google Scholar
  4. 4.
    Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Annual International Cryptology Conference, pp. 213–229. Springer (2001)Google Scholar
  5. 5.
    Boneh, D., Waters, B.: Conjunctive, subset, and range queries on encrypted data. In: Theory of Cryptography Conference, pp. 535–554. Springer (2007)Google Scholar
  6. 6.
    Buccafurri, F., Lax, G., Sahu, R.A., Saraswat, V.: Practical and secure integrated PKE+PEKS with keyword privacy. In: 2015 12th International Joint Conference on e-Business and Telecommunications (ICETE), vol. 4, pp. 448–453. IEEE (2015)Google Scholar
  7. 7.
    Buyrukbilen, S., Bakiras, S.: Privacy-preserving ranked search on public-key encrypted data. In: 2013 IEEE International Conference on Embedded and Ubiquitous Computing (HPCC_EUC), 2013 IEEE 10th International Conference on High Performance Computing and Communications, pp. 165–174. IEEE (2013)Google Scholar
  8. 8.
    Byun, J.W., Rhee, H.S., Park, H.A., Lee, D.H.: Off-line keyword guessing attacks on recent keyword search schemes over encrypted data. In: Workshop on Secure Data Management, pp. 75–83. Springer (2006)Google Scholar
  9. 9.
    Chen, L., Cheng, Z., Smart, N.P.: Identity-based key agreement protocols from pairings. Int. J. Inf. Secur. 6(4), 213–241 (2007)CrossRefGoogle Scholar
  10. 10.
    Cheng, L., Jin, Z., Wen, O., Zhang, H.: A novel privacy preserving keyword searching for cloud storage. In: 2013 Eleventh Annual International Conference on Privacy, Security and Trust (PST), pp. 77–81. IEEE (2013)Google Scholar
  11. 11.
    Cheng, Z., Chen, L., Ling, L., Comley, R.: General and efficient certificateless public key encryption constructions. In: International Conference on Pairing-Based Cryptography, pp. 83–107. Springer (2007)Google Scholar
  12. 12.
    Dent, A.W., Libert, B., Paterson, K.G.: Certificateless encryption schemes strongly secure in the standard model. In: International Workshop on Public Key Cryptography, pp. 344–359. Springer (2008)Google Scholar
  13. 13.
    He, T., Ma, W.: An effective fuzzy keyword search scheme in cloud computing. In: 2013 5th International Conference on Intelligent Networking and Collaborative Systems (INCoS), pp. 786–789. IEEE (2013)Google Scholar
  14. 14.
    Hu, C., Liu, P.: An enhanced searchable public key encryption scheme with a designated tester and its extensions. J. Comput. 7(3), 716–723 (2012)CrossRefGoogle Scholar
  15. 15.
    Hu, C., Liu, P.: Public key encryption with ranked multi-keyword search. In: 2013 5th International Conference on Intelligent Networking and Collaborative Systems (INCoS), pp. 109–113. IEEE (2013)Google Scholar
  16. 16.
    Huang, X., Susilo, W., Mu, Y., Zhang, F.: On the security of certificateless signature schemes from asiacrypt 2003. In: International Conference on Cryptology and Network Security, pp. 13–25. Springer (2005)Google Scholar
  17. 17.
    Hwang, Y.H., Lee, P.J.: Public key encryption with conjunctive keyword search and its extension to a multi-user system. In: International Conference on Pairing-Based Cryptography, pp. 2–22. Springer (2007)Google Scholar
  18. 18.
    Li, X., Chen, K., Sun, L.: Certificateless signature and proxy signature schemes from bilinear pairings. Lith. Math. J. 45(1), 76–83 (2005)MathSciNetCrossRefzbMATHGoogle Scholar
  19. 19.
    Li, Z., Zhao, M., Jiang, H., Xu, Q.: Multi-user searchable encryption with a designated server. Ann. Telecommun. (2017). doi: 10.1007/s12243-017-0571-x
  20. 20.
    Liang, K., Su, C., Chen, J., Liu, J.K.: Efficient multi-function data sharing and searching mechanism for cloud-based encrypted data. In: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, pp. 83–94. ACM (2016)Google Scholar
  21. 21.
    Lippold, G., Boyd, C., Nieto, J.G.: Strongly secure certificateless key agreement. In: International Conference on Pairing-Based Cryptography, pp. 206–230. Springer (2009)Google Scholar
