Lattice-based public-key encryption with equality test supporting flexible authorization in standard model

As cloud computing has developed rapidly, outsourcing data to cloud servers for remote storage has become an attractive trend. However, when cloud clients store their data in the cloud, the security and privacy of cloud data would be threatened due to accidental corruptions or purposive attacks caused by a semi-trusted cloud server. The widely used method of addressing the security and privacy of cloud data is to store encrypted data instead of plain data. As the resulting system is unusable, since the cloud can no longer search throughout the data, new cryptographic primitive such as public-key encryption with equality test (PKEET) has been introduced. PKEET has many interesting applications such as keyword search on encrypted data, encrypted data partitioning for efficient encrypted data management, personal health record systems, spam filtering in encrypted email systems and so forth. PKEET allows checking whether two ciphertexts encrypted under different public keys contain the same message or not. However, unrestricted access to equality tests can reveal information about the underlying data. This is not acceptable in respect of users' privacy. In 2015, Ma et al. introduce the notion of PKEET with flexible authorization (PKEET-FA) which strengthens privacy protection. Since 2015, there are several follow-up works on PKEET-FA. However, all are secure in the random oracle model and vulnerable to quantum attacks. In this paper, we provide two constructions of quantum-safe PKEET-FA secure in the standard model based on the hardness assumptions of integer lattices and ideal lattices. Finally, we implement the PKEET-FA scheme over ideal lattices. (c) 2022 Elsevier B.V. All rights reserved.

Automated summary

As cloud computing continues to advance, storing data in cloud servers has become a popular outsourcing trend. However, this raises concerns about the security and privacy of cloud data. To address these concerns, new cryptographic primitives such as PKEET and PKEET-FA have been introduced. This paper presents two constructions of quantum-safe PKEET-FA in the standard model based on different assumptions.