Go to OpenReview Public Article DBLP homepageExpressive and Fully Policy-Hidden Attribute-Based Searchable Encryption Scheme for Multi-Owner
Abstract: As cloud computing advances, data owners increasingly upload large volumes of data to the cloud. Attribute-based searchable encryption (ABSE) empowers data owners to manage fine-grained access over encrypted cloud files, and supports keyword-based search for authorized users. However, current multi-owner searchable encryption schemes often suffer from efficiency limitations and vulnerabilities to keyword guessing attacks. Furthermore, access policies are typically stored in plain form, exposing confidential details about data owners and authorized users. To tackle the aforementioned issues, we put forward an expressive attribute-based searchable encryption scheme with full policy concealment. Our design leverages the reduced ordered binary decision diagram (ROBDD) for access control targeting multi-user and multi-owner environments. In our scheme, users can flexibly select data owners and utilize a single trapdoor to search across shared datasets. The integration of a warrant server that signs obfuscated keywords prevents the cloud server from launching effective keyword guessing attacks. The adoption of ROBDD enables complex access policies via boolean operations, thereby significantly enhancing the efficiency and flexibility of access control. Full policy hiding is achieved by mapping ROBDD paths to an improved bloom filter, preventing access policy leakage. We present formal definitions and security models of the proposed approach, along with rigorous security proofs. Performance evaluation is conducted through theoretical analysis and simulations. Experimental indicate that our scheme achieves superior efficiency over state-of-the-art alternatives, offering a robust solution for secure and flexible cloud data management.
External IDs:dblp:journals/tifs/MiaoLLCZS26
Loading