  22. 22.
    Park, D.J., Kim, K., Lee, P.J.: Public key encryption with conjunctive field keyword search. In: International Workshop on Information Security Applications, pp. 73–86. Springer (2004)Google Scholar
  23. 23.
    Peng, Y., Cui, J., Peng, C., Ying, Z.: Certificateless public key encryption with keyword search. China Commun. 11(11), 100–113 (2014)CrossRefGoogle Scholar
  24. 24.
    Rane, D.D., Ghorpade, V.: Multi-user multi-keyword privacy preserving ranked based search over encrypted cloud data. In: 2015 International Conference on Pervasive Computing (ICPC), pp. 1–4. IEEE (2015)Google Scholar
  25. 25.
    Rhee, H.S., Park, J.H., Susilo, W., Lee, D.H.: Trapdoor security in a searchable public-key encryption scheme with a designated tester. J. Syst. Softw. 83(5), 763–771 (2010)CrossRefGoogle Scholar
  26. 26.
    Rhee, H.S., Susilo, W., Kim, H.J.: Secure searchable public key encryption scheme against keyword guessing attacks. IEICE Electron. Express 6(5), 237–243 (2009)CrossRefGoogle Scholar
  27. 27.
    Wang, B., Chen, T., Jeng, F.: Security improvement against malicious server’s attackfor a dPEKS scheme. Int. J. Inf. Educ. Technol. 1(4), 350 (2011)Google Scholar
  28. 28.
    Wu, T.Y., Meng, F., Chen, C.M., Liu, S., Pan, J.S.: On the security of a certificateless searchable public key encryption scheme. In: International Conference on Genetic and Evolutionary Computing, pp. 113–119. Springer (2016)Google Scholar
  29. 29.
    Wu, T.Y., Tsai, T.T., Tseng, Y.M.: A revocable id-based signcryption scheme. J. Inf. Hiding Multimed. Signal Process. 3(3), 240–251 (2012)Google Scholar
  30. 30.
    Wu, T.Y., Tsai, T.T., Tseng, Y.M.: Efficient searchable id-based encryption with a designated server. Ann. Telecommun. annales des télécommunications 69(7–8), 391–402 (2014)Google Scholar
  31. 31.
    Wu, T.Y., Tseng, Y.M.: An id-based mutual authentication and key exchange protocol for low-power mobile devices. Comput. J. 53(7), 1062–1070 (2010)CrossRefGoogle Scholar
  32. 32.
    Xu, P., Jin, H., Wu, Q., Wang, W.: Public-key encryption with fuzzy keyword search: A provably secure scheme under keyword guessing attack. IEEE Trans. Comput. 62(11), 2266–2277 (2013)MathSciNetCrossRefzbMATHGoogle Scholar
  33. 33.
    Xu, Y., Zhong, H., Cui, J.: An improved identity-based multi-proxy multi-signature scheme. J. Inf. Hiding Multimed. Signal Process. 7(2), 343–351 (2016)Google Scholar
  34. 34.
    Yau, W.C., Phan, R.C.W., Heng, S.H., Goi, B.M.: Keyword guessing attacks on secure searchable public key encryption schemes with a designated tester. Int. J. Comput. Math. 90(12), 2581–2587 (2013)CrossRefzbMATHGoogle Scholar
  35. 35.
    Yin, S.L., Li, H., Liu, J.: A new provable secure certificateless aggregate signcryption scheme. J. Inf. Hiding Multimed. Signal Process. 7(6), 1274–1281 (2016)Google Scholar
  36. 36.
    Zheng, Q., Li, X., Azgin, A.: CLKS: Certificateless keyword search on encrypted data. In: International Conference on Network and System Security, pp. 239–253. Springer (2015)Google Scholar

Copyright information

© Springer International Publishing AG 2018

Authors and Affiliations

  • Tsu-Yang Wu
    • 1
    • 2
    Email author
  • Chao Meng
    • 3
  • Chien-Ming Chen
    • 3
  • King-Hang Wang
    • 4
  • Jeng-Shyang Pan
    • 1
    • 2
  1. 1.Fujian Provincial Key Lab of Big Data Mining and ApllicationsFujian University of TechnologyFuzhouChina
  2. 2.National Demonstration Center for Experimental Electronic Information and Electrical Technology EducationFujian University of TechnologyFuzhouChina
  3. 3.Harbin Institute of Technology Shenzhen Graduate SchoolShenzhenChina
  4. 4.Department of Computer Science and EngineeringThe Hong Kong University of Science and TechnologyClear Water Bay, KowloonHong Kong

Personalised recommendations