Designated-tester Identity-Based Authenticated Encryption with Keyword Search with applications in cloud systems

The advent of cloud computing has made cloud server outsourcing increasingly popular among data owners. However, the storage of sensitive data on cloud servers engenders serious challenges for the security and privacy of data. Public Key Authenticated Encryption with Keyword Search (PAEKS) is an effective method that protects information confidentiality and supports keyword searches. Identity -Based Authenticated Encryption with Keyword Search (IBAEKS) is a PAEKS variant in identity -based settings, designed for solving the intractable certificate management problem. To the best of our knowledge, only two IBAEKS schemes exist in the literature, both presented with weak security models that make them vulnerable against what is known as Fully Chosen Keyword attacks. Moreover, the existing IBAEKS schemes are based on the time-consuming bilinear pairing operation, leading to a significant increase in computational cost. To overcome these issues, in this paper, we first propose an enhanced security model for IBAEKS and compare it with existing models. We then prove that the existing IBAEKS schemes are not secure in our enhanced model. We also propose an efficient pairing -free dIBAEKS scheme and prove that it is secure under the enhanced security model. Finally, we compare our proposed scheme with related constructions to indicate its overall superiority.