[Resource Topic] 2023/591: Post-Quantum Public-key Authenticated Searchable Encryption with Forward Security: General Construction, Implementation, and Applications

Welcome to the resource topic for 2023/591

Title:
Post-Quantum Public-key Authenticated Searchable Encryption with Forward Security: General Construction, Implementation, and Applications

Authors: Shiyuan Xu, Yibo Cao, Xue Chen, Siu-Ming Yiu, Yanmin Zhao

Abstract:

Public-key encryption with keyword search was first proposed by Boneh et al. (EUROCRYPT 2004), achieving the ability to search for ciphertext files. Nevertheless, this scheme is vulnerable to inside keyword guessing attacks (IKGA). Public-key authenticated encryption with keyword search (PAEKS), introduced by Huang et al. (Inf. Sci. 2017), on the other hand, is secure against IKGA. Nonetheless, it is susceptible to quantum computing attacks. Liu et al. and Cheng et al. addressed this problem by reducing to the lattice hardness (AsiaCCS 2022, ESORICS 2022). Furthermore, several scholars pointed out that the threat of secret key exposure delegates a severe and realistic concern, potentially leading to privacy disclosure (EUROCRYPT 2003, Compt. J. 2022). As a result, research focusing on mitigating key exposure and resisting quantum attacks for the PAEKS primitive is significant and far-reaching.
In this work, we present the first instantiation of post-quantum PAEKS primitive that is forward-secure and does not require trusted authorities, mitigating the secret key exposure while ensuring quantum-safe properties. We extended the scheme of Liu et al. (AsiaCCS 2022), and proposed a novel post-quantum PAEKS construction, namely FS-PAEKS. To begin with, we introduce the binary tree structure to represent the time periods, along with a lattice basis extension algorithm, and SamplePre algorithm to obtain the post-quantum one-way secret key evolution, allowing users to update their secret keys periodically. Furthermore, our scheme is proven to be IND-CKA, IND-IKGA, and IND-Multi-CKA in the quantum setting. In addition, we also compare the security of our primitive in terms of computational complexity and communication overhead with other top-tier schemes and provide implementation details of the ciphertext generation and test algorithms. The proposed FS-PAEKS is more efficient than the FS-PEKS scheme (IEEE TDSC 2021). Lastly, we demonstrate three potential application scenarios of FS-PAEKS.

ePrint: https://eprint.iacr.org/2023/591

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .