Scalable CCA-secure public-key authenticated encryption with keyword search from ideal lattices in cloud computing

Public-key authenticated encryption with keyword search (PAEKS) is an important cryptographic primitive for realizing effective and confidential searches on encrypted data in cloud computing. Several PAEKS schemes with various appealing functionalities have been proposed in the literature. Nevertheless, most of them are based on the classical numbertheoretic assumptions and are impossible to resist quantum attacks. Their security is only proven against chosen-keyword attacks and is considered insufficient. Fortunately, ringLWE and ring-ISIS problems reduced from the worst-case ideal lattices are believed to be post-quantum secure and could be improved computational efficiency in constructions. In this paper, we propose a scalable PAEKS scheme based on ring-LWE and ring-ISIS by adopting the ring analog of lattice algorithms of both digital signature and searchable encryption schemes, in which signature algorithms are used to authenticate ciphertext, making our PAEKS resistant to insider keyword guessing attacks. The scheme is also proved secure against chosen-ciphertext attacks and token privacy attacks. In addition, we extend the PAEKS scheme to conjunctive keywords and multi-user settings to allow for realistic promotion. We finally implement our schemes and compare them with related counterparts, which shows that our constructions are efficient in practical applications. (c) 2022 Elsevier Inc. All rights reserved.