The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
암호화를 위해서는 발신자의 비밀키가 필요하고, 트랩도어는 키워드뿐만 아니라 발신자와도 연결되는 PAEKS(Public Key Authenticationed Encryption With Keyword Search)가 제안되었습니다. 이 설정을 통해 트랩도어에서 키워드 정보가 유출되는 것을 방지할 수 있습니다. Liu et al. (ASIACCS 2022)은 단어 독립적 SPHF(Smooth Projective Hash Function) 및 PEKS를 기반으로 하는 PAEKS의 일반 구성을 제안했습니다. 본 논문에서 우리는 하나의 SPHF만 사용한다는 점에서 Liu et al.보다 더 효율적인 PAEKS의 새로운 일반 구성을 제안하지만 Liu et al. SPHF 2021개를 사용했습니다. 또한 일관성을 위해 Liu 등의 보안 모델보다 강력한 보안 모델을 고려했습니다. 간략하게, Liu et al. 트랩도어가 키워드뿐만 아니라 발신자와도 연결되어 있음에도 불구하고 키워드로만 간주됩니다. 따라서 보낸 사람과 연결된 트랩도어는 동일한 키워드가 연결되어 있더라도 다른 보낸 사람의 비밀 키에 의해 생성된 암호문에 대해 작동하지 않아야 합니다. 즉, 앞선 정의에서는 트랩도어 생성 시 발신자를 지정하지 않았음에도 암호문을 검색할 수 있는 여지가 있어 PAKES의 진정성에 위배된다. 일관성 정의는 다중 발신자 설정을 고려하고 이 사례를 포착합니다. 또한, 선택된 키워드 공격(IND-CKA)에 대한 구별 불가능성과 내부 키워드 추측 공격(IND-IKGA)에 대한 구별 불가능성을 위해 Qin 등이 정의한 보다 강력한 보안 모델을 사용합니다. (ProvSec XNUMX), 여기서 공격자는 암호화 및 트랩도어 오라클에 챌린지 키워드를 쿼리할 수 있습니다. 우리는 또한 Liu et al.과 관련된 몇 가지 문제를 강조합니다. 해시 함수 측면에서 구성, 예를 들어 해당 구성은 그들이 주장하는 일관성을 충족하지 않습니다.
Keita EMURA
Kanazawa University,National Institute of Information and Communications Technology (NICT)
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
부
Keita EMURA, "Generic Construction of Public-Key Authenticated Encryption with Keyword Search Revisited" in IEICE TRANSACTIONS on Fundamentals,
vol. E107-A, no. 3, pp. 260-274, March 2024, doi: 10.1587/transfun.2023CIP0005.
Abstract: Public key authenticated encryption with keyword search (PAEKS) has been proposed, where a sender's secret key is required for encryption, and a trapdoor is associated with not only a keyword but also the sender. This setting allows us to prevent information leakage of keyword from trapdoors. Liu et al. (ASIACCS 2022) proposed a generic construction of PAEKS based on word-independent smooth projective hash functions (SPHFs) and PEKS. In this paper, we propose a new generic construction of PAEKS, which is more efficient than Liu et al.'s in the sense that we only use one SPHF, but Liu et al. used two SPHFs. In addition, for consistency we considered a security model that is stronger than Liu et al.'s. Briefly, Liu et al. considered only keywords even though a trapdoor is associated with not only a keyword but also a sender. Thus, a trapdoor associated with a sender should not work against ciphertexts generated by the secret key of another sender, even if the same keyword is associated. That is, in the previous definitions, there is room for a ciphertext to be searchable even though the sender was not specified when the trapdoor is generated, that violates the authenticity of PAKES. Our consistency definition considers a multi-sender setting and captures this case. In addition, for indistinguishability against chosen keyword attack (IND-CKA) and indistinguishability against inside keyword guessing attack (IND-IKGA), we use a stronger security model defined by Qin et al. (ProvSec 2021), where an adversary is allowed to query challenge keywords to the encryption and trapdoor oracles. We also highlight several issues associated with the Liu et al. construction in terms of hash functions, e.g., their construction does not satisfy the consistency that they claimed to hold.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.2023CIP0005/_p
부
@ARTICLE{e107-a_3_260,
author={Keita EMURA, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Generic Construction of Public-Key Authenticated Encryption with Keyword Search Revisited},
year={2024},
volume={E107-A},
number={3},
pages={260-274},
abstract={Public key authenticated encryption with keyword search (PAEKS) has been proposed, where a sender's secret key is required for encryption, and a trapdoor is associated with not only a keyword but also the sender. This setting allows us to prevent information leakage of keyword from trapdoors. Liu et al. (ASIACCS 2022) proposed a generic construction of PAEKS based on word-independent smooth projective hash functions (SPHFs) and PEKS. In this paper, we propose a new generic construction of PAEKS, which is more efficient than Liu et al.'s in the sense that we only use one SPHF, but Liu et al. used two SPHFs. In addition, for consistency we considered a security model that is stronger than Liu et al.'s. Briefly, Liu et al. considered only keywords even though a trapdoor is associated with not only a keyword but also a sender. Thus, a trapdoor associated with a sender should not work against ciphertexts generated by the secret key of another sender, even if the same keyword is associated. That is, in the previous definitions, there is room for a ciphertext to be searchable even though the sender was not specified when the trapdoor is generated, that violates the authenticity of PAKES. Our consistency definition considers a multi-sender setting and captures this case. In addition, for indistinguishability against chosen keyword attack (IND-CKA) and indistinguishability against inside keyword guessing attack (IND-IKGA), we use a stronger security model defined by Qin et al. (ProvSec 2021), where an adversary is allowed to query challenge keywords to the encryption and trapdoor oracles. We also highlight several issues associated with the Liu et al. construction in terms of hash functions, e.g., their construction does not satisfy the consistency that they claimed to hold.},
keywords={},
doi={10.1587/transfun.2023CIP0005},
ISSN={1745-1337},
month={March},}
부
TY - JOUR
TI - Generic Construction of Public-Key Authenticated Encryption with Keyword Search Revisited
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 260
EP - 274
AU - Keita EMURA
PY - 2024
DO - 10.1587/transfun.2023CIP0005
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E107-A
IS - 3
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - March 2024
AB - Public key authenticated encryption with keyword search (PAEKS) has been proposed, where a sender's secret key is required for encryption, and a trapdoor is associated with not only a keyword but also the sender. This setting allows us to prevent information leakage of keyword from trapdoors. Liu et al. (ASIACCS 2022) proposed a generic construction of PAEKS based on word-independent smooth projective hash functions (SPHFs) and PEKS. In this paper, we propose a new generic construction of PAEKS, which is more efficient than Liu et al.'s in the sense that we only use one SPHF, but Liu et al. used two SPHFs. In addition, for consistency we considered a security model that is stronger than Liu et al.'s. Briefly, Liu et al. considered only keywords even though a trapdoor is associated with not only a keyword but also a sender. Thus, a trapdoor associated with a sender should not work against ciphertexts generated by the secret key of another sender, even if the same keyword is associated. That is, in the previous definitions, there is room for a ciphertext to be searchable even though the sender was not specified when the trapdoor is generated, that violates the authenticity of PAKES. Our consistency definition considers a multi-sender setting and captures this case. In addition, for indistinguishability against chosen keyword attack (IND-CKA) and indistinguishability against inside keyword guessing attack (IND-IKGA), we use a stronger security model defined by Qin et al. (ProvSec 2021), where an adversary is allowed to query challenge keywords to the encryption and trapdoor oracles. We also highlight several issues associated with the Liu et al. construction in terms of hash functions, e.g., their construction does not satisfy the consistency that they claimed to hold.
ER -