Article Preview
TopIntroduction
Cloud computing is one of the most promising technologies of the recent times as it has fundamentally changed the way we store and access our data. In cloud, the storage and management of data is delegated to a remote cloud server. This unburdens the user from the overhead of local storage and management of data and moreover, this stored data could be accessed anywhere anytime and on any device. Owing to these advantages more and more users are shifting towards cloud-based storage. But apart from these benefits there are some privacy concerns associated with the data stored over the cloud because the data is stored over a remote server which could not be fully trusted. One simple solution to this issue could be to store the data in an encrypted form. This definitely solve the issue of data privacy but will beget another problem (Gupta, 2016; Gupta, 2018). Searching operation is one of the most basic and essential operations and encryption of data will severely debilitate this basic operation. Hence, there arises a need for a technique which should be conducive for search operation and at the same time ensures the privacy of data. Secure searchable encryption is the answer for this need (Yu, 2018; Yu, 2018; Gupta, 2017; Subramaniyaswamy, 2017).
Searchable encryption (SE) scheme enables the cloud server to perform keyword search over encrypted data without disclosing any information about the keyword being searched (San Nicolas-Rocca, T., 2013). SE scheme can be developed using either symmetric key or asymmetric/public key cryptographic primitive. Between these two, public key setting is a more preferable choice as it solves the issue of complicated key sharing in symmetric key setting when there are multiple users in the system. Further, there are several choices available in public key setting like Identity Based Encryption (IBE), Attribute Based Encryption (ABE), Functional Encryption (FE), etc. In this paper, we have used ABE scheme and particularly the key-policy (KP) design framework to develop SE scheme as it provides fine-grained searching capability in multi-user setting. In KP-ABE, the access policy is embedded in the secret key of the user. Any authorized user can misuse his/her access rights by sharing his secret key with other users who are not supposed to have access to the information. Consider a database which contains digital media in an encrypted form and a user is provided access depending upon the subscription and the amount he paid. There is no way of tracing if the user who has got the subscription is not sharing his secret credentials with other users, which usually happens. To prevent such unauthorized searching and retrieval of information, we have added an extra functionality of tracing given by Yu et al. (2010). There are several key-policy attribute based keyword search schemes in the literature given by Zheng et al. (2014), Li et al. (2017), Ameri et al. (2018) and Mamta and Gupta (2019) but none of them has incorporated the feature of tracing the key abusers, which is the main contribution of this paper. Following are the key highlights of the proposed scheme:
- •
It provides protection against key abusers by incorporating extra ciphertext components which are used for tracing the identity of the traitors. The ciphertext used in the normal operation and in the tracing operation is indistinguishable under decisional linear assumption.
- •
It efficiently handles the event of user revocation by delegating the task of updating the secret key of remaining users to the cloud.
- •
The proposed scheme takes multi-valued attributes and also partially hides the access structure associated with the user.
- •
The proposed scheme performs multi-keyword search and supports monotonic predicate which consists of AND, OR and threshold gates. It uses the top-down approach for distributing the secret values to an access structure.
- •
The proposed scheme is proved secure against chosen keyword attack in selective security model under decisional Diffie-Hellman assumption.