Blockchain-Assisted Verifiable and Multi-User Fuzzy Search Encryption Scheme

Searchable encryption (SE) allows users to efficiently retrieve data from encrypted cloud data, but most of the existing SE solutions only support precise keyword search. Fuzzy searchable encryption agrees with practical situations well in the cloud environment, as search keywords that are misspelled to some extent can still generate search trapdoors that are as effective as correct keywords. In scenarios where multiple users can search for ciphertext, most fuzzy searchable encryption schemes ignore the security issues associated with malicious cloud services and are inflexible in multi-user scenarios. For example, in medical application scenarios where malicious cloud servers may exist, diverse types of files need to correspond to doctors in the corresponding departments, and there is a lack of fine-grained access control for sharing decryption keys for different types of files. In the application of medical cloud storage, malicious cloud servers may return incorrect ciphertext files. Since diverse types of files need to be guaranteed to be accessible by doctors in the corresponding departments, sharing decryption keys with the corresponding doctors for different types of files is an issue. To solve these problems, a verifiable fuzzy searchable encryption with blockchain-assisted multi-user scenarios is proposed. Locality-sensitive hashing and bloom filters are used to realize multi-keyword fuzzy search, and the bigram segmentation algorithm is optimized for keyword conversion to improve search accuracy. To realize fine-grained access control in multi-user scenarios, ciphertext-policy attribute-based encryption (CP-ABE) is used to distribute the shared keys. In response to the possibility of malicious servers tampering with or falsifying users’ search results, the scheme leverages the blockchain’s technical features of decentralization, non-tamperability, and traceability, and uses smart contracts as a trusted third party to carry out the search work, which not only prevents keyword-guessing attacks within the cloud server, but also solves the verification work of search results. The security analysis leads to the conclusion that the scheme is secure under the adaptively chosen-keyword attack. © 2024 by the authors.