Security analysis of a certificateless authenticated searchable encryption scheme

Message:
Article Type:
Research/Original Article (دارای رتبه معتبر)
Abstract:

Certificateless searchable encryption is a cryptographic concept that simultaneously preserves data confidentiality and enables search over encrypted texts. There exist many certificateless searchable encryption schemes in the literature; however, most of them are based on computationally inefficient bilinear pairing operations. Pairing-based cryptographic schemes are not suitable for resource-constrained devices and consequently, researchers are seeking to provide pairing-free cryptographic schemes to enhance efficiency. Recently, Senouci et al. proposed a pairing-free certificateless searchable encryption scheme and claimed that their scheme outperforms other existing schemes in terms of security features, computational costs, and communication costs. However, in this paper, we disprove Senouci et al.’s claims and show that their scheme suffers from several significant security issues. More specially, we first show that their scheme is not actually a certificateless scheme. In other words, we show that in their scheme, an adversary can impersonate any user and perform cryptographic operations that should only be executable by the actual user. Then, we prove that Senouci et al.’s scheme does not meet ciphertext and trapdoor indistinguishability which are the essential security requirements of a searchable encryption scheme.

Language:
Persian
Published:
Journal Monadi for Cyberspace Security (AFTA), Volume:13 Issue: 2, 2024
Pages:
65 to 74
https://www.magiran.com/p2829764  
سامانه نویسندگان
  • Atiye Sadeghi
    Author (2)
    MSc Graduated Cryptography and Code, Applied mathematics, Mathematical sciences, University Of Alzahra, Tehran, Iran
    Sadeghi، Atiye
اطلاعات نویسنده(گان) توسط ایشان ثبت و تکمیل شده‌است. برای مشاهده مشخصات و فهرست همه مطالب، صفحه رزومه را ببینید.