A Searchable Hierarchical Conditional Proxy Re-Encryption Scheme for Cloud Storage Services

As cloud technologies thrive, researches in the field of cloud storage have switched their focus from encryption-decryption techniques that help data owners protect their privacy and data confidentiality to the application of searching techniques on encrypted data while maintaining high level security and privacy of outsource data. To begin with, Song et al. offered some practical techniques for searches on encrypted data. After that, Weng et al. presented their conditional proxy re-encryption scheme where the data owner can decide which ciphertext satisfies a certain keyword condition set and then can have the retrieved data re-encrypted by the semi-trusted proxy server. The basic concepts of the above schemes are indeed quite innovative and do lead the way towards the solutions to the major practical cloud storage application problems; however, of all the researches that follow, none has had both searching on encrypted data and conditional proxy re-encryption combined. In this paper, we propose a new scheme for cloud storage services that integrates keyword search with conditional proxy re-encryption. This say, with a newly added keyword or new proxy, the cloud service provider is able to generate a hierarchical key. As far as data security is concerned, our scheme provides proven data owner authentication, re-delegation, and chosen-ciphertext security. The superior performance of the proposed scheme has been established by comparing it with related works, and our security analysis as well as BAN logic correctness check also offered solid proof that the new scheme is both secure and practical.