TCA-PEKS: Trusted certificateless authentication public-key encryption with keyword search scheme in cloud storage

Public key encryption with keyword search (PEKS) technology is capable of achieving accurate ciphertext retrieval while protecting data privacy. However, curious or malicious semi-trusted cloud servers can cause privacy breaches, which then creates a trust problem for ciphertext management and searching. To address this problem, we propose a trusted certificateless authentication public-key encryption with a keyword search scheme in cloud storage (TCA-PEKS), which ensuring trusted retrieval, simultaneously resolves the problems of key escrow and certificate management that exist in PEKS. In the scheme, the security of the ciphertext storage and verifications are strengthened based on blockchain non-tampering features, which assists users in verifying the correctness of a file. In particular, we construct an open and transparent smart contract to limit the malicious behaviour of cloud servers, in which the user's complete private key splits the secret value and the partial private key, further guaranteeing the correctness of the retrieval process. Finally, the scheme is proven to satisfy ciphertext and trapdoor indistinguishability under the random oracle model, and the performance evaluation results show that the scheme is highly efficient.