SPKSE: secure public key searchable encryption withstand keyword guessing attacks
Abstract Public Key Searchable Encryption (PKSE) enables secure keyword searches over encrypted data, making it a critical tool for outsourced storage systems. However, existing PKSE schemes remain vulnerable to two types of keyword guessing attacks: offline attacks, where adversaries leverage the p...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Nature Portfolio
2025-06-01
|
| Series: | Scientific Reports |
| Subjects: | |
| Online Access: | https://doi.org/10.1038/s41598-025-01454-9 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850223963707277312 |
|---|---|
| author | Dongxian Shi Ming Xu Chengtang Cao Hongbing Cheng |
| author_facet | Dongxian Shi Ming Xu Chengtang Cao Hongbing Cheng |
| author_sort | Dongxian Shi |
| collection | DOAJ |
| description | Abstract Public Key Searchable Encryption (PKSE) enables secure keyword searches over encrypted data, making it a critical tool for outsourced storage systems. However, existing PKSE schemes remain vulnerable to two types of keyword guessing attacks: offline attacks, where adversaries leverage the public key to systematically generate and test indices for potential keywords, and online attacks, where attackers inject spurious documents to infer queried keywords based on server responses. While most schemes focus on mitigating offline attacks, they often fail to address online threats, leaving the system susceptible to query inference attacks. To address these limitations, we propose a PKSE scheme that simultaneously defends against both offline and online keyword guessing attacks. Our design introduces two key mechanisms: first, by embedding the sender’s private key into the index ciphertext generation, we prevent adversaries from forging valid ciphertexts, effectively mitigating offline guessing attacks; second, through a re-randomization mechanism applied to matched ciphertexts, we eliminate query response patterns, preventing online attackers from linking ciphertexts to keywords. We formally define the security model, rigorously prove the scheme’s resilience against both attacks, and conduct a comprehensive performance evaluation. Experimental results demonstrate that our approach achieves a strong balance between security and efficiency, making it well-suited for real-world encrypted search applications. |
| format | Article |
| id | doaj-art-3068973cf3e342e4b96a8f2169da27a4 |
| institution | OA Journals |
| issn | 2045-2322 |
| language | English |
| publishDate | 2025-06-01 |
| publisher | Nature Portfolio |
| record_format | Article |
| series | Scientific Reports |
| spelling | doaj-art-3068973cf3e342e4b96a8f2169da27a42025-08-20T02:05:46ZengNature PortfolioScientific Reports2045-23222025-06-0115111410.1038/s41598-025-01454-9SPKSE: secure public key searchable encryption withstand keyword guessing attacksDongxian Shi0Ming Xu1Chengtang Cao2Hongbing Cheng3School of Cyberspace, Hangzhou Dianzi UniversitySchool of Cyberspace, Hangzhou Dianzi UniversityDepartment of Big Data and Information Engineering, Guizhou Industry Polytechnic CollegeZhejiang University of Technology, College of ComputerAbstract Public Key Searchable Encryption (PKSE) enables secure keyword searches over encrypted data, making it a critical tool for outsourced storage systems. However, existing PKSE schemes remain vulnerable to two types of keyword guessing attacks: offline attacks, where adversaries leverage the public key to systematically generate and test indices for potential keywords, and online attacks, where attackers inject spurious documents to infer queried keywords based on server responses. While most schemes focus on mitigating offline attacks, they often fail to address online threats, leaving the system susceptible to query inference attacks. To address these limitations, we propose a PKSE scheme that simultaneously defends against both offline and online keyword guessing attacks. Our design introduces two key mechanisms: first, by embedding the sender’s private key into the index ciphertext generation, we prevent adversaries from forging valid ciphertexts, effectively mitigating offline guessing attacks; second, through a re-randomization mechanism applied to matched ciphertexts, we eliminate query response patterns, preventing online attackers from linking ciphertexts to keywords. We formally define the security model, rigorously prove the scheme’s resilience against both attacks, and conduct a comprehensive performance evaluation. Experimental results demonstrate that our approach achieves a strong balance between security and efficiency, making it well-suited for real-world encrypted search applications.https://doi.org/10.1038/s41598-025-01454-9Proxy re-encryptionPublic key searchable encryptionKeyword guessing attackCloud storage |
| spellingShingle | Dongxian Shi Ming Xu Chengtang Cao Hongbing Cheng SPKSE: secure public key searchable encryption withstand keyword guessing attacks Scientific Reports Proxy re-encryption Public key searchable encryption Keyword guessing attack Cloud storage |
| title | SPKSE: secure public key searchable encryption withstand keyword guessing attacks |
| title_full | SPKSE: secure public key searchable encryption withstand keyword guessing attacks |
| title_fullStr | SPKSE: secure public key searchable encryption withstand keyword guessing attacks |
| title_full_unstemmed | SPKSE: secure public key searchable encryption withstand keyword guessing attacks |
| title_short | SPKSE: secure public key searchable encryption withstand keyword guessing attacks |
| title_sort | spkse secure public key searchable encryption withstand keyword guessing attacks |
| topic | Proxy re-encryption Public key searchable encryption Keyword guessing attack Cloud storage |
| url | https://doi.org/10.1038/s41598-025-01454-9 |
| work_keys_str_mv | AT dongxianshi spksesecurepublickeysearchableencryptionwithstandkeywordguessingattacks AT mingxu spksesecurepublickeysearchableencryptionwithstandkeywordguessingattacks AT chengtangcao spksesecurepublickeysearchableencryptionwithstandkeywordguessingattacks AT hongbingcheng spksesecurepublickeysearchableencryptionwithstandkeywordguessingattacks |