An improved secure designated server certificateless authenticated searchable encryption scheme for IIoT

Abstract

The Industrial Internet of Things (IIoT) achieves the automation, monitoring, and optimization of industrial processes by interconnecting various sensors, smart devices, and the Internet, which dramatically increases productivity and product quality. Nevertheless, the IIoT comprises a substantial amount of sensitive data, which requires encryption to ensure data privacy and security. Recently, Sun et al. proposed a certificateless searchable encryption scheme for IIoT to enable the retrieval of ciphertext data while protecting data privacy. However, we found that their scheme not only fails to satisfy trapdoor indistinguishability but also lacks defense against keyword guessing attacks. In addition, some schemes use deterministic algorithms in the encryption process, resulting in the same ciphertexts after encryption for the same keyword, thereby leaking the potential frequency distribution of the keyword in the ciphertext space, thereby leaking the potential frequency distribution of the keyword in the ciphertext space, allowing attackers to infer the plaintext information corresponding to the ciphertext through statistical analysis. To better protect data privacy, we propose an improved certificateless searchable encryption scheme with a designated server. With security analysis, we prove that our scheme provides multi-ciphertext indistinguishability and multi-trapdoor indistinguishability security under the random oracle. Experimental results show that the proposed scheme has good overall performance in terms of computational overhead, communication overhead, and security features.