Efficient Public Key Encryption With Outsourced Equality Test for Cloud-Based IoT Environments

Cloud-based Internet of Things (IoT) system is becoming a promising architecture in our modern society. However, cloud-based IoT system brings a number of challenges in the security aspect while improving the efficiency of data analytics. Especially, searching on encrypted data is challenging given today’s technology. Thus searchable encryption has emerged as one of the important research fields. Public key encryption with equality test (PKEET) provides a simple but useful mechanism to cryptographically protect data while keeping it available for equality test on ciphertexts. However, PKEET schemes in the literature are not suitable for cloud-based IoT system with privacy protection enhancement since the untrustworthy cloud server may be interested in query results by itself and hence reveal the private information of data owner out of the expectation of data user. Even worse, it could launch offline message recovery attack (OMRA) based on the returned query results. In this paper, we introduce a new notion of public key encryption with outsourced equality test (PKE-OET) for adapting to cloud-based IoT environments as well as providing a flexible solution to resist against OMRA without taking any information about entrusted parties as input in encryption. We formally define the security model of PKE-OET against three types of adversary including IND-CCA-I, IND-CCA-II and IND-CCA-III. We present a generic PKE-OET construction using a new variant of smooth projective hash function (SPHF) with a novel Lin-Hom property, which is of independent interest. Then we provide an efficient PKE-OET instantiation from Symmetric eXternal Diffie-Helllman (SXDH) assumption and show its practicality for cloud-based IoT environments through a series of experiments on Cloud Server and Raspberry Pi.