Cryptanalysis of the existing integrated PKE and PEKS schemes

Int. J. Embed. Syst. Pub Date : 2019-09-20 DOI:10.1504/ijes.2019.102438

Yang Lu, Qiya Zeng

{"title":"Cryptanalysis of the existing integrated PKE and PEKS schemes","authors":"Yang Lu, Qiya Zeng","doi":"10.1504/ijes.2019.102438","DOIUrl":null,"url":null,"abstract":"Public key encryption with keyword search (PEKS) is a useful cryptographic primitive which allows one to delegate to an untrusted storage server the capability of searching on publicly encrypted data without impacting the security and privacy of original data. However, due to lack of data encryption/decryption function, a PEKS scheme cannot be used alone but has to be coupled with a standard public key encryption (PKE) scheme. For this reason, a new cryptographic primitive called integrated PKE and PEKS (PKE/PEKS) was introduced by Baek et al. in 2006, which provides the functions of both PKE and PEKS. So far, several PKE/PEKS schemes have been proposed in the literature. However, none of them considers the keyword guessing attack. The first PKE/PEKS scheme proposed by Baek et al. was shown to be insecure under this attack. In this paper, we analyse the security of other PKE/PEKS schemes. We demonstrate that none of these schemes can resist the keyword guessing attack. The presented attacks show that a malicious storage server can successfully guess the keyword encoded in any keyword trapdoor produced by these schemes. Therefore, it is still an unsolved problem to devise a PKE/PEKS scheme withstanding the keyword guessing attack.","PeriodicalId":412308,"journal":{"name":"Int. J. Embed. Syst.","volume":"61 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-09-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Int. J. Embed. Syst.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1504/ijes.2019.102438","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Public key encryption with keyword search (PEKS) is a useful cryptographic primitive which allows one to delegate to an untrusted storage server the capability of searching on publicly encrypted data without impacting the security and privacy of original data. However, due to lack of data encryption/decryption function, a PEKS scheme cannot be used alone but has to be coupled with a standard public key encryption (PKE) scheme. For this reason, a new cryptographic primitive called integrated PKE and PEKS (PKE/PEKS) was introduced by Baek et al. in 2006, which provides the functions of both PKE and PEKS. So far, several PKE/PEKS schemes have been proposed in the literature. However, none of them considers the keyword guessing attack. The first PKE/PEKS scheme proposed by Baek et al. was shown to be insecure under this attack. In this paper, we analyse the security of other PKE/PEKS schemes. We demonstrate that none of these schemes can resist the keyword guessing attack. The presented attacks show that a malicious storage server can successfully guess the keyword encoded in any keyword trapdoor produced by these schemes. Therefore, it is still an unsolved problem to devise a PKE/PEKS scheme withstanding the keyword guessing attack.

查看原文本刊更多论文

现有集成PKE和PEKS方案的密码分析

带关键字搜索的公钥加密(PEKS)是一种有用的加密原语，它允许将搜索公开加密数据的能力委托给不受信任的存储服务器，而不会影响原始数据的安全性和隐私性。然而，由于缺乏数据加密/解密功能，PEKS方案不能单独使用，而必须与标准的公钥加密(PKE)方案结合使用。因此，Baek等人在2006年引入了一种新的密码原语，称为集成PKE和PEKS (PKE/PEKS)，它同时提供了PKE和PEKS的功能。到目前为止，文献中已经提出了几种PKE/PEKS方案。然而，它们都没有考虑关键字猜测攻击。由Baek等人提出的第一个PKE/PEKS方案在这种攻击下被证明是不安全的。本文分析了其他PKE/PEKS方案的安全性。我们证明了这些方案都不能抵抗关键字猜测攻击。所提出的攻击表明，恶意存储服务器可以成功地猜测由这些方案产生的任何关键字陷阱门中编码的关键字。因此，如何设计一种抵御关键字猜测攻击的PKE/PEKS方案仍然是一个未解决的问题。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Int. J. Embed. Syst.

自引率

0.00%

发文量