Towards Secure Data Retrieval for Multi-Tenant Architecture Using Attribute-Based Key Word Search

Searchable encryption mechanism and attribute-based encryption (ABE) are two effective tools for providing fine-grained data access control in the cloud. Researchers have also taken their advantages to present searchable encryption schemes based on ABE and have achieved significant results. However, most of the existing key word search schemes based on ABE lack the properties of key exposure protection and highly efficient key updating when key leakage happens. To better tackle these problems, we present a key insulated attribute-based data retrieval scheme with key word search (KI-ABDR-KS) for multi-tenant architecture. In our scheme, a data owner can make a self-centric access policy of the encrypted data. Only when the possessing attributes match with the policy can a receiver generate a valid trapdoor and search the ciphertext. The proposed KI-ABDR-KS also provides full security protection when key exposure happens, which can minimize the damage brought by key exposure. Furthermore, the system public parameters remain unchanged during the process of key updating; this will reduce the considerable overheads brought by parameters synchronization. Finally, our KI-ABDR-KS is proven to be secure under chosen-keyword attack and achieves better efficiency compared to existing works.