Blockchain-Based Dynamic Multi-User Searchable Encryption Scheme

0
0
0

Blockchain-Based Dynamic Multi-User Searchable Encryption Scheme

Introduction

The rapid development of cloud computing has revolutionized data storage and processing, enabling users to store vast amounts of data remotely. However, storing sensitive data in the cloud raises significant security and privacy concerns. To address these issues, searchable encryption (SE) has emerged as a promising solution, allowing users to search encrypted data without decrypting it. Traditional single-user searchable encryption schemes, however, are insufficient for multi-user environments where data sharing is essential.

This paper introduces a novel Blockchain-Based Dynamic Multi-User Searchable Encryption Scheme that overcomes the limitations of existing approaches. The proposed scheme leverages identity-based cryptography (IBC) and blockchain technology to enhance security, efficiency, and flexibility in multi-user cloud storage environments. Unlike previous solutions, this scheme supports dynamic user updates, prevents key leakage risks, and resists keyword guessing attacks—all while operating in the standard model for provable security.

Background and Motivation

Challenges in Existing Searchable Encryption Schemes

  1. Single-User Limitations: Traditional SE schemes are designed for single-user scenarios, making them impractical for environments where multiple users need access to encrypted data.

  2. Key Management Issues: Public Key Infrastructure (PKI)-based SE schemes suffer from certificate management overhead, while symmetric SE schemes require secure key distribution, which is difficult to scale.

  3. Static Authorization: Many multi-user SE schemes do not support dynamic updates, meaning authorized user lists remain fixed, limiting flexibility in real-world applications.

  4. Security Vulnerabilities: Some schemes rely on random oracle models for security proofs, which may not hold in practical implementations. Additionally, keyword guessing attacks and key leakage risks remain significant threats.

The Role of Blockchain in Searchable Encryption

Blockchain technology offers several advantages for SE schemes: • Decentralization: Eliminates single points of failure.

• Immutable Ledger: Ensures tamper-proof transaction records.

• Smart Contracts: Enable automated and secure data sharing.

• Distributed Key Generation: Prevents single-key compromise.

By integrating blockchain, the proposed scheme enhances trust, security, and efficiency in multi-user SE systems.

System Model and Design

Entities in the Proposed Scheme

  1. Private Key Generator (PKG): Generates cryptographic keys for users.
  2. Data Sender (DS): Encrypts data and keyword indexes before uploading to the cloud.
  3. Data User (DU): Searches encrypted data using trapdoors.
  4. Cloud Server (CS): Stores encrypted data and performs search operations.
  5. Blockchain Nodes (BC): Assist in distributed time-key generation and user authorization management.

Key Algorithms

  1. Setup: Initializes system parameters and master keys.
  2. Private Key Generation: Assigns identity-based keys to users.
  3. Distributed Time-Key Generation: Uses Pedersen (t, N) secret sharing to prevent single-key compromise.
  4. Time-Key Request: Authorized users request time-bound keys from blockchain nodes.
  5. Ciphertext Generation: Encrypts keywords for secure storage.
  6. Trapdoor Generation: Allows authorized users to generate search queries.
  7. Test Algorithm: Performs keyword matching on encrypted data.
  8. Time-Key Update: Refreshes keys periodically for forward security.
  9. User Update: Dynamically adds or revokes user access.

Security Analysis

Security Properties

  1. Ciphertext Indistinguishability: Ensures that ciphertexts reveal no information about keywords.
  2. Trapdoor Indistinguishability: Prevents adversaries from distinguishing between trapdoors.
  3. Resistance to Keyword Guessing Attacks: Uses authenticated encryption to thwart internal and external attacks.
  4. Dynamic User Management: Supports secure addition and revocation of users.

Security Proofs

The scheme is proven secure in the standard model under the Decisional Diffie-Hellman (DDH) assumption, ensuring stronger security guarantees than random oracle-based approaches.

Performance Evaluation

Computational Efficiency

The proposed scheme avoids costly hash-to-point operations and minimizes bilinear pairing computations, making it more efficient than existing solutions.

Comparison with Existing Schemes

  1. Ciphertext Generation: Requires only linear hash operations and scalar multiplications, outperforming schemes that rely on bilinear pairings.
  2. Trapdoor Generation: More efficient due to fewer cryptographic operations.
  3. Testing Phase: Balances security and efficiency by reducing pairing computations.

Experimental Results

Simulations confirm that the scheme scales well with increasing numbers of users, maintaining low computational overhead while ensuring strong security guarantees.

Conclusion

This paper presents a Blockchain-Based Dynamic Multi-User Searchable Encryption Scheme that addresses key challenges in secure cloud data sharing. By integrating identity-based cryptography and blockchain-assisted key management, the scheme achieves: • Dynamic user updates for flexible access control.

• Provable security in the standard model.

• Resistance to keyword guessing attacks.

• Efficient computation suitable for cloud environments.

Future work will explore pairing-free constructions and multi-keyword search capabilities to further enhance efficiency and functionality.

For more details, refer to the full paper: https://doi.org/10.19734/j.issn.1001-3695.2024.05.0247

Was this helpful?

0 / 0