关键词: 云计算, 可搜索加密, 多用户, 可证明安全, 双线性映射

Abstract: Searchable encryption (SE) allows a client to store a collection of encrypted documents on a server and later quickly carry out keyword searches on these encrypted documents, while revealing minimal information to the server. Searchable encryption is an active area of research and a number of schemes with different efficiency and security characteristics have been proposed in the literature. In terms of the multi-user setting, most existing schemes involve a fully-trusted third-party to assign permission among users. In this paper, based on bilinear pairing, we propose a multi-user searchable encryption scheme without the trusted third-party. Specifically, we allow users to discretionarily authorize the documents which other users can access, by maintaining rights assignment matrix to the cloud service provider(CSP) which is honest but curious. Moreover in our scheme, in the searching phase the user can search the documents he wants meanwhile has access to, and accordingly reduce the search scopes of the cloud server. In addition, based on bilinear pairing, we solve the problem of symmetric key distribution, which is neglected in most existing schemes. Actually it implies security risks if the symmetric key is shared among the users. Lastly, we provide formal security proof of our scheme in random oracle model.

Key words: cloud computing, searchable encryption (SE), multi-user, provable security, bilinear maps