STR-ABKS: Server-Aided Traceable and Revocable Attribute-Based Encryption With Keyword Search

Attribute-based encryption with keyword search (ABKS) is a powerful cryptographic primitive achieving search functionality and access control for the encrypted data outsourced to the cloud. Traceability and revocability are two significant requirements for ABKS system that enable tracing the owner of a maliciously leaked secret key and revoking the key. Recently, Varri et al. proposed two ABKS schemes with traceability and revocability in the IEEE Internet of Things Journal and Journal of Systems Architecture. However, we present a cryptanalysis demonstrating that neither of these two schemes is secure against the chosen keyword attack (CKA), which is a fundamental security requirement for ABKS system. In this article, we put forward a notion called server-aided traceable and revocable ABKS (STR-ABKS) and present a concrete STR-ABKS construction. In addition to traceability, revocability and CKA resistance, our STR-ABKS construction enjoys several notable features: 1) Large Universe Attributes: This property enlarges the practical applications by supporting a flexible number of attributes; 2) Constant User Secret Key: The user’s secret key is not related to attributes as in other ABKS schemes; 3) Fast Tracing: Tracing a constant user secret key only requires two pairing operations; and 4) Constant Trapdoor: The size of the trapdoor inherits the size of the user secret key used to generate it. Overall, our construction offers both security, functionality and practical efficiency.