Skip to main content
SpringerLink
Log in

Efficient searchable public key encryption against keyword guessing attacks for cloud-based EMR systems

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

Due to the tremendous benefits of cloud computing, an increasing number of health care providers tend to deploy the electronic medical record (EMR) storages and application services into cloud. To protect patients’ privacy, sensitive EMRs have to be encrypted before being uploaded to cloud. This makes effective utilization of EMRs, such as plaintext keyword search, a very challenging problem. Public key encryption with keyword search (PEKS) provides a promising cryptographic solution to encrypted EMR data retrieval, because it allows one to delegate to an untrusted storage server the capability of searching on publicly encrypted EMR data without compromising the security of original EMR data. Recently, two secure channel free PEKS schemes were proposed for cloud-based EMR systems. However, our cryptanalysis demonstrates that both of these two schemes suffer from the security vulnerabilities caused by the keyword guessing attack. To deal with this problem, a novel secure channel free PEKS scheme is developed in this paper. The proposed scheme not only provides the resistance to the existing known three types of keyword guessing attacks, but also has the merit of no designated server. In the standard model, it is formally proven to achieve both the keyword ciphertext indistinguishability and the trapdoor indistinguishability under the adaptive chosen-keyword attacks. The comparisons indicate that the scheme is secure and practicable.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

References

  1. Abdalla, M., Bellare, M., Rogaway, P.: The oracle Diffie–Hellman assumptions and an analysis of DHIES. In: Naccache, D. (ed.) CT-RSA 2001, pp. 143–158. Springer, Heidelberg (2001)

    Google Scholar 

  2. Abdalla, M., Bellare, M., Catalano, D., Kiltz, E., Kohno, T., Lange, T., Malone-Lee, J., Neven, G., Paillier, P., Shi, H.: Searchable encryption revisited: consistency properties, relation to anonymous IBE and extensions. In: Shoup, V. (ed.) CRYPTO 2005, pp. 205–222. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  3. Ateniese, G., Fu, K.V., Green, M., Hohenberger, S.: Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans. Inf. Syst. Secur. 9, 1–30 (2006)

    Article  MATH  Google Scholar 

  4. Aviv, A.J., Locasto, M.E., Potter, S., Keromytis, A.D.: SSARES: secure searchable automated remote email storage. In: ACSAC 2007, pp. 129–139. IEEE (2007)

  5. Baek, J., Safavi-Naini, R., Susilo, W.: Public key encryption with keyword search revisited. In: Gervasi, O., et al. (eds.) ICCSA 2008, pp. 1249–1259. Springer, Heidelberg (2008)

    Google Scholar 

  6. Boneh, D., Crescenzo, G.D., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: Cachin, C., Camenisch, J. (eds.) EUROCRYPT 2004, pp. 506–522. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  7. Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001, pp. 213–229. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  8. Byun, J.W., Rhee, H.S., Park, H.A., Lee, D.H.: Off-line keyword guessing attacks on recent keyword search schemes over encrypted data. In: Jonker, W., Petkovic, M. (eds.) SDM 2006, pp. 75–83. Springer, Heidelberg (2006)

    Google Scholar 

  9. Chen, R.M., Mu, Y., Yang, G.M., Guo, F., Huang, X., Wang, X., Wang, Y.: Server-aided public key encryption with keyword search. IEEE Trans. Inf. Forensics Secur. 11, 1833–2842 (2016)

    Google Scholar 

  10. Chen, Y.: SPEKS: secure server-designation public key encryption with keyword search against keyword guessing attacks. Comput. J. 58, 922–933 (2015)

    Article  Google Scholar 

  11. Chen, Y., Horng, G., Lin, Y., Chen, K.: Privacy preserving index for encrypted electronic medical records. J. Med. Syst. 37(6), 9992 (2013). https://doi.org/10.1007/s10916-013-9992-x

    Article  Google Scholar 

  12. Chen, C., Yang, T., Shih, T.: A secure medical data exchange protocol based on cloud environment. J. Med. Syst. 38(9), 112 (2014). https://doi.org/10.1007/s10916-014-0112-3

    Article  Google Scholar 

  13. Chen, C., Yang, T., Chiang, M., Shih, T.: A privacy authentication scheme based on cloud for medical environment. J. Med. Syst. 38(11), 143 (2014). https://doi.org/10.1007/s10916-014-0143-9

    Article  Google Scholar 

  14. Curtmola, R., Garay, J., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. In: ACM CCS 2006, pp. 79–88. ACM, New York (2006)

  15. Dong, Q.X., Guan, Z., Wu, L., Chen, Z.: Fuzzy keyword search over encrypted data in the public key setting. In: Wang, J., et al. (eds.) WAIM 2013, pp. 729–740. Springer, Heidelberg (2013)

    Google Scholar 

  16. Emura, K., Miyaji, A., Rahman, M., Omote, K.: Generic constructions of secure-channel free searchable encryption with adaptive security. Secur. Commun. Netw. 8, 1547–1560 (2015)

    Article  Google Scholar 

  17. Fang, L.M., Susilo, W., Ge, C.P., Wang, J.D.: A secure channel free public key encryption with keyword search scheme without random oracle. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009, pp. 248–258. Springer, Heidelberg (2009)

    Google Scholar 

  18. Fu, Z., Ren, K., Shu, J., Sun, X., Huang, F.: Enabling personalized search over encrypted outsourced data with efficiency improvement. IEEE Trans. Parallel Distrib. Syst. 27, 2546–2559 (2016)

    Article  Google Scholar 

  19. Fu, Z., Wu, X., Guan, C., Sun, X., Ren, K.: Towards efficient multi-keyword fuzzy search over encrypted outsourced data with accuracy improvement. IEEE Trans. Inf. Forensics Secur. 11, 2706–2716 (2016)

    Article  Google Scholar 

  20. Golle, P., Staddon, J., Waters, B.: Secure conjunctive keyword search over encrypted data. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004, pp. 31–45. Springer, Heidelberg (2004)

    Google Scholar 

  21. Gou, Z., Yamaguchi, S., Gupta, B.B.: Analysis of various security issues and challenges in cloud computing environment: a survey. In: Gupta, B.B., Agrawal, D.P., Yamaguchi, S. (eds.) Handbook of Research on Modern Cryptographic Solutions for Computer and Cyber Security, pp. 393–419. IGI Global, Hershey (2016)

    Chapter  Google Scholar 

  22. Gu, C., Zhu, Y., Pan, H.: Efficient public key encryption with keyword search schemes from pairings. In: Pei, D., et al. (eds.) Inscrypt 2007, pp. 372–383. Springer, Heidelberg (2007)

    Google Scholar 

  23. Guo, L.F., Yau, W.C.: Efficient secure-channel free public key encryption with keyword search for EMRs in cloud storage. J. Med. Syst. (2015). https://doi.org/10.1007/s10916-014-0178-y

    Article  Google Scholar 

  24. Gupta, B.B., Gupta, S., Chaudhary, P.: Enhancing the browser-side context-aware sanitization of suspicious HTML5 code for halting the DOM-based XSS vulnerabilities in cloud. Int. J. Cloud Appl. Comput. 7(1), 1–31 (2017)

    Google Scholar 

  25. Hu, C.Y., Liu, P.T.: A secure searchable public key encryption scheme with a designated tester against keyword guessing attacks and its extension. In: Lin, S., Huang, X. (eds.) CSEE 2011, pp. 131–136. Springer, Heidelberg (2011)

    Google Scholar 

  26. Huang, Q., Li, H.: An efficient public-key searchable encryption scheme secure against inside keyword guessing attacks. Inf. Sci. 403, 1–14 (2017)

    Article  Google Scholar 

  27. Hwang, Y.H., Lee, P.J.: Public key encryption with conjunctive keyword search and its extension to a multi-user system. In: Takagi, T., et al. (eds.) Pairing 2007, pp. 2–22. Springer, Heidelberg (2007)

    Google Scholar 

  28. Jeong, I.R., Kwon, J.O., Hong, D., Lee, D.H.: Constructing PEKS schemes secure against keyword guessing attacks is possible? Comput. Commun. 32, 394–396 (2009)

    Article  Google Scholar 

  29. Kamara, S., Lauter, K.: Cryptographic cloud storage. In: Sion, R., et al. (eds.) FC 2010, pp. 136–149. Springer, Heidelberg (2010)

    Google Scholar 

  30. Li, J., Chen, X., Li, M., Li, J.W., Lee, P.P.C., Lou, W.: Secure deduplication with efficient and reliable convergent key management. IEEE Trans. Parallel Distrib. Syst. 25(6), 1615–1625 (2014)

    Article  Google Scholar 

  31. Li, J., Li, Y.K., Chen, X., Lee, P.P.C., Lou, W.: A hybrid cloud approach for secure authorized deduplication. IEEE Trans. Parallel Distrib. Syst. 26(5), 1206–1216 (2015)

    Article  Google Scholar 

  32. Li, J., Li, J.W., Chen, X., Jia, C., Lou, W.: Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans. Comput. 64(2), 425–437 (2015)

    Article  MathSciNet  MATH  Google Scholar 

  33. Li, J., Zhang, Y., Chen, X., Xiang, Y.: Secure attribute-based data sharing for resource-limited users in cloud computing. Comput. Secur. 72, 1–12 (2018)

    Article  Google Scholar 

  34. Li, J.G., Lin, X., Zhang, Y., Han, J.: KSF-OABE: outsourced attribute-based encryption with keyword search function for cloud storage. IEEE Trans. Serv. Comput. 10(5), 715–725 (2017)

    Article  Google Scholar 

  35. Li, J.G., Yao, W., Zhang, Y., Qian, H., Han, J.: Flexible and fine-grained attribute-based data storage in cloud computing. IEEE Trans. Serv. Comput. 10(5), 785–796 (2017)

    Article  Google Scholar 

  36. Liu, Z., Weng, J., Li, J., Yang, J., Fu, C., Jia, C.: Cloud-based electronic health record system supporting fuzzy keyword search. Soft. Comput. 20, 3243–3255 (2016)

    Article  Google Scholar 

  37. Low, C., Hsueh, C.: Criteria for the evaluation of a cloud-based hospital information system outsourcing provider. J. Med. Syst. 36(6), 3543–3553 (2012)

    Article  Google Scholar 

  38. Lu, Y., Li, J.G.: A pairing-free certificate-based proxy re-encryption scheme for secure data sharing in public clouds. Future Gener. Comput. Syst. 62, 140–147 (2016)

    Article  Google Scholar 

  39. Lu, Y., Wang, G., Li, J.G., Shen, J.: Efficient designated server identity-based encryption with conjunctive keywords search. Ann. Telecommun. 72, 359–370 (2017)

    Article  Google Scholar 

  40. Lu, Y., Wang, G., Li, J.G.: On security of a secure channel free public key encryption with conjunctive field keyword search scheme. Inf. Technol. Control 47, 56–62 (2018)

    Google Scholar 

  41. Lv, Z.Q., Hong, C., Zhang, M., Feng, D.: Expressive and secure searchable encryption in the public key setting. In: Chow, S.S.M., et al. (eds.) ISC 2014, pp. 364–376. Springer, Heidelberg (2014)

    Google Scholar 

  42. Lynn, B.: PBC library: the pairing-based cryptography library. http://crypto.stanford.edu/pbc/ (2013). Accessed 1 April 2014

  43. Mish, F.: Merriam-Webster’s collegiate dictionary, 11th edition, Merriam-Webster, Inc. http://www.m-w.com (2003). Accessed 7 January 2016

  44. Ni, J., Yu, Y., Xia, Q., Niu, L.: Cryptanalysis of two searchable public key encryption schemes with a designated tester. J. Inf. Comput. Sci. 9, 4819–4825 (2012)

    Google Scholar 

  45. Park, D.J., Kim, K., Lee, P.J.: Public key encryption with conjunctive field keyword search. In: Lim, C.H., Yung, M. (eds.) WISA 2004, pp. 73–86. Springer, Heidelberg (2005)

    Google Scholar 

  46. Rhee, H.S., Park, J.H., Susilo,W., Lee, D.H.: Improved searchable public key encryption with designated tester. In: ASIACCS 2009, pp. 376–379. ACM, New York (2009)

  47. Rhee, H.S., Park, J.H., Susilo, W., Lee, D.H.: Trapdoor security in a searchable public key encryption scheme against keyword guessing attacks. J. Syst. Softw. 6, 237–243 (2010)

    Google Scholar 

  48. Rhee, H.S., Park, J.H., Lee, D.H.: Generic construction of designated tester public-key encryption with keyword search. Inf. Sci. 205, 93–109 (2012)

    Article  MathSciNet  MATH  Google Scholar 

  49. Shao, J., Cao, Z., Liang, X., Lin, H.: Proxy re-encryption with keyword search. Inf. Sci. 180, 2576–2587 (2010)

    Article  MathSciNet  MATH  Google Scholar 

  50. Shao, Z., Yang, B.: On security against the server in designated tester public key encryption with keyword search. Inf. Process. Lett. 115, 957–961 (2015)

    Article  MathSciNet  MATH  Google Scholar 

  51. Song, D., Wagner, D., Perrig, A.: Practical techniques for searching on encrypted data. In: 2000 IEEE Symposium on Security and Privacy, pp 44–55. IEEE (2000)

  52. Stergiou, C., Psannis, K., Kim, B., Gupta, B.: Secure integration of IoT and cloud computing. Future Gener. Comput. Syst. (2016). https://doi.org/10.1016/j.future.2016.11.031

    Article  Google Scholar 

  53. Susilo, W., Win, K.T.: Security and access of health research data. J. Med. Syst. 31, 103–107 (2007)

    Article  Google Scholar 

  54. Tang, Q., Chen, L.Q.: Public key encryption with registered keyword search. In: Martinelli, F., Preneel, B. (eds.) EuroPKI 2009, pp. 163–178. Springer, Heidelberg (2010)

    Google Scholar 

  55. Waters, B., Balfanz, D., Durfee, G., Smetters, D.: Building an encrypted and searchable audit log. In: 11th Annual Network and Distributed System Security Symposium (2004)

  56. Wu, Y., Lu, X., Su, J., Chen, P.: An efficient searchable encryption against keyword guessing attacks for sharable electronic medical records in cloud-based system. J. Med. Syst. (2016). https://doi.org/10.1007/s10916-016-0609-z

    Article  Google Scholar 

  57. Xia, Z., Wang, X., Sun, X., Wang, Q.: A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data. IEEE Trans. Parallel Distrib. Syst. 27, 340–352 (2015)

    Article  Google Scholar 

  58. Yau, W.C., Heng, S., Goi, B.: Off-line keyword guessing attacks on recent public key encryption with keyword search schemes. In: Rong, C., Jaatun, M.G., Sandnes, F.E., Yang, L.T., Ma, J. (eds.) ATC 2008, pp. 100–105. Springer, Heidelberg (2008)

    Google Scholar 

  59. Yau, W.C., Phan, R.C., Heng, S.H., Goi, B.M.: Keyword guessing attacks on secure searchable public key encryption schemes with a designated tester. Int. J. Comput. Math. 90, 2581–2587 (2013)

    Article  MATH  Google Scholar 

  60. Zhang, B., Zhang, F.: An efficient public key encryption with conjunctive-subset keywords search. J. Netw. Comput. Appl. 34, 262–267 (2011)

    Article  Google Scholar 

Download references

Acknowledgements

This work is supported by the National Natural Science Foundation of China (Grant Nos. 61772009, 61672207 and U1736112), the Fundamental Research Funds for the Central Universities (Grant Nos. 2016B10114 and 2017B17014) and the Natural Science Foundation of Jiangsu Province (Grant Nos. BK20161511 and BK20181304).

Author information

Authors and Affiliations

  1. School of Computer Science and Technology, Nanjing Normal University, Nanjing, China

    Yang Lu

  2. College of Mathematics and Informatics, Fujian Normal University, Fuzhou, China

    Jiguo Li

Authors
  1. Yang Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jiguo Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yang Lu.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Lu, Y., Li, J. Efficient searchable public key encryption against keyword guessing attacks for cloud-based EMR systems. Cluster Comput 22, 285–299 (2019). https://doi.org/10.1007/s10586-018-2855-y

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-018-2855-y

Keywords

Search

Navigation