Go to OpenReview Public Article ORCID homepageToward Efficient Multi-User Access Control Encrypted Search for Web Data Management
Abstract: Web data management has become crucial to data sharing among users and servers. One promising approach to guaranteeing the privacy of shared data is searchable encryption (SE), which allows users to outsource encrypted data to the web server, which can then respond confidentially to keyword queries. Several SE schemes support access control to meet data-sharing requirements. However, several works (e.g. Zhang TSC’23, Zhang TCC’21) only focus on single-user access control and ignore the need for multi-user scenarios. Besides, a malicious data owner may send useless ciphertexts to the web server, potentially making the system insecure and impractical (e.g. Wang TPDS’22, Xu TDSC’20). As a result, research regarding owner authentication and multi-user access control in SE schemes remains underexplored. In this work, we construct SEOMA, the first multi-keyword encrypted search primitive supporting owner authentication and multi-user access control for Web data management. Unlike existing solutions, our design achieves owner authentication and multi-user access control simultaneously in a malicious setting. We incorporate attribute encryption to realize the attribute authentication for a data owner. Then, we leverage the policy tree and linear secret-sharing techniques to achieve hierarchical access control for users. We also formalize and demonstrate its security in a random oracle model by reducing to the DBDH and CBDH problem. Eventually, we conduct comprehensive performance evaluations compared to existing state-of-the-art schemes. Specifically, the computation and communication overhead is only 0.05-0.4× and 0.07-0.47× compared to prior arts, respectively.
External IDs:doi:10.1109/tdsc.2025.3615931
Loading