Searchable encryption has many applications including email systems and storage systems. The usefulness of searchable encryption derives from its support of keyword-testability. Keyword-testability means that a receiver of a ciphertext can test whether the ciphertext contains a specific keyword. Recently, Bellare et al. suggested an efficientlysearchable encryption scheme with keyword-recoverability as well as keyword-testability. Keyword- recoverability means that a receiver can extract the keyword from a ciphertext. All of the previous searchable encryption schemes have provided only keyword-testability. However, as explained by Bellare et al., no efficiently-searchable encryption scheme can provide even security against chosen keyword attacks. That is, Bellare et al.'s scheme assumes that no useful partial information about the keyword is known to the adversaries. In this paper, we suggest an SEKR (searchable encryption with keyword-recoverability) scheme which is secure even if the adversaries have any useful partial information about the keyword. Our scheme provides security against chosen ciphertext attacks which are stronger attacks than chosen keyword attacks. We also suggest an SEKR scheme for multi-keywords.
- Chosen ciphertext attacks
- Keyword search
ASJC Scopus subject areas
- Electrical and Electronic Engineering
- Artificial Intelligence
- Hardware and Architecture
- Computer Vision and Pattern Recognition