On the Security of a Privacy-Preserving Ranked Multi-Keyword Search Scheme

Ziba Eslami¹⁺, Mahnaz Noroozi¹, and Joonsang Baek²
 

¹Department of Computer and Data Science, Shahid Beheshti University, G.C., Tehran, Iran

²Institutue of Cybersecurity and Cryptology, University of Wollongong, Australia

Abstract

Ranked keyword search over encrypted cloud data is a hot research topic with huge practical implications. A complex variant of this problem is to allow searching among ciphertexts belonging to multiple data owners. Unfortunately, there exist only a few papers in the literature which address this important setting. Recently, Zhang et al. proposed a solution to this problem and claimed that their scheme provides two fundamental security requirements: ciphertext and trapdoor indistinguishability. We prove, however, that in their scheme neither the ciphertexts nor the trapdoors achieve indistinguishability. Our result shows that their scheme is insecure to be used in practice.

Keywords: Searchable encryption, Ranked keyword search, Security, Privacy

+: Corresponding author: Ziba Eslami
Department of Computer and Data Science, Shahid Beheshti University, G.C., Tehran, Iran,
Email: z_eslami@sbu.ac.ir, Web: http://facultymembers.sbu.ac.ir/eslami/,
Tel: +98-2129903007, Fax: +98-2122431655 

Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA)

Vol. 10, No. 1, pp. 75-85, March 2019 [pdf]

Received: January 10, 2019; Accepted: March 5, 2019; Published: March 31, 2019

DOI: 10.22667/JOWUA.2019.03.31.075