Presentation is loading. Please wait.

Presentation is loading. Please wait.

New Efficient Searchable Encryption Schemes from Bilinear Pairings Author:Chunxiang Gu and Yuefei Zhu International Journal of Network Security, 2007 Presenter:

Published byNora Goodwin Modified over 9 years ago

Similar presentations

Presentation on theme: "New Efficient Searchable Encryption Schemes from Bilinear Pairings Author:Chunxiang Gu and Yuefei Zhu International Journal of Network Security, 2007 Presenter:"— Presentation transcript:

1 New Efficient Searchable Encryption Schemes from Bilinear Pairings Author:Chunxiang Gu and Yuefei Zhu International Journal of Network Security, 2007 Presenter: 李宗諺

2 Outline  Introduction  Preliminaries PEKS IND-CKA  A New PEKS Scheme from Pairing  Conclusion

3 Introduction

4 Outline  Introduction  Preliminaries PEKS IND-CKA  A New PEKS Scheme from Pairing  Conclusion

5 Preliminaries (1/4)  In 2004, Boneh et.al  Public Key Encryption with Keyword Search  four polynomial-time algorithms: KeyGen Trapdoor PEKS Test

6 Preliminaries (2/4)  KeyGen : Take as input a security parameter λ, generate a public/private key pair (pk,sk). (pk,sk)=KeyGen(λ)  Trapdoor : Take as input the receiver ’ s private key sk and a word W, produce a trapdoor Tw. Tw=Trapdoor(sk,W)

7 Preliminaries (3/4)  PEKS: Take as input the receiver ’ s public key pk and a word W, produce a searchable encryption of W. C = PEKS( pk, W)  Test: Take as input the receiver ’ s public key pk, a searchable encryption C = PEKS(pk,W ’ ), and a trapdoor Tw = Trapdoor(sk,W), output 1 ( “ yes ” ) if W = W ’ and 0 ( “ no ” ) otherwise. Test( pk,PEKS(pk,W),Tw )=1

8 Preliminaries (4/4) Sever Tw 加密過的訊息 傳回使用者 所需的文件 Alice Bob 1.λ KeyGan (pk,sk)2.C=PEKS( A pk,W ) 3.Tw= Trapdoor(A sk , W) 4. Test(Apk , C , Tw) ?= 1

9 Outline  Introduction  Preliminaries PEKS IND-CKA  A New PEKS Scheme from Pairing  Conclusion

10 Preliminaries  Indistinguishability of PEKS against chosen keyword attack (IND-CKA) KeyGen Phase 1 Challenge Phase 2 Guess

11 IND-CKA (1/6)  KeyGen The challenger runs the KeyGen(λ) algorithm to generate(pk,sk). It gives pk to the attacker. challengerattacker λ KeyGen (pk,sk) pk

12 IND-CKA (2/6)  Phase 1 The attacker ask the challengger for the trapdoor Tw for any keyword W ∈ {0,1}*  Challenge The attacker A sends the challenger two words W 0,W 1. The challenger picks a random b ∈ {0,1} and gives the attacker C = PEKS( pk, W)

13 IND-CKA (3/6) challengerattacker λ KeyGen (pk,sk) pk W 0,W 1 b ∈ {0,1} C = PEKS( pk, W b )

14 IND-CKA (4/6)  Phase 2 The attacker can continue to ask for trapdoors Tw for any keyword W of his choice as long as W≠W 0,W 1  Guess The attacker A outputs b ’ ∈ {0,1} and wins the game if b = b ’

15 IND-CKA (5/6) challengerattacker λ KeyGen (pk,sk) pk W 0,W 1 b ∈ {0,1} C = PEKS( pk, W b ) b ‘ ∈ {0,1} b?=b ’ b’b’

16 Preliminaries ( G 1, + ) and ( G 2, ‧ ) be two cyclic groups of prime order q e : G 1 × G 1 → G 2 be a map which satisfies the following properties  Bilinear Pairings Bilinear:  Non-degenerate:  If P is a generator of G 1,then e(P,P) is a generator of G 2 Computable:  There is an efficient algorithm to compute e(P,Q) for any P,Q ∈ G 1

17 Preliminaries  BDH problem: P,aP,bP,cP ∈ G 1 P,aP,bP,cP = e(P,P) abc  k – BDHI problem:

18 Outline  Introduction  Preliminaries PEKS IND-CKA  A New PEKS Scheme from Pairing  Conclusion

19 A New PEKS Scheme from Pairings (1/5)  The Scheme ( G 1, + ) and ( G 2, ‧ ) be two cyclic groups of prime order q e : G 1 × G 1 → G 2 be an admissible bilinear pairing H 1 :{0,1}* → Z q * and H 2 : G 2 →{0,1} log q P is a generator of G 1 μ = e ( p, p )

20 A New PEKS Scheme from Pairings (2/5)  KeyGen : Pick a random x ∈ Z q * compute X = xP Output pk =X and sk = x.

21 A New PEKS Scheme from Pairings (3/5)  Trapdoor: Take as input secret key x and keyword W Output Tw = (H 1 (W)+x) -1 P  PEKS : Take as input public key X and a keyword W Select randomly r ∈ Z q * compute U = rH 1 (W)P+rX, c = H 2 (μ r ) Output (U,c)

22 A New PEKS Scheme from Pairings (4/5)  Test Input public key X, searchable encryption cipher- text(U,c) and trapdoor Tw Test if H 2 (e(Tw,U)) = c If so,output 1 Otherwise,out put 0.

23 A New PEKS Scheme from Pairings (5/5)  Consistency H 2 (e(Tw,U)) = H 2 (e((H 1 (W)+x) -1 P, rH 1 (W)P+rX)) = H 2 (e((H 1 (W)+x) -1 P, r(H 1 (W)+x)P) = H 2 (e((P,P) r ) = c Tw = (H 1 (W)+x) -1 P U = rH 1 (W)P+rX X = xP μ = e ( p, p ) c = H 2 (μ r )

24 Outline  Introduction  Preliminaries PEKS IND-CKA  A New PEKS Scheme from Pairing  Conclusion

25 Conclusion  In this paper, we propose a new PEKS scheme based on bilinear pairings.  There is no pairing operation involved in the encryption, so new PEKS scheme is more efficient than the scheme of Boneh et.al.

Download ppt "New Efficient Searchable Encryption Schemes from Bilinear Pairings Author:Chunxiang Gu and Yuefei Zhu International Journal of Network Security, 2007 Presenter:"

Similar presentations

Boneh-Franklin Identity-based Encryption. 2 Symmetric bilinear groups G = ágñ, g p = 1 e: G G G t Bilinear i.e. e(u a, v b ) = e(u, v) ab Non-degenerate:

Boneh-Franklin Identity-based Encryption. 2 Symmetric bilinear groups G = ágñ, g p = 1 e: G G G t Bilinear i.e. e(u a, v b ) = e(u, v) ab Non-degenerate:
ElGamal Security Public key encryption from Diffie-Hellman

ElGamal Security Public key encryption from Diffie-Hellman
An Introduction to Pairing Based Cryptography Dustin Moody October 31, 2008.

An Introduction to Pairing Based Cryptography Dustin Moody October 31, 2008.
Probabilistic Public Key Encryption with Equality Test Duncan S. Wong Department of Computer Science City University of Hong Kong Joint work with Guomin.

Probabilistic Public Key Encryption with Equality Test Duncan S. Wong Department of Computer Science City University of Hong Kong Joint work with Guomin.
Encryption Public-Key, Identity-Based, Attribute-Based.

Encryption Public-Key, Identity-Based, Attribute-Based.
Cramer & Shoup Encryption Cramer and Shoup: A practical public key crypto system provably secure against adaptive chosen ciphertext attack. Crypto 1998.

Cramer & Shoup Encryption Cramer and Shoup: A practical public key crypto system provably secure against adaptive chosen ciphertext attack. Crypto 1998.
Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.

Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.
A Novel Approach for Searchable CP-ABE with Hidden Ciphertext-Policy Mukti Padhya Devesh Jinwala Sardar Vallabhbhai National Institute Of Technology,Surat.

A Novel Approach for Searchable CP-ABE with Hidden Ciphertext-Policy Mukti Padhya Devesh Jinwala Sardar Vallabhbhai National Institute Of Technology,Surat.
1 IDENTITY BASED ENCRYPTION SECURITY NOTIONS AND NEW IBE SCHEMES FOR SAKAI KASAHARA KEY CONSTRUCTION N. DENIZ SARIER.

1 IDENTITY BASED ENCRYPTION SECURITY NOTIONS AND NEW IBE SCHEMES FOR SAKAI KASAHARA KEY CONSTRUCTION N. DENIZ SARIER.
A novel and efficient unlinkable secret handshakes scheme Author: Hai Huang and Zhenfu Cao (PR China) Source: IEEE Comm. Letters 13 (5) (2009) Presenter:

A novel and efficient unlinkable secret handshakes scheme Author: Hai Huang and Zhenfu Cao (PR China) Source: IEEE Comm. Letters 13 (5) (2009) Presenter:
1 Efficient Conjunctive Keyword-Searchable Encryption,2007 Author: Eun-Kyung Ryu and Tsuyoshi Takagi Presenter: 顏志龍.

1 Efficient Conjunctive Keyword-Searchable Encryption,2007 Author: Eun-Kyung Ryu and Tsuyoshi Takagi Presenter: 顏志龍.
1 A new identity based proxy signature scheme Source: Lecture Notes In Computer Science Author: Chunxiang Gu and Yuefei Zhu Presenter: 林志鴻.

1 A new identity based proxy signature scheme Source: Lecture Notes In Computer Science Author: Chunxiang Gu and Yuefei Zhu Presenter: 林志鴻.
Identity Based Encryption

Identity Based Encryption
1 Conjunctive, Subset, and Range Queries on Encrypted Data Presenter: 陳國璋 Lecture Notes in Computer Science, 2007 Dan Boneh and Brent Waters.

1 Conjunctive, Subset, and Range Queries on Encrypted Data Presenter: 陳國璋 Lecture Notes in Computer Science, 2007 Dan Boneh and Brent Waters.
Co-operative Private Equality Test(CPET) Ronghua Li and Chuan-Kun Wu (received June 21, 2005; revised and accepted July 4, 2005) International Journal.

Co-operative Private Equality Test(CPET) Ronghua Li and Chuan-Kun Wu (received June 21, 2005; revised and accepted July 4, 2005) International Journal.
Weakness of Shim’s New ID- base Tripartite Multiple-key Agreement Protocol Authors: J.S. Chou, C.H.Lin and C.H. Chiu ePrint/2005/457 Presented by J. Liu.

Weakness of Shim’s New ID- base Tripartite Multiple-key Agreement Protocol Authors: J.S. Chou, C.H.Lin and C.H. Chiu ePrint/2005/457 Presented by J. Liu.
1 Identity-Based Encryption form the Weil Pairing Author : Dan Boneh Matthew Franklin Presentered by Chia Jui Hsu Date : 2008-06-03.

1 Identity-Based Encryption form the Weil Pairing Author : Dan Boneh Matthew Franklin Presentered by Chia Jui Hsu Date :
A Designer’s Guide to KEMs Alex Dent

A Designer’s Guide to KEMs Alex Dent
1 Queries on Encrypted Data Dan Boneh Brent Waters Stanford UniversitySRI.

1 Queries on Encrypted Data Dan Boneh Brent Waters Stanford UniversitySRI.
Efficient Conjunctive Keyword-Searchable Encryption,2007 Author: Eun-Kyung Ryu and Tsuyoshi Takagi Presenter: 顏志龍.

Efficient Conjunctive Keyword-Searchable Encryption,2007 Author: Eun-Kyung Ryu and Tsuyoshi Takagi Presenter: 顏志龍.

Similar presentations

Ads by Google