Verifiable searchable encryption scheme with flexible access control in the cloud

Abstract

The exponential growth of digital data demands secure and efficient cloud data management. Encryption technologies, especially searchable encryption and attribute-based encryption, have become tools for protecting data confidentiality while allowing authorized users to access data for ciphertext retrieval. Confronting complex multi-user and multi-owner (M2M) scenarios, certain searchable attribute-based encryption schemes are designed to manage both owner-level and user-level permission simultaneously. However, their permission management depends on the cooperation of an honest server, which may not be practical in the M2M cloud storage environment. Hence, there is a need for a robust scheme that ensures secure and flexible access control, maintains performance and scalability, and is applicable to servers that may not always be honest, thereby accommodating a broader spectrum of real-world scenarios. This paper introduces a Verifiable Searchable Encryption Scheme with Flexible Access Control in the Cloud (VSEFAC), which adeptly manages both owner-level and user-level permission based on searchable attribute-based encryption, with the added advantage of owner-level permission management being independent of a careless cloud server. At the same time, our scheme manages owner-level permission through a lightweight method for updating owner-level permission, providing strong defense against unauthorized searches and attacks. Finally, our scheme further validates the practical efficiency and effectiveness of our scheme in real-world cloud storage applications through rigorous security analysis and performance evaluation.