钥匙交换的运作程序.pptVIP

Public Key Encryption with keyword Search Author: Dan Boneh Rafail Ostroversity Giovanni Di Crescenzo Giuseppe Persiano Presenter: 陳昱圻 Problem(1/2) Pre-stored data Search Ciphertext user untrusted server Problem(2/2) User1(Alice) User2(Bob) receive send mail server Properties Query isolation: The un-trusted server can not learn anything more about the plaintext than the search result. Controlled searching: The un-trusted server can not search for an arbitrary word without the user’s authorization. Hidden queries: The user may ask the un-trusted server to search for a secret word without revealing the word to the server. Public key encryption with search: definitions (1/4) Bob wants to mail to Alice, then he sends the following message: Our goal is to enable Alice to send Tw to mail server that will enable the server to all messages containing the keyword W. And server simply sends the relevant email back to Alice. We call it “search public-key encryption”. Public key encryption with search: definitions (2/4) User1(Alice) User2(Bob) receive Send mail server Search Bob’s Public key encryption with search: definitions (3/4) Def. A non-interactive public key encryption with keyword search scheme consists of the following polynomial time randomized algorithms: Public key encryption with search: definitions (4/4) PEKS implies Identity Based Encryption Public key encryption with keyword search is related to Identity Based Encryption (IBE). Constructing a secure PEKS appears to be a harder problem than constructing an IBE. Lemma 2.3 A non-interactive searchable encryption scheme (PEKS) that is semantically secure against an adaptive chosen keyword attack gives rise to a chosen ciphertext secure IBE system (IND-ID-CCA). PEKS implies Identity Based Encryption Proof sketch: Given a PEKS (KeyGen, PEKS, Trapdoor, Test) the IBE system is as follow: 1. Setup: Run the PEKS KeyGen algorithm to generate . The IBE system parameter are . The master-ke