Abstract:
The concept of proxy re-encryption with keyword search (PRES) was introduced by Shao et al. in 2010 and a bidirectional PRES scheme in the random oracle model was constructed. They addressed an open problem on how to design an efficient PRES scheme in the standard model. In this paper, we give the definition and security model of PRES with a designated tester (dPRES) and present an efficient dPRES scheme which is proven secure against chosen keyword attack and chosen ciphertext attack in the adaptive corruption model without resorting to random oracle. Our dPRES scheme obtains three advantages: firstly, when a user transmits the trapdoor of keyword to his designated tester, the user does not use a secure channel; secondly, the proposed dPRES scheme resists keyword off-line guessing attacks; thirdly, because Shao et al.'s PRES needs strongly unforgeable one-time signatures, their scheme was less efficient. We propose a dPRES scheme against an adaptive chosen keyword with no attached strongly-unforgeable one-time signature so that our dPRES scheme is more efficient. Proxy re-encryption with keyword search has practical applicatioins in such as distributed file system, email forword etc